Request to add Cisco Smart Install checks

leebaird / discover

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

MIT License

3.42k stars 825 forks source link

Request to add Cisco Smart Install checks #173

Closed KaiZenSec closed 3 years ago

KaiZenSec commented 3 years ago

Would it be possible to add checks for Cisco Smart Install port 4786 and the accompanying nmap script and metasploit aux module to the default scan scripts?

leebaird commented 3 years ago

Absolutely. Can you provide a few items: TCP or UDP Name of NSE Name of aux module

KaiZenSec commented 3 years ago

TCP 4786 and nmap doesn't have an nse included natively. However there's one here that works well https://github.com/frostbits-security/SIET/blob/master/cisco-siet.nse. The MSF aux module is 'auxiliary/scanner/misc/cisco_smart_install'. Set the action to download and it will grab the running config of a vulnerable device and parse credentials stored in the config. Thanks!

leebaird commented 3 years ago

Added the port and MSF aux module. You will need to install the NSE yourself.