Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] snmp-ios-config - Config grabber

From: Patrik Karlsson <patrik () cqure net>
Date: Mon, 21 Feb 2011 17:36:45 +0100

On Feb 21, 2011, at 10:43 , Vikas Singhal wrote:


Hi Patrik, 

My bad, it works just fine. Just test with three routers. Great job! :)

Questions: 

1) Where does it saves the file, as a user I can see from the output. I think we should display it. 

The file is only saved if the snmp-ios-config.tftproot argument is set.
In that case the router ip is used together with "-config" to create the filename.
When specifying this parameter the script could return something along the following instead of the config:
"The cisco configuration was saved as xxxx"


2) Printing the whole ios config takes a lot of space even for the lab/gns routers, for prod env it will mess up the 
scan results. Can we tell basic info like version,  username discovered, password7/plain password use, interface 
count, snmp communities discovered etc. Let me know if that sounds good, I will make the changes. 

I think some sort of basic info could be the default mode and have a script argument that overrides this and returns 
the full config.
Also, when saving the config to file, it should obviously save the full config.
Feel free to make these changes and let me know when you need help testing.

//Patrik




Regards, 
Vikas
On Fri, Feb 4, 2011 at 3:58 AM, Patrik Karlsson <patrik () cqure net> wrote:

On 3 feb 2011, at 23.13, Thomas Buchanan wrote:


-----Original Message-----
From: Patrik Karlsson [mailto:patrik () labb1 com] On Behalf Of
Patrik Karlsson
Sent: Wednesday, February 02, 2011 11:28 AM
To: Vikas Singhal; Thomas Buchanan; David Fifield; Nmap-Dev
Subject: Re: [NSE] snmp-ios-config - Config grabber

I still haven't seen any debug results or packet captures of
cases where this doesn't work and since I can't reproduce the
problems myself I'm not making any progress here.

Has anyone else been able to test yet?

//Patrik


Patrik,

I had a chance to test your latest revision of the script and tftp
library, and it seems to work fine for me.  I even dug up another Cisco
box to run against, and got good results from that one as well.


Ok, I'm happy to hear that.



The two Cisco boxes are quite different, and it takes one of them about
twice as long to build the running config and connect back to the TFTP
server.  This means that I haven't really been able to test how
effective the concurrency of the library is.  However, it seems to have
no problems handling the files as they come in:


I've been emulating several identical routers and got data back more or less at the same time and it seems to work 
good for me to.



Completed NSE at 15:53, 5.80s elapsed
Nmap scan report for 192.168.1.1
Host is up (0.00s latency).
PORT    STATE SERVICE VERSION
161/udp open  snmp    SNMPv1 server (public)
| snmp-ios-config:
| !
| version 12.4
<snip>
|_end

Nmap scan report for 192.168.1.4
Host is up (0.00s latency).
PORT    STATE SERVICE VERSION
161/udp open  snmp    SNMPv1 server (public)
| snmp-ios-config:
| !
| version 12.3
<snip>
|_end

Let me know if you want more details or would like to see any additional
output.


Thanks for testing! I'm happy with the details. As far as I can tell, the script now works as intended.



Thanks,

Thomas



//Patrik
--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77








--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: