So, you’ve been given a cisco config from a pix firewall using
1 | 'show run' |
and you’ve looked through it and it seems a ballache to understand. We know we could use nipper but you either have to pay a wedge for the professional version of suffer with the free version.
After a little googling I found a few tools to help along the way.
fwbuilder looks good but doesn’t support pix as of yet, maybe something to keep an eye on? – Installation is easy on debian systems:
1 2 3 4 5 | echo "deb http://packages.fwbuilder.org/deb/stable/ maverick contrib" >> /etc/apt/sources.list wget http://www.fwbuilder.org/PACKAGE-GPG-KEY-fwbuilder.asc apt-key add PACKAGE-GPG-KEY-fwbuilder.asc apt-get update apt-get install fwbuilder |
fwconfigparser is a a php script that takes input from a process.txt file and outputs as html – Quick installation via svn
1 | svn checkout http://fwconfigparser.googlecode.com/svn/trunk/ fwconfigparser |
routerdefense uses a cisco config to offer security recommendations (i guess like nipper?) – Quick installation via svn
1 | svn checkout http://routerdefense.googlecode.com/svn/trunk/ routerdefense |
Unfortunately i could not use fwbuilder as it didn’t support pix firewalls so i cant demonstrate it here, maybe i can throw something together in the future. (Keep an eye on this for updates)
fwconfigparser is as simple as copying the index.php to a browsable web directory and in the same directory placing the config file with the name process.txt
This helped but the next thing i played with was routerdefense.
It’s not obvious at first what is happening when you try to run
1 | launch.sh |
but after catting the file it becomes clear that the usage is as follows:
1 | python main.py -c /root/config.txt -t /pentest/audit//template.conf |
After an attempt to run the file it seems that for some reason it doesn’t work with either of the two configs i had 🙁
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 | root@GnackTrackR7:/pentest/audit/routerdefense# python main.py -c /root/config.txt -t /pentest/audit/routerdefense/template.conf ______ _ ______ __ | ___ \ | | | _ \ / _| | |_/ /___ _ _| |_ ___ _ __ | | | |___| |_ ___ _ __ ___ ___ | // _ \| | | | __/ _ \ '__| | | | / _ \ _/ _ \ '_ \/ __|/ _ | |\ \ (_) | |_| | || __/ | | |/ / __/ || __/ | | \__ \ __/ \_| \_\___/ \__,_|\__\___|_| |___/ \___|_| \___|_| |_|___/\___| =[ Cisco IOS security assessment tool =[ http://www.packetfault.org =[ version 0.5.1 Traceback (most recent call last): File "main.py", line 97, in <module> consoleCfg = parseConsole(lines) File "/pentest/audit/routerdefense/common.py", line 250, in parseConsole for i in range(lineConLocation + 1, len(lines)): UnboundLocalError: local variable 'lineConLocation' referenced before assignment root@GnackTrackR7:/pentest/audit/routerdefense# |
Leave a Reply
You must be logged in to post a comment.