Remko Weijnen's Blog (Remko's Blog)
About Virtualization, VDI, SBC, Application Compatibility and anything else I feel like
I am working on a launcher tool for Citrix XenApp that can not only connect to a published application or published desktop but can also leverage Citrix Workspace Control to reconnect to disconnected and/or active sessions.
There doesn’t seem to be any sdk that exposed the data we need so I am trying to reproduce what the Citrix online plugi-in does.
I used a HTTP monitoring tool to capture the traffic between the Online plug-in and the Web Interface. First the online plug-in will retrieve the config.xml from the server specified via the Change Server option:
The config.xml is a rather large xml file, the interesting part is the Request.Enumeration (I left out the other data):
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 | <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE PNAgent_Configuration SYSTEM "PNAgent.dtd"[]> <PNAgent_Configuration xmlns:xsi="http://www.w3.org/2000/10/XMLSchema-instance"> <Request> <Enumeration> <Location replaceServerLocation="true" modifiable="true" forcedefault="false" RedirectNow="false">http://2003xa/Citrix/PNAgent/enum.aspx</Location> <Smartcard_Location replaceServerLocation="true">https://2003xa/Citrix/PNAgent/smartcard_enum.aspx</Smartcard_Location> <Integrated_Location replaceServerLocation="true">http://2003xa/Citrix/PNAgent/integrated_enum.aspx</Integrated_Location> <Refresh> <OnApplicationStart modifiable="false" forcedefault="true">true</OnApplicationStart> <OnResourceRequest modifiable="false" forcedefault="true">false</OnResourceRequest> <Poll modifiable="false" forcedefault="true"> <Enabled>true</Enabled> <Period>6</Period> </Poll> </Refresh> </Enumeration> <Resource> <Location replaceServerLocation="true" modifiable="true" forcedefault="false" RedirectNow="false">http://2003xa/Citrix/PNAgent/launch.aspx</Location> <Smartcard_Location replaceServerLocation="true">https://2003xa/Citrix/PNAgent/smartcard_launch.aspx</Smartcard_Location> <Integrated_Location replaceServerLocation="true">http://2003xa/Citrix/PNAgent/integrated_launch.aspx</Integrated_Location> </Resource> <Reconnect> <Location replaceServerLocation="true" modifiable="true" forcedefault="false" RedirectNow="false">http://2003xa/Citrix/PNAgent/reconnect.aspx</Location> <Smartcard_Location replaceServerLocation="true">https://2003xa/Citrix/PNAgent/smartcard_reconnect.aspx</Smartcard_Location> <Integrated_Location replaceServerLocation="true">http://2003xa/Citrix/PNAgent/integrated_reconnect.aspx</Integrated_Location> </Reconnect> <Change_Password> <Location replaceServerLocation="true" modifiable="true" forcedefault="false" RedirectNow="false">http://2003xa/Citrix/PNAgent/change_password.aspx</Location> </Change_Password> <MachineControl> <Location replaceServerLocation="true">http://2003xa/Citrix/PNAgent/desktopControl.aspx</Location> <Smartcard_Location replaceServerLocation="true">https://2003xa/Citrix/PNAgent/smartcard_desktopControl.aspx</Smartcard_Location> <Integrated_Location replaceServerLocation="true">http://2003xa/Citrix/PNAgent/integrated_desktopControl.aspx</Integrated_Location> </MachineControl> </Request> </PNAgent_Configuration> |
From this xml data, the enum.aspx url is taken and another HTTP post is sent to that url which contains the following xml in my case:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE NFuseProtocol SYSTEM "NFuse.dtd"><NFuseProtocol version="4.6"> <RequestReconnectSessionData> <Credentials> <UserName>administrator</UserName> <Password encoding="ctx1">NFHALEBBMHGCLEBBMDGGKMAJNOHLLKBP</Password> <Domain type="NT">CONTOSO</Domain> </Credentials> <ClientName>REMLAPTOP</ClientName> <ClientName>REMLAPTOP</ClientName> <ServerType>win32</ServerType> <ClientType>ica30</ClientType> <SessionType>disconnected</SessionType> <SessionType>active</SessionType> </RequestReconnectSessionData> </NFuseProtocol> |
Notice that the password is encoded so if we want to replicate the HTTP post data we need to be able to encode (and perhaps decode) the password.
The decoding seems to be named Ctx1 but I couldn’t find any information on how it should be encoded so I had to find it out myself.
I wrote a tool that that can encode and decode the passwords and I suspect the password decoding is the same as used for storing passwords in ica files (I haven’t checked that yet…):
The tool can be downloaded below.
Citrix Password Encoding & Decoding Utility (8271 downloads )
Please consider donating something (even a small amount is ok) to support this site and my work:
Filed under: Citrix
Profile
Top Posts
- Query Active Directory from Excel
- RNS 510 Startup Logo–My thoughts
- Adding a hidden Exchange mailbox to Outlook
- How rdp passwords are encrypted
- Get Actual CPU Clock Speed with PowerShell
- ClickOnce Applications in Enterprise Environments
- VW RNS 510 Navigation Startup Pictures
- Unattended Installation of IBM System i Access for Windows
- Reading physical memory size from the registry
- Show Client IP Address when using NetScaler as a Reverse Proxy
Recent Comments
Featured Downloads
- AClientFix (13595 downloads )
- AddPrinter2.zip (12854 downloads )
- AdProps (12379 downloads )
- AdSample1 (11432 downloads )
- AMD Radeon Crimson ReLive (25930 downloads )
- Atheros Driver (34019 downloads )
- AutoLogonXP 1.0 (11404 downloads )
- CDZA (9560 downloads )
- ChDrvLetter.zip (11217 downloads )
- ChDrvLetter.zip (14356 downloads )
Blogroll
- Andrew Morgan
- Arnout’s blog
- Assa’s Blog
- Barry Schiffer
- Delphi Praxis
- Ingmar Verheij
- Jedi Api Blog
- Jedi API Library
- Jeroen Tielen
- Kees Baggerman
Categories
- .NET (4)
- Active Directory (28)
- Altiris (36)
- App-V (1)
- Apple (5)
- Application Compatibility (11)
- Automotive (5)
- AWS (1)
- BootCamp (1)
- C# (6)
- C++ (2)
- Citrix (87)
- Delphi (61)
- Embedded (4)
- Exchange (16)
- General (71)
- iPhone (5)
- Java (8)
- Linux (1)
- Lync (2)
- NetScaler (1)
- Oracle (4)
- Other (1)
- Packaging (19)
- PowerShell (56)
- Programming (79)
- Quest (1)
- RES (7)
- script (22)
- ShareFile (1)
- SQL Server (10)
- Strange Error (3)
- Terminal Server (68)
- ThinApp (3)
- ThinKiosk (1)
- Ubuntu (1)
- Unattended Installation (19)
- Uncategorized (51)
- UWP (2)
- Vista (37)
- Visual Studio (1)
- VMWare (26)
- Windows 10 (2)
- Windows 2003 (30)
- Windows 2008 (37)
- Windows 2008 R2 (16)
- Windows 2012 (2)
- Windows 7 (30)
- Windows 8 (4)
- Windows Internals (12)
- Windows XP (16)
Archives
- February 2023 (1)
- October 2022 (3)
- July 2022 (1)
- June 2022 (2)
- October 2019 (1)
- March 2018 (1)
- January 2018 (4)
- December 2017 (3)
- April 2017 (1)
- March 2017 (5)
- February 2017 (4)
- May 2016 (3)
- March 2016 (1)
- October 2015 (2)
- September 2015 (1)
- January 2015 (1)
- August 2014 (1)
- July 2014 (8)
- May 2014 (1)
- November 2013 (1)
- October 2013 (2)
- September 2013 (3)
- August 2013 (4)
- June 2013 (2)
- May 2013 (3)
- April 2013 (5)
- March 2013 (5)
- February 2013 (1)
- January 2013 (5)
- December 2012 (9)
- November 2012 (3)
- October 2012 (3)
- August 2012 (4)
- July 2012 (2)
- June 2012 (1)
- May 2012 (6)
- March 2012 (13)
- February 2012 (12)
- January 2012 (9)
- December 2011 (9)
- November 2011 (4)
- October 2011 (5)
- September 2011 (10)
- August 2011 (10)
- July 2011 (2)
- June 2011 (8)
- May 2011 (12)
- April 2011 (4)
- March 2011 (14)
- February 2011 (8)
- January 2011 (32)
- December 2010 (23)
- November 2010 (19)
- October 2010 (10)
- September 2010 (6)
- August 2010 (1)
- July 2010 (1)
- June 2010 (6)
- March 2010 (7)
- February 2010 (3)
- December 2009 (3)
- November 2009 (11)
- September 2009 (2)
- July 2009 (1)
- June 2009 (5)
- May 2009 (1)
- April 2009 (2)
- March 2009 (3)
- February 2009 (6)
- January 2009 (3)
- December 2008 (8)
- November 2008 (5)
- October 2008 (3)
- September 2008 (3)
- August 2008 (3)
- June 2008 (6)
- May 2008 (2)
- April 2008 (3)
- March 2008 (5)
- January 2008 (3)
- December 2007 (3)
- November 2007 (13)
- October 2007 (10)
6 Responses for "Encoding and Decoding Citrix Passwords"
Hi Remko,
I am recently looking for ways how to encrypt citrix password, and found your program can work well for me.
Could you teach me what’s the algorithm you used in this program?
[…] May After figuring out how to encode and decode the Citrix passwords my next step for the upcoming Citrix Launcher is experiment with config.xml and authenticating to […]
[…] Possible values: An encrypted password. Remko Weijnen has written a tool to Encode (and decode) Citrix Passwords, you can find the tool here. […]
[…] stored in RAM and regularly submits it off to the receiver (via an ica file connection). Remko has demonstrated before how to unhash this password, but nobody has yet discovered how to pull this information live […]
[…] while ago I published a tool to Encode and Decode Citrix passwords. Today I am publishing a small update to this tool […]
We are dealing with Citrix removed support for WISP, their component for interfacing with SharePoint.
We’re looking at implementing our own web part. As part of that effort I’m communicating NFuse protocol with the Citrix XML Service. However, I ran into a problem retrieving Tickets, where I seem to need a “ctx1” encoded password.
I’ve been searching for the algorithm for this encode/decode with no luck. Can you share or point us to where we can find further information on this algorithm?
Thanks in advance for any assistance you provide to our non-profit organization.
Peter
Leave a reply