[VulnWatch] Citrix Published Application Brute Forcer
From: wirepair (wirepair@roguemail.net)Date: 10/02/02
- Previous message: scrap: "[VulnWatch] CoolForum v 0.5 beta shows content of PHP files"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "wirepair" <wirepair@roguemail.net> To: bugtraq@securityfocus.com, vuln-dev@securityfocus.der-keiler.de, com@der-keiler.de, vulnwatch@vulnwatch.org, pen-test@securityfocus.com Date: Tue, 01 Oct 2002 18:33:29 -0700
This is a new design flaw that I discovered when trying to
break the 'only allow published applications' option. This
will attempt to brute force the application names that are
published by looking for a specific return datagram. All
other details are in the README. This file can be
downloaded at http://sh0dan.org/files/pubappbrute.tar.gz
It also includes a template pubapp file which contains
common published applications. Enjoy.
-wire
_____________________________
For the best comics, toys, movies, and more,
please visit <http://www.tfaw.com/?qt=wmf>
- application/x-gzip attachment: pubappbrute.tar.gz
- Previous message: scrap: "[VulnWatch] CoolForum v 0.5 beta shows content of PHP files"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
