![]() By attaching the encrypted document in an email it was possible to transfer the file to an attacker’s email address. I explained them that another way was via Outlook. ![]() However, the client requested if it was possible to achieve the same result but not using Internet Explorer. ![]() This allowed me to bypass the filters and accomplish the goal. I encrypted a document in a zip file and then uploaded it to a web server controlled by Dionach. Although it implemented some sort of web filtering, Internet access was allowed. The easiest way to transfer data was through their web proxy. One particular requirement of this test was to see whether I could transfer files back and forth between my local computer and the remote environment. During a recent engagement I was asked to perform a penetration test of a Citrix environment.
0 Comments
Leave a Reply. |