Citrix XenDesktop, XenServer, Receiver 5.6 SP2 Pass-The-Hash
2011-12-30 09:39
661 查看
Tested against: Citrix XenDesktop, XenServer, Receiver 5.6 SP2 (possibly other versions as well) By default, the authentication between the Citrix Receiver client to the Web interface is not configured to use SSL. If a company elects not to use SSL for this, the XML transaction between the receiver client and the Web Interface server to enum.aspx and launch.aspx contains the username and encoded password of the user. If an attacker can sniff this authentication traffic, they can use the encoded password to perform a "pass-the-hash" type attack to log in as the user via Citrix Receiver and gain access to the users Virtual Desktop(s). POST /Citrix/XDPNAgent/enum.aspx HTTP/1.1 Content-Type: application/x-www-form-urlencoded User-Agent: C:\PROGRA~1\Citrix\ICACLI~1\PNAMain.exe Host: xxx.xxx.xxx.xxx Content-Length: 705 Connection: Keep-Alive Cache-Control: no-cache <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE NFuseProtocol SYSTEM "NFuse.dtd"><NFuseProtocol version="4.6"><RequestAppData><Scope traverse="onelevel" type="PNFolder">$PRELAUNCH$</Scope><DesiredDetails>permissions</DesiredDetails><DesiredDetails>icon-info</DesiredDetails><DesiredDetails>all</DesiredDetails><ServerType>x</ServerType><ServerType>win32</ServerType><ClientType>ica30</ClientType><ClientType>content</ClientType><Credentials><UserName>domain\myuser</UserName><Password encoding="ctx1">ENCODEDPASSWORDHERE</Password><Domain type="NT"></Domain></Credentials><ClientName>COMPUTER01</ClientName><ClientAddress>xxx.xxx.xxx.xxx</ClientAddress></RequestAppData></NFuseProtocol> More information on how it works: http://eelsivart.blogspot.com/2011/12/citrix-receiver-xendesktop-pass-hash.html
相关文章推荐
- XenDesktop 5 SP1 和 XenServer 5.6 SP2正式发布
- Citrix(Xenserver,Xendesktop,Xenapp,VDI,PVS)产品下载链接地址
- 思杰Citrix Xendesktop Xenserver PVS
- Citrix XenDesktop 5.6 更改XML端口
- citrix xendesktop 5.6 部署到 vmware vsphere平台 部署步骤
- Citrix NetScaler铂金版外网使用Receiver登陆XenDesktop失败
- 云计算–Citrix桌面虚拟化 XenDesktop XenServer
- XenApp_XenDesktop_7.6实战篇之十八:Citrix XenDesktop 7.6Feature Pack 2 正式发布了
- Citrix XenDesktop DDC服务器安装指南
- Citrix XenDesktop VDA升级失败案例分析
- Microsoft Hyper-V Server 2008 R2和SCVMM2012部署XenDesktop 5.6桌面虚拟化系列之二准备虚拟桌面模板
- Hyper-V、SCVMM2012和XenDesktop 5.6桌面虚拟化运维之更新、添加和删除虚拟桌面 推荐
- 解决XenDesktop 5.6配置外置数据库时错误:Database collation sequence must be c...
- XenDesktop 5.6 &PVS6.1测试中出现的一例错误:Management Interface:Remote request failed
- Citrix XenDesktop
- citrix桌面虚拟XenDesktop
- 理想的Citrix桌面虚拟环境之5 - 将Provisioning Server加入到XenDesktop虚拟桌面系统
- Vmware 后台下Citrix Xendesktop 7.6实战篇之二 许可证申请
- Citrix XenDesktop 虚拟桌面 欢迎屏幕的清除方法
- Microsoft Hyper-V Server 2008 R2和SCVMM2012部署XenDesktop 5.6桌面虚拟化系列之三准备XenDesktop服务器