Penetration Testing mailing list archives
Re: pen-testing cisco routers
From: Test Working <test198 () usa net>
Date: 26 May 2001 19:03:41 MDT
I've been doing pen-testing in a client, and we found a couple of CISCO routers w/ SNMP enabled (2500 and 1601). We have already extracted info about (IPs, routes, et al). Anyone knows if thereĀ“s a possibility to extract the configuration files trough snmp?Yup. If you've got write SNMP access, there are variables you can feed it to give it a TFTP server to write it's config out to. What version of IOS are they running?
1st and 2nd URLs are what you're asking - the other ones are also good reading . . . How to Move Configuration Files and System Software Images Between a CatOS Switch and a TFTP Server Using SNMP http://www.cisco.com/warp/public/477/SNMP/move_files_images_snmp.html Cisco IOS and Configuration File Migration Using SNMP http://www.cisco.com/warp/public/477/SNMP/11.html Security Advisory: Cisco IOS Software Multiple SNMP Community String Vulnerabilities http://www.cisco.com/warp/public/707/ios-snmp-community-vulns-pub.shtml Cisco Security Advisory: Cisco IOS Software SNMP Read-Write ILMI Community String Vulnerability http://www.cisco.com/warp/public/707/ios-snmp-ilmi-vuln-pub.shtml Internet Security Advisories http://www.cisco.com/warp/public/707/advisory.html ____________________________________________________________________ Get free email and a permanent address at http://www.netaddress.com/?N=1
Current thread:
- pen-testing cisco routers ruka + (May 25)
- Re: pen-testing cisco routers Ryan Russell (May 25)
- Re: pen-testing cisco routers Fyodor (May 25)
- Re: pen-testing cisco routers Nelson Brito (May 26)
- Re: pen-testing cisco routers Fyodor (May 25)
- <Possible follow-ups>
- Re: pen-testing cisco routers Mark Maher (May 25)
- Re: pen-testing cisco routers Test Working (May 27)
- Re: pen-testing cisco routers ruka + (May 28)
- Re: pen-testing cisco routers Ryan Russell (May 25)