> > I've been doing pen-testing in a client, and we found a couple of > > CISCO routers w/ SNMP enabled (2500 and 1601). > > > > We have already extracted info about (IPs, routes, et al). Anyone > > knows if there´s a possibility to extract the configuration files > > trough snmp? > > Yup. If you've got write SNMP access, there are variables you can feed it > to give it a TFTP server to write it's config out to. What version of IOS > are they running? > 1st and 2nd URLs are what you're asking - the other ones are also good reading . . . How to Move Configuration Files and System Software Images Between a CatOS Switch and a TFTP Server Using SNMP http://www.cisco.com/warp/public/477/SNMP/move_files_images_snmp.html Cisco IOS and Configuration File Migration Using SNMP http://www.cisco.com/warp/public/477/SNMP/11.html Security Advisory: Cisco IOS Software Multiple SNMP Community String Vulnerabilities http://www.cisco.com/warp/public/707/ios-snmp-community-vulns-pub.shtml Cisco Security Advisory: Cisco IOS Software SNMP Read-Write ILMI Community String Vulnerability http://www.cisco.com/warp/public/707/ios-snmp-ilmi-vuln-pub.shtml Internet Security Advisories http://www.cisco.com/warp/public/707/advisory.html ____________________________________________________________________ Get free email and a permanent address at http://www.netaddress.com/?N=1
This archive was generated by hypermail 2b30 : Sun May 27 2001 - 00:04:19 PDT