Penetration Testing mailing list archives

Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite?

From: Richard Thomas <austindad () gmail com>
Date: Tue, 10 Mar 2009 06:48:03 -0600

Richard,

Have you tried either WebScarab or Paros proxy?

Richard Thomas

On Mon, Mar 9, 2009 at 3:30 PM, Richard Miles
<richard.k.miles () googlemail com> wrote:


Hello

I'm doing a pen-test in a Cisco 3015 concentrator - ipsec connections
tunneled over TCP port 10000.

By the way, ike-scan do not work with this vpn. Also the common tools
to brute force like THC-pptp, THC-Hydra and Medusa do not work also.

Nmap neither regoganize the port as opened (but it doesn't matter), it
say filtered, but I can telnet and estabilish a connection to it.

Do you have some experience with this device? Can you give me some
hints? And point me to some tools for identify, enumerate and
brute-force this Cisco implementation?

A bit off-topic: Does anyone know a easy to install and configure web
proxy for windows which enable headers rewrite? I need to setup a fast
web proxy at my windows box to replace all headers (before they are
sent to the webserver) of the "Cookie" field and a proprietary header.

Thanks folks.

Current thread:

Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite?, (continued)
- - - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? aditya mukadam (Mar 12)
    - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Adriel T. Desautels (Mar 15)
    - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Richard Miles (Mar 15)
    - Message not available
    - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? aditya mukadam (Mar 15)
    - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Richard Miles (Mar 15)
    - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? aditya mukadam (Mar 15)
    - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Richard Miles (Mar 15)
    - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Marco Ivaldi (Mar 15)
    - RE: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Alex Eden (Mar 15)
    - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Richard Miles (Mar 15)
- Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Richard Thomas (Mar 12)
- RE: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Amardeep Singh (Mar 12)
  - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Richard Miles (Mar 12)
    - Message not available
    - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Richard Miles (Mar 15)
    - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Wasim Halani (Mar 15)
    - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Richard Miles (Mar 15)