Penetration Testing: Re: pen-testing cisco routers

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Penetration Testing mailing list archives

Re: pen-testing cisco routers

From: Fyodor <fygrave () tigerteam net>
Date: Sat, 26 May 2001 02:10:41 +0700

On Fri, May 25, 2001 at 11:51:53AM -0600, Ryan Russell wrote:

On Thu, 24 May 2001, ruka + wrote:

I've been doing pen-testing in a client, and we found a couple of
CISCO routers w/ SNMP enabled (2500 and 1601).

We have already extracted info about (IPs, routes, et al). Anyone
knows if there╢s a possibility to extract the configuration files
trough snmp?


Yup.  If you've got write SNMP access, there are variables you can feed it
to give it a TFTP server to write it's config out to.  What version of IOS
are they running?


IOS version doesn't really matter in fact. Check out
http://oliver.efri.hr/~crv/security/bugs/Others/snmp10.html
or some cisco resources for mib strings/hints :). (they had
a site explaining how to modify/retrive/store configuration
and IOS image over snmp, but I lost the url to the page).


-Fyodor

By Date By Thread

Current thread:

pen-testing cisco routers ruka + (May 25)
- Re: pen-testing cisco routers Ryan Russell (May 25)
  - Re: pen-testing cisco routers Fyodor (May 25)
    - Re: pen-testing cisco routers Nelson Brito (May 26)
- <Possible follow-ups>
- Re: pen-testing cisco routers Mark Maher (May 25)
- Re: pen-testing cisco routers Test Working (May 27)
- Re: pen-testing cisco routers ruka + (May 28)