Penetration Testing mailing list archives
Re: pen-testing cisco routers
From: Fyodor <fygrave () tigerteam net>
Date: Sat, 26 May 2001 02:10:41 +0700
On Fri, May 25, 2001 at 11:51:53AM -0600, Ryan Russell wrote:
On Thu, 24 May 2001, ruka + wrote:I've been doing pen-testing in a client, and we found a couple of CISCO routers w/ SNMP enabled (2500 and 1601). We have already extracted info about (IPs, routes, et al). Anyone knows if thereā¢s a possibility to extract the configuration files trough snmp?Yup. If you've got write SNMP access, there are variables you can feed it to give it a TFTP server to write it's config out to. What version of IOS are they running?
IOS version doesn't really matter in fact. Check out http://oliver.efri.hr/~crv/security/bugs/Others/snmp10.html or some cisco resources for mib strings/hints :). (they had a site explaining how to modify/retrive/store configuration and IOS image over snmp, but I lost the url to the page). -Fyodor
Current thread:
- pen-testing cisco routers ruka + (May 25)
- Re: pen-testing cisco routers Ryan Russell (May 25)
- Re: pen-testing cisco routers Fyodor (May 25)
- Re: pen-testing cisco routers Nelson Brito (May 26)
- Re: pen-testing cisco routers Fyodor (May 25)
- <Possible follow-ups>
- Re: pen-testing cisco routers Mark Maher (May 25)
- Re: pen-testing cisco routers Test Working (May 27)
- Re: pen-testing cisco routers ruka + (May 28)
- Re: pen-testing cisco routers Ryan Russell (May 25)