Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] snmp-ios-config - Config grabber
From: David Fifield <david () bamsoftware com>
Date: Tue, 18 Jan 2011 10:55:06 -0800

On Tue, Jan 18, 2011 at 01:57:36AM +0530, Vikas Singhal wrote:
Thanks Patrik. Sorry for the late reply..

I have incorporated the patch you mentioned. You are right.. some IOS (may
be old ones) require the 1.3.6.1.4.1.9.9.96.1.1.1.1.*5* for Copy operation
but the newer ones can work with IP address as "string" for tftpserver on
mib .1.3.6.1.4.1.9.9.96.1.1.1.1.*16* .

I have also done some verbose error throwing e.g if the community string is
incorrect etc.

As Fred mentioned.. we need 2 more things.. 1) Spoofing your ip to bypass
the SNMP access list and 2) TFTP Server in-built (asked by David as well).

1) I tried using the nmap Spoof function using -S option, it sends the first
packet spoofed but subsequest packets are sent from the real address, any
thoughts?
2) Will leave it for future enhancement as of now!

Nonetheless, the patched and tested script is attached for more testing! :)

So, Cisco SNMP-using users, is this a script that you will use?
I want to know if this is generally useful enough to include with Nmap,
or if there will be few enough users that it's better to just grab it
from the mailing list. Would you use it even if you have to set up a
TFTP server, or would you only use it if Nmap could automatically
collect the TFTP replies?

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault