Saturday, 12 March 2016

Citrix XenApp Open Command Prompt in Restricted Environment

Recently I came across interesting stuff related to Citrix XenApp
Although its very simple to perform but important to know what a normal user can do in Restricted Environment.

How can you test what is possible in restricted Citrix Environment?

Scenario : You have just given access to outlook application by default.

Isn't it interesting if User who has access to Citrix environment is able to ex-filtrate data on the machine to outside world ?

Test Cases (Simple and Old techniques) :

  1. Open "Save As"
  2. Attempt to create Text file 
  3. Edit text files and add "cmd.exe" and save as "file.bat"
  4. Right click and execute "file.bat"
  5. It should execute command prompt in Citrix environment.
  6. You can also attempt to open Help and search for "How to open command prompt" , it should show you - Click here to open command prompt
  7. You can further attempt to perform 
    1. Privilege escalation
    2. Attempt to ex-filtrate data via Browser by opening "iexplore.exe"
Links you can refer for reviewing Citrix configurations

Link 1
Link 2
Link 3
Link 4

These are some of the simple and old ways an user can open command prompt and perform restricted operations in Citrix Environment.

No comments:

Post a Comment