Wednesday, October 10, 2007

If you want to hack something today...

In this post, I point out that it takes only moments to find a vulnerable system to hack with Google and SQL injection. This blog post by "pdp" shows another way, this time using Citrix instead of SQL. If you search for filetype:ica you'll find hundreds of systems that you can hack.

Citrix is a remote GUI, like VNC or X Windows or Microsoft Remote Desktop. It is a popular way for people to "host" applications. Usually its a way to provide remote access to a Windows application that was originally written to be local.

In most cases, you'll connect to an application with no specific user credentials. The security rests with the application Citrix is connecting you to. Most of these have trivial or no security, and will allow you to gain control of the entire system with just a few clicks. The blog by "pdp" shows a video of Citrix connecting to the "calc.exe" program (the Windows Calculator accessory) and then gaining a command-prompt.

However, you can usually edit the ".ica" file that the server gives you and enter a different application to run, such as "explorer.exe". You can also edit the user credentials. Google for filetype:ica ClearPassword for some extra special fun. If you read the content of the ".ica" files, you'll quickly find other tricks you can do in order to hack systems.

Last month, major news outlets reported that the Chinese had hacked the Pentagon. My mother asked me how this could be. The answer is: a teenager can find and hack a .mil or .gov system in minutes using Citrix, SQL injection, or a dozen other well-known techniques.


Tiago Pereira said...

Nice post im always wiling to learn something, my question to you is how can i read .ica files

thanks in advance

Robert Graham said...

how can i read .ica files


It's just a text file with name=value pairs.