Closed miminno closed 4 years ago
Are you being prompted for credentials after that output?
EDIT: Just re-read the issue and saw you put that information at the top.
Are you sure your company is using hostscan? I don't see any indication that it's in use based off those details.
Is there any other scan?
What I've also noticed is that when I just connect with AnyConnect the scan is run after I put my credentials in. So it's a 3-step process: 1) Login and establish a connection 2) Run the scan 3) If success then grant the network access.
Interesting. That does not appear to be hostscan, which explains why the bypass isn't working for you. That looks like a separate feature built into AnyConnect. I'm sure it's possible to spoof the results of the scan after you connect but I don't have an environment with that capability enabled for development.
If you're looking to try and do that I'd recommend authenticating using a TCP proxy and see what the traffic looks like after it connects. It might be something as simple as a POST request to the ASA with a successful result.
I tried that. The only way the authentication works via proxy is with the -c config.json and without the -s option. But then all the traffic is encrypted and unreadable :(
In this particular case I can't be of much help. I'd need to have access to the machine to see if it's a control or proxy error.
I'm here if you end up going down the rabbit hole and want someone to bounce ideas off of though!
Bypass command:
AnyConnect warns about an invalid certificate, click "Connect Anyway", login dialog appears on the screen.
Bypass output:
No further output in the console and no CSD file created.
I run hostscan-bypass in the Ubuntu VM:
Cisco AnyConnect version 4.8.01090