Mike Streetz
@o-p.bsky.social
EUC Leader, Citrix Solutions Engineer, Home Automation Apologist, Coffee Guy
If you want to speak to a human and whatever dumb voice bot you’re calling won’t let you without making you answer a million questions just call it back and when it asks what you want tell it you are “returning a call”. A lot of AVR will put you directly through to a human after that.
June 17, 2025 at 10:30 PM
If you want to speak to a human and whatever dumb voice bot you’re calling won’t let you without making you answer a million questions just call it back and when it asks what you want tell it you are “returning a call”. A lot of AVR will put you directly through to a human after that.
Reposted by Mike Streetz
It's here - a first release of RdpCredProv, a Windows credential provider with autologon capabilities better than the original! 🚀 Yes, it works even with the Hyper-V enhanced session mode! Grab a copy from github.com/Devolutions/... and then follow the instructions from the readme 👇
June 17, 2025 at 8:42 PM
It's here - a first release of RdpCredProv, a Windows credential provider with autologon capabilities better than the original! 🚀 Yes, it works even with the Hyper-V enhanced session mode! Grab a copy from github.com/Devolutions/... and then follow the instructions from the readme 👇
Citrix FAS Pro Tip: If you're getting "Incorrect Username or Password" and turn on CAPI2 logs and they complain about not being able to do a revocation check but don't give you a failing URL it's because there's no CRL locations in your cert. You need those. Have fun reissuing certs.
June 16, 2025 at 10:30 PM
Citrix FAS Pro Tip: If you're getting "Incorrect Username or Password" and turn on CAPI2 logs and they complain about not being able to do a revocation check but don't give you a failing URL it's because there's no CRL locations in your cert. You need those. Have fun reissuing certs.
Hi Pacific Northwest EUC friends! @robryan.com and I would love you to join us on July 9 for pizza and lively discussion on all things End User Computing.
Jack Smith from liquidware will be hosting us at Cascadia Pizza in Bellvue.
Space is limited and filling up fast.
worldofeuc.org/event-6193347
Jack Smith from liquidware will be hosting us at Cascadia Pizza in Bellvue.
Space is limited and filling up fast.
worldofeuc.org/event-6193347
World of EUC - Seattle WEUC Meet-up
worldofeuc.org
May 23, 2025 at 4:33 PM
Hi Pacific Northwest EUC friends! @robryan.com and I would love you to join us on July 9 for pizza and lively discussion on all things End User Computing.
Jack Smith from liquidware will be hosting us at Cascadia Pizza in Bellvue.
Space is limited and filling up fast.
worldofeuc.org/event-6193347
Jack Smith from liquidware will be hosting us at Cascadia Pizza in Bellvue.
Space is limited and filling up fast.
worldofeuc.org/event-6193347
I made a thing! Co-Pilot in Visual Studio helped.
Snuefy - A Home Assistant Automation for snoozing multiple Eufy Camera Motion Alerts using the Eufy Security Integration.
It's my first real github thingy with something resembling code.
github.com/MikeStreetz/...
Snuefy - A Home Assistant Automation for snoozing multiple Eufy Camera Motion Alerts using the Eufy Security Integration.
It's my first real github thingy with something resembling code.
github.com/MikeStreetz/...
GitHub - MikeStreetz/Snuefy: Snooze Multiple Eufy Camera Motion Alerts At Once In Home Assistant with the Eufy Security Integation
Snooze Multiple Eufy Camera Motion Alerts At Once In Home Assistant with the Eufy Security Integation - MikeStreetz/Snuefy
github.com
April 26, 2025 at 3:21 AM
I made a thing! Co-Pilot in Visual Studio helped.
Snuefy - A Home Assistant Automation for snoozing multiple Eufy Camera Motion Alerts using the Eufy Security Integration.
It's my first real github thingy with something resembling code.
github.com/MikeStreetz/...
Snuefy - A Home Assistant Automation for snoozing multiple Eufy Camera Motion Alerts using the Eufy Security Integration.
It's my first real github thingy with something resembling code.
github.com/MikeStreetz/...
Reposted by Mike Streetz
🆕 Updated Blogpost about Citrix #DaaS Conditional Authentication to use Network Locations as location-based Auth-filter.
A great way to be able to offboard some Adaptive Authentication deployments.
www.julianjakob.com/citrix-daas-...
A great way to be able to offboard some Adaptive Authentication deployments.
www.julianjakob.com/citrix-daas-...
Citrix DaaS - Conditional Authentication
Post about the Conditional Authentication feature of Citrix DaaS, where you're able to pre-filter different authentication Methods in one URL
www.julianjakob.com
April 24, 2025 at 3:22 PM
🆕 Updated Blogpost about Citrix #DaaS Conditional Authentication to use Network Locations as location-based Auth-filter.
A great way to be able to offboard some Adaptive Authentication deployments.
www.julianjakob.com/citrix-daas-...
A great way to be able to offboard some Adaptive Authentication deployments.
www.julianjakob.com/citrix-daas-...
do I bother importing old tweets or do I just start again? There were some good technical threads on there...
February 10, 2025 at 9:03 PM
do I bother importing old tweets or do I just start again? There were some good technical threads on there...
If copying services from a live #netscaler config to test backend communication on a new instance prior to a migration be sure to watch for add service ADNS. It will create the IP address locally and you’ll get an IP address conflict and cause an outage. Ask me how I know…
April 21, 2025 at 9:19 PM
If copying services from a live #netscaler config to test backend communication on a new instance prior to a migration be sure to watch for add service ADNS. It will create the IP address locally and you’ll get an IP address conflict and cause an outage. Ask me how I know…
Installing the SCVMM Console to make Citrix DaaS Cloud Connectors talk to Hyper-V is such a monumentally painful thing to have to do. There's no SCVMM console executable, you have to use the 1GB setup.exe of SCVMM itself just to select the 100MB Console option...
April 21, 2025 at 9:19 PM
Installing the SCVMM Console to make Citrix DaaS Cloud Connectors talk to Hyper-V is such a monumentally painful thing to have to do. There's no SCVMM console executable, you have to use the 1GB setup.exe of SCVMM itself just to select the 100MB Console option...
if you've left it to the last possible second to move off of #netscaler 13.0 you might hit a bug where the latest versions won't import SSL certs as PFX. Install them as PEM files with a key instead.
https://t.co/VKfc7e05Hf
https://t.co/VKfc7e05Hf
April 21, 2025 at 9:19 PM
if you've left it to the last possible second to move off of #netscaler 13.0 you might hit a bug where the latest versions won't import SSL certs as PFX. Install them as PEM files with a key instead.
https://t.co/VKfc7e05Hf
https://t.co/VKfc7e05Hf
#Citrix FAS
Sites and Services strikes again!
If you haven't defined your VDI subnets, you'll hit a random Domain Controller for log in. If not all of your DCs can talk to the Certificate Revocation List you use in FAS Cert templates, then your login will fail.
Sites and Services strikes again!
If you haven't defined your VDI subnets, you'll hit a random Domain Controller for log in. If not all of your DCs can talk to the Certificate Revocation List you use in FAS Cert templates, then your login will fail.
April 21, 2025 at 9:19 PM
#Citrix FAS
Sites and Services strikes again!
If you haven't defined your VDI subnets, you'll hit a random Domain Controller for log in. If not all of your DCs can talk to the Certificate Revocation List you use in FAS Cert templates, then your login will fail.
Sites and Services strikes again!
If you haven't defined your VDI subnets, you'll hit a random Domain Controller for log in. If not all of your DCs can talk to the Certificate Revocation List you use in FAS Cert templates, then your login will fail.
Following on from my session on session hijacking and cookie theft, tune in to see the latest protections on NetScaler Gateway against this: https://community.citrix.com/events/event/75-netscaler-live-demo-session-hijack-protection-for-netscaler-gatewayaaa-deployments/
April 21, 2025 at 9:19 PM
Following on from my session on session hijacking and cookie theft, tune in to see the latest protections on NetScaler Gateway against this: https://community.citrix.com/events/event/75-netscaler-live-demo-session-hijack-protection-for-netscaler-gatewayaaa-deployments/
Have you ever changed a NetScaler Gateway theme and then wondered why nothing seems to be applying?
shell nsapimgr_wr.sh -ys call=ns_ic_flush
is a magic #netscaler script that flushes the integrated cache even if the feature is not enabled. Doing this will usually fix it.
shell nsapimgr_wr.sh -ys call=ns_ic_flush
is a magic #netscaler script that flushes the integrated cache even if the feature is not enabled. Doing this will usually fix it.
April 21, 2025 at 9:19 PM
Have you ever changed a NetScaler Gateway theme and then wondered why nothing seems to be applying?
shell nsapimgr_wr.sh -ys call=ns_ic_flush
is a magic #netscaler script that flushes the integrated cache even if the feature is not enabled. Doing this will usually fix it.
shell nsapimgr_wr.sh -ys call=ns_ic_flush
is a magic #netscaler script that flushes the integrated cache even if the feature is not enabled. Doing this will usually fix it.
When troubleshooting FAS trying to log events all the way from NetScaler, to Entra, to Storefront, to FAS, to Certificate servers to the VDA is such a monumental pain in the ass. There has to be a better way to do this...
April 21, 2025 at 9:19 PM
When troubleshooting FAS trying to log events all the way from NetScaler, to Entra, to Storefront, to FAS, to Certificate servers to the VDA is such a monumental pain in the ass. There has to be a better way to do this...
Going to have to try this out and see how/if the cookie protection works on the gateway now. https://x.com/cstalhood/status/1778382567143588288
April 21, 2025 at 9:19 PM
Going to have to try this out and see how/if the cookie protection works on the gateway now. https://x.com/cstalhood/status/1778382567143588288
I’ll be talking about netscaler authentication cookies and how “logging out” might not be doing what you think it is. https://x.com/xenappblog/status/1772629418122317982
April 21, 2025 at 9:19 PM
I’ll be talking about netscaler authentication cookies and how “logging out” might not be doing what you think it is. https://x.com/xenappblog/status/1772629418122317982
Not new but I have to dig this up every time I set up a new computer.
NetScaler Notepad++ Language File 2.0 for Syntax Highlighting
https://www.vsqloud.de/2023/04/19/netscaler-notepad-language-file-2-0-for-syntax-highlighting/
NetScaler Notepad++ Language File 2.0 for Syntax Highlighting
https://www.vsqloud.de/2023/04/19/netscaler-notepad-language-file-2-0-for-syntax-highlighting/
April 21, 2025 at 9:19 PM
Not new but I have to dig this up every time I set up a new computer.
NetScaler Notepad++ Language File 2.0 for Syntax Highlighting
https://www.vsqloud.de/2023/04/19/netscaler-notepad-language-file-2-0-for-syntax-highlighting/
NetScaler Notepad++ Language File 2.0 for Syntax Highlighting
https://www.vsqloud.de/2023/04/19/netscaler-notepad-language-file-2-0-for-syntax-highlighting/
Finally saw my first stolen #netscaler authentication cookie in the wild. Attacker got in immediately after a legitimate session did MFA. There’s no inbuilt protections against it. You can’t really use WAF because of the process order of the packet engine.
April 21, 2025 at 9:19 PM
Finally saw my first stolen #netscaler authentication cookie in the wild. Attacker got in immediately after a legitimate session did MFA. There’s no inbuilt protections against it. You can’t really use WAF because of the process order of the packet engine.
I'd love to be able to use the metadata URL for SAML setup on netscaler with Entra but the number of times it picks the wrong cert from the ones presented is way too high. Anyone know what's going on there?
Manually uploading the cert works 100% of the time.
Manually uploading the cert works 100% of the time.
April 21, 2025 at 9:19 PM
I'd love to be able to use the metadata URL for SAML setup on netscaler with Entra but the number of times it picks the wrong cert from the ones presented is way too high. Anyone know what's going on there?
Manually uploading the cert works 100% of the time.
Manually uploading the cert works 100% of the time.
I've seen this a couple of time and the error isn't super helpful, but if you see FailedPasswordComplexity errors in storefront after connecting via the gateway it's because you're not sending through a password. I see it most often with SAML or RADIUS MFA
April 21, 2025 at 9:19 PM
I've seen this a couple of time and the error isn't super helpful, but if you see FailedPasswordComplexity errors in storefront after connecting via the gateway it's because you're not sending through a password. I see it most often with SAML or RADIUS MFA
My Amazon Echo Show recently stopped showing artwork while playing music which caused my toddler to have a huge meltdown. This was weeks ago and I've only just now figured out what caused it. Let me take you on a wild ride.
THREAD
THREAD
April 21, 2025 at 9:19 PM
My Amazon Echo Show recently stopped showing artwork while playing music which caused my toddler to have a huge meltdown. This was weeks ago and I've only just now figured out what caused it. Let me take you on a wild ride.
THREAD
THREAD
#CVE20233519 working POC via @rapid7 https://attackerkb.com/topics/si09VNJhHh/cve-2023-3519/rapid7-analysis
Execute arbitrary code on the stack without crashing nsppe! There's some cool tricks in here, check it out.
Won't be long now before this is on metasploit.
Execute arbitrary code on the stack without crashing nsppe! There's some cool tricks in here, check it out.
Won't be long now before this is on metasploit.
April 21, 2025 at 9:19 PM
#CVE20233519 working POC via @rapid7 https://attackerkb.com/topics/si09VNJhHh/cve-2023-3519/rapid7-analysis
Execute arbitrary code on the stack without crashing nsppe! There's some cool tricks in here, check it out.
Won't be long now before this is on metasploit.
Execute arbitrary code on the stack without crashing nsppe! There's some cool tricks in here, check it out.
Won't be long now before this is on metasploit.
How to wipe an #SDX
plug in the drive to another machine, fire up fdisk and mark the 1st partition as active. When it boots, it'll automatically wipe everything and go back to defaults.
Thanks to (Ex)CTXMike from World of EUC for saving me from the console cable
plug in the drive to another machine, fire up fdisk and mark the 1st partition as active. When it boots, it'll automatically wipe everything and go back to defaults.
Thanks to (Ex)CTXMike from World of EUC for saving me from the console cable
April 21, 2025 at 9:19 PM
How to wipe an #SDX
plug in the drive to another machine, fire up fdisk and mark the 1st partition as active. When it boots, it'll automatically wipe everything and go back to defaults.
Thanks to (Ex)CTXMike from World of EUC for saving me from the console cable
plug in the drive to another machine, fire up fdisk and mark the 1st partition as active. When it boots, it'll automatically wipe everything and go back to defaults.
Thanks to (Ex)CTXMike from World of EUC for saving me from the console cable
Part 2 of the Assetnote netscaler CVE analysis for #CVE20233519 is out, the URL that accepts the input is /gwtest/formssso.
I can't imagine it's going to be long before we see a public exploit available.
https://blog.assetnote.io/2023/07/24/citrix-rce-part-2-cve-2023-3519/
I can't imagine it's going to be long before we see a public exploit available.
https://blog.assetnote.io/2023/07/24/citrix-rce-part-2-cve-2023-3519/
April 21, 2025 at 9:19 PM
Part 2 of the Assetnote netscaler CVE analysis for #CVE20233519 is out, the URL that accepts the input is /gwtest/formssso.
I can't imagine it's going to be long before we see a public exploit available.
https://blog.assetnote.io/2023/07/24/citrix-rce-part-2-cve-2023-3519/
I can't imagine it's going to be long before we see a public exploit available.
https://blog.assetnote.io/2023/07/24/citrix-rce-part-2-cve-2023-3519/
another #CVE20233519 analysis that found an overflow that doesn't require SAML at all.
https://bishopfox.com/blog/citrix-adc-gateway-rce-cve-2023-3519
via @_POPPELGAARD
https://bishopfox.com/blog/citrix-adc-gateway-rce-cve-2023-3519
via @_POPPELGAARD
April 21, 2025 at 9:19 PM
another #CVE20233519 analysis that found an overflow that doesn't require SAML at all.
https://bishopfox.com/blog/citrix-adc-gateway-rce-cve-2023-3519
via @_POPPELGAARD
https://bishopfox.com/blog/citrix-adc-gateway-rce-cve-2023-3519
via @_POPPELGAARD