<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos network security services platform

Bugtraq: Creating Backdoors in Cisco IOS using Tcl

Creating Backdoors in Cisco IOS using Tcl

From: IRM Research <research_at_irmplc.com>
Date: Tue, 27 Nov 2007 10:48:39 -0000

Tcl (Tool Command Language) is a scripting language used extensively in
embedded systems, which is easy to use and has some powerful features.
The language has been supported by Cisco IOS for some time now and is
used, for example, in IOS IVR configuration as well as for automating
mundane tasks regularly performed by network administrators. This short
technical briefing describes a technique using Tcl to create a backdoor
within IOS that would allow a remote attacker to execute privileged
commands on a networking device. The document (which includes a
proof-of-concept Tcl script) can be downloaded here:

http://www.irmplc.com/index.php/153-Embedded-Systems-Security
Received on Nov 27 2007

This message: [ Message body ]
Next message: Kees Cook: "[USN-546-1] Firefox vulnerabilities"
Previous message: Kees Cook: "[USN-545-1] link-grammar vulnerability"
Next in thread: Nicolas FISCHBACH: "Re: [Full-disclosure] Creating Backdoors in Cisco IOS using Tcl"
Reply: Nicolas FISCHBACH: "Re: [Full-disclosure] Creating Backdoors in Cisco IOS using Tcl"
Maybe reply: michael_at_cleverly.com: "Re: Creating Backdoors in Cisco IOS using Tcl"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]