mailing list archives
Re: [NSE] snmp-ios-config - Config grabber
From: David Fifield <david () bamsoftware com>
Date: Tue, 18 Jan 2011 10:55:06 -0800
On Tue, Jan 18, 2011 at 01:57:36AM +0530, Vikas Singhal wrote:
Thanks Patrik. Sorry for the late reply..
I have incorporated the patch you mentioned. You are right.. some IOS (may
be old ones) require the 18.104.22.168.22.214.171.124.126.96.36.199.1.*5* for Copy operation
but the newer ones can work with IP address as "string" for tftpserver on
mib .188.8.131.52.184.108.40.206.220.127.116.11.1.*16* .
I have also done some verbose error throwing e.g if the community string is
As Fred mentioned.. we need 2 more things.. 1) Spoofing your ip to bypass
the SNMP access list and 2) TFTP Server in-built (asked by David as well).
1) I tried using the nmap Spoof function using -S option, it sends the first
packet spoofed but subsequest packets are sent from the real address, any
2) Will leave it for future enhancement as of now!
Nonetheless, the patched and tested script is attached for more testing! :)
So, Cisco SNMP-using users, is this a script that you will use?
I want to know if this is generally useful enough to include with Nmap,
or if there will be few enough users that it's better to just grab it
from the mailing list. Would you use it even if you have to set up a
TFTP server, or would you only use it if Nmap could automatically
collect the TFTP replies?
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/