However, eventually I came up with this solution which allowed me to transfer files quite easily via USB redirection. When you connect to the remote machine via Citrix on top of the Desktop Viewer there some configurations settings, but unfortunately it didn’t let me get very far.Ĭopy and Paste was disabled and I could not drag and drop files. I started messing around with Citrix preferences and settings. Not entirely convinced, the client asked me if there was another method in case within Citrix environment Internet access was completely denied. By attaching the encrypted document in an email it was possible to transfer the file to an attacker’s email address. I explained them that another way was via Outlook. However, the client requested if it was possible to achieve the same result but not using Internet Explorer. This allowed me to bypass the filters and accomplish the goal. #Citrix workspace download file to local machine zip fileI encrypted a document in a zip file and then uploaded it to a web server controlled by Dionach. Although it implemented some sort of web filtering, Internet access was allowed. The easiest way to transfer data was through their web proxy. One particular requirement of this test was to see whether I could transfer files back and forth between my local computer and the remote environment. During a recent engagement I was asked to perform a penetration test of a Citrix environment.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |