In Citrix NFuseProtocol, password is encoded, not the one you typed. If you capture the traffic between Citrix Receiver and PNAgent (Now it is called XenApp Service) web site, you will see the typical post data.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE NFuseProtocol SYSTEM "NFuse.dtd"><NFuseProtocol version="4.6">
<RequestReconnectSessionData>
<Credentials>
<UserName>administrator</UserName>
<Password encoding="ctx1">NFHALEBBMHGCLEBBMDGGKMAJNOHLLKBP</Password>
<Domain type="NT">CONTOSO</Domain>
</Credentials>
<ClientName>REMLAPTOP</ClientName>
<ClientName>REMLAPTOP</ClientName>
<ServerType>win32</ServerType>
<ClientType>ica30</ClientType>
<SessionType>disconnected</SessionType>
<SessionType>active</SessionType>
</RequestReconnectSessionData>
</NFuseProtocol>
Ever wonder what is the original password of the encoded one "NFHALEBBMHGCLEBBMDGGKMAJNOHLLKBP"?
Here is the tool you can try.
For encode, do
citrixpassword.exe encode "password"
It will output the result
hash password = NFHALEBBMHGCLEBBMDGGKMAJNOHLLKBP .
For decode, do
citrixpassword.exe decode NFHALEBBMHGCLEBBMDGGKMAJNOHLLKBP
The result will be,
original password = password .
Don't ask me to publish the source code, I think it is not wise to do that. However the algorithm is very simple, just some XOR operations. You can work it out easily by disassembling my tool.
Reference
Encoding and Decoding Citrix Passwords
Friday, 10 January 2014
Mac OSX Authorization Rights and Rules.
Before Mavericks (OSX 10.9), right and rule are separated in authorization database, which is the file /etc/authorization.
The API AuthorizationRightGet/Set/Remove can only operate on rights. If you want to manipulate the rules, you have to modify the file /etc/authorization directly.
On Mavericks, the file is deprecated. Apple’s engineers have chosen to mix rights and rules in this single table. Now the API can operate on the rule as well as on the right. The security binary (the command security authorizationdb read/write ) also succeeds on read/write rules.
It is an improvement, although now I can't easily tell which is right, which is rule.
Read more...
References
Authbuddy
Authorization Rights and Mavericks
Modifying the OS X Mavericks Authorization Database
The API AuthorizationRightGet/Set/Remove can only operate on rights. If you want to manipulate the rules, you have to modify the file /etc/authorization directly.
On Mavericks, the file is deprecated. Apple’s engineers have chosen to mix rights and rules in this single table. Now the API can operate on the rule as well as on the right. The security binary (the command security authorizationdb read/write ) also succeeds on read/write rules.
It is an improvement, although now I can't easily tell which is right, which is rule.
Read more...
References
Authbuddy
Authorization Rights and Mavericks
Modifying the OS X Mavericks Authorization Database
Subscribe to:
Posts (Atom)
