Wednesday, August 19, 2009

CISCO scurity auditing tools

CPFPC

http://www.oxid.it/cpfpc.html

CISCO PIX FIREWALL PASSWORD CALCULATOR) PRODUCES THE ENCRYPTED FORM OF CISCO PIX ENABLE MODE PASSWORDS WITHOUT THE NEED TO ACCESS THE DEVICE.

ULTIMA RATIO

http://www.phenoelit.de/ultimaratio/index.html

A REMOTE CISCO IOS EXPLOIT

NIPPER

http://sourceforge.net/projects/nipper

NIPPER IS A NETWORK INFRASTRUCTURE CONFIGURATION PARSER. NIPPER TAKES A NETWORK INFRASTRUCTURE DEVICE CONFIGURATION, PROCESSES THE FILE AND DETAILS SECURITY-RELATED ISSUES WITH THE CONFIGURATION TOGETHER WITH DETAILED RECOMMENDATIONS. NIPPER WAS PREVIOUS KNOWN AS CISCOPARSE. NIPPER CURRENTLY SUPPORTS CISCO SWITCHES (IOS), CISCO ROUTERS (IOS), CISCO FIREWALLS (PIX/ASA/FWSM) AND JUNIPER NETSCREEN (SCREENOS). OUTPUT IS IN HTML, LATEX, XML AND TEXT. ENCRYPTED PASSWORDS CAN BE OUTPUT TO A JOHN-THE-RIPPER FILE FOR STRENGTH TESTING.

VOMIT

http://vomit.xtdnet.nl/

THE VOMIT UTILITY CONVERTS A CISCO IP PHONE CONVERSATION INTO A WAVE FILE THAT CAN BE PLAYED WITH ORDINARY SOUND PLAYERS. VOMIT REQUIRES A TCPDUMP OUTPUT FILE.

CISCO GLOBAL EXPLOITER
http://packetstormsecurity.org/0405-exploits/cge-13.tar.gz

CISCO GLOBAL EXPLOITER IS A TOOL THAT DEMONSTRATES EXPLOITATION OF THE CISCO 677/678 TELNET BUFFER OVERFLOW VULNERABILITY, IOS ROUTER DENIAL OF SERVICE VULNERABILITY, IOS HTTP AUTH VULNERABILITY AND CISCO IOS HTTP CONFIGURATION ARBITRARY ADMINISTRATIVE ACCESS VULNERABILITY, CISCO CATALYST SSH PROTOCOL MISMATCH DENIAL OF SERVICE VULNERABILITY, CISCO 675 WEB ADMINISTRATION DENIAL OF SERVICE VULNERABILITY, CISCO CATALYST 3500 XL REMOTE ARBITRARY COMMAND VULNERABILITY, CISCO IOS SOFTWARE HTTP REQUEST DENIAL OF SERVICE VULNERABILITY, CISCOSECURE ACS FOR WINDOWS NT SERVER DENIAL OF SERVICE VULNERABILITY, CISCO CATALYST MEMORY LEAK VULNERABILITY, CISCO CATOS CISCOVIEW HTTP SERVER BUFFER OVERFLOW VULNERABILITY, %U ENCODING IDS BYPASS VULNERABILITY (UTF), AND CISCO IOS HTTP DENIAL OF SERVICE VULNERABILITY.

CISTO

http://sourceforge.net/projects/cisto/

CISTO (CISCO SCRIPT TOOL) TOOL FOR MANAGING CISCO DEVICES (IOS, CATOS). ALLOWS TO GET CONFIGS, DO CONFIGURATION, INSTALL NEW IMAGES, CHANGE PASSWORDS, DO SINGLE OR LIST OF SHOW COMMANDS AND LOTS MORE FOR A GIVEN LIST OF DEVICES (RUNNING PARALLEL PROZ.)

SWITCHMAP

http://sourceforge.net/projects/switchmap/

EXAMPLE CAPTURES ARE LOCATED HERE:

http://switchmap.sourceforge.net/portlists/SWITCHMAP IS A PERL PROGRAM THAT CREATES HTML PAGES THAT SHOW INFORMATION ABOUT A SET OF CISCO ETHERNET SWITCHES. THIS PROGRAM USES SNMP TO GATHER DATA FROM THE SWITCHES.

RANCID

http://www.shrubbery.net/rancid/

RANCID MONITORS A ROUTER'S (OR MORE GENERALLY A DEVICE'S) CONFIGURATION, INCLUDING SOFTWARE AND HARDWARE (CARDS, SERIAL NUMBERS, ETC) AND USES CVS (CONCURRENT VERSION SYSTEM) OR SUBVERSION TO MAINTAIN HISTORY OF CHANGES.

RANCID DOES THIS BY THE VERY SIMPLE PROCESS SUMMARIZED HERE:


LOGIN TO EACH DEVICE IN THE ROUTER TABLE (ROUTER.DB),
RUN VARIOUS COMMANDS TO GET THE INFORMATION THAT WILL BE SAVED,
COOK THE OUTPUT; RE-FORMAT, REMOVE OSCILLATING OR INCREMENTING DATA,
EMAIL ANY DIFFERENCES (SAMPLE) FROM THE PREVIOUS COLLECTION TO A MAIL LIST,
AND FINALLY COMMIT THOSE CHANGES TO THE REVISION CONTROL SYSTEM
RANCID ALSO INCLUDES LOOKING GLASS SOFTWARE. IT IS BASED ON ED KERN'S LOOKING GLASS WHICH WAS ONCE USED FOR HTTP://NITROUS.DIGEX.NET/, FOR THE OLD-SCHOOL FOLKS WHO REMEMBER IT. OUR VERSION HAS ADDED FUNCTIONS, SUPPORTS CISCO, JUNIPER, AND FOUNDRY AND USES THE LOGIN SCRIPTS THAT COME WITH RANCID; SO IT CAN USE TELNET OR SSH TO CONNECT TO YOUR DEVICES(S).

RANCID CURRENTLY SUPPORTS CISCO ROUTERS, JUNIPER ROUTERS, CATALYST SWITCHES, FOUNDRY SWITCHES, REDBACK NASS, ADC EZT3 MUXES, MRTD (AND THUS LIKELY IRRD), ALTEON SWITCHES, AND HP PROCURVE SWITCHES AND A HOST OF OTHERS.
RANCID IS KNOWN TO BE USED AT: AOL, GLOBAL CROSSING, MFN, NTT AMERICA, CERTAINTY SOLUTIONS INC.

SIPTIGER

http://www.vovida.org/applications/downloads/siptiger

SIPTIGER IS A WEB-BASED PROVISIONING UTILITY FOR CISCO'S LINE OF 7960 AND 7940 SESSION INITIATION PROTOCOL (SIP) IP PHONES AND CISCO SIP PROXY SERVERS (CSPS). THIS UTILITY IS USEFUL FOR ANYONE DEPLOYING CISCO 7960/7940 SIP IP PHONES.

IOSTACK.PL

http://www.phenoelit-us.org/ultimaratio/IOStack2.tgz

IOSTACK.PL IS A SCRIPT TO READ OUT IOS STACK RETURN ADDRESS LOCATIONS.

CISCO ROUTER PASSWORD DECODER

http://www.loud-fat-bloke.co.uk/tools/ciscopass.txt

Simple little perl script to decode router passwords.
Posted by prism at 1:16 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)