| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 10 Oct 2007 14:05:28 -0400 From: <full-disclosure@...hmail.com> To: <full-disclosure@...ts.grok.org.uk>, <bugtraq@...urityfocus.com>, <pdp.gnucitizen@...glemail.com> Subject: Re: Remote Desktop Command Fixation Attacks -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SHUT UP VLADIS IF ANYONE CARED THEY WOULD JUST FREQUENT YOUR BLOG GET OFF THIS LIST THIS IS FOR SERIOUS SECURITY MATTERS ONLY On Wed, 10 Oct 2007 07:14:32 -0400 "pdp (architect)" <pdp.gnucitizen@...glemail.com> wrote: >http://www.gnucitizen.org/blog/remote-desktop-command-fixation- >attacks > >Security in depth does not exist! No matter what you do, dedicated >attackers will always be able to penetrate your network. >Seriously! >Information security is mostly about risk assessment and crisis >management. > >When it comes to exploitative penetration testing, I relay on >tactics >rather then exploits. I've already talked about how insecure >Remote >Desktop service could be. In this post I will show you how easy it >is >to compromise a well protected Windows Terminal or CITRIX server >with >a simple social engineering attack and some knowledge about the >platform we are about to exploit. > >The attack is rather simple. All the bad guys have to do is to >compose >a malicious RDP (for Windows Terminal Services) or ICA (for >CITRIX) >file and send it to the victim. The victim is persuaded to open >the >file by double clicking on it. When the connection is established, >the >user will enter their credentials to login and as such let the >hackers >in. Vicious! > >I have a more detailed explanation about the tactics behind this >attack. Because I don't want to spam people with tones of text, I >just >included a link which you can follow. Hope that this is useful and >at >the same time eye opening, not that it is something completely >amazing. But it does work and it works well. > >cheers. > >-- >pdp (architect) | petko d. petkov >http://www.gnucitizen.org > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcNFGgACgkQ+dWaEhErNvS4wwQAj8LqbxzIYoXodiXgspcs/YDG0/a8 oNPk3PsmOKHp7N7jVObIEDPjCgGHMRrPfHIEjys5EBTkVr/wq7/y6XPQLdyzIu5VyFE2 04q7slbdkrfImgByVX2itNYDJ5JlbzqrakxxZ9TVrNqqXtjWhw4IN90jDMo8tLoQT0V4 7xtyuiU= =mlsP -----END PGP SIGNATURE----- -- Click for free info on business schools, $150K/ year potential. http://tagline.hushmail.com/fc/Ioyw6h4dC6kbhaI6CLIgyWpO60jMWLXpHtbVzuYHwGilHWig7GUYZK/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists