New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

improve fingerprinting for Cisco ASA VPN scanner #11035

merged 1 commit into from Nov 29, 2018


None yet
3 participants

busterb commented Nov 28, 2018

This fixes some issues running the Cisco ASA SSL VPN scanner against different firmware versions. In particular, the initial login page will not always return a 302 redirect prompting the need for setting a GET variable ahead of time. Rather than doing a check and hoping for a redirect, this revises the code to simply set the GET variable in the first place.

The rest of the changes are simply minor refactoring so we don't repeat this initial connection twice, and some ruby style changes.

Fixes MS-3654


  • Start msfconsole
  • use auxiliary/scanner/http/cisco_ssl_vpn
  • target a number of different ASA targets (I have a few) they should all be fingerprinted positively
  • Verify that you are then able to scan and bruteforce the targets

@jrobles-r7 jrobles-r7 self-assigned this Nov 29, 2018

@jrobles-r7 jrobles-r7 merged commit bff2616 into rapid7:master Nov 29, 2018

3 checks passed

Metasploit Automation - Sanity Test Execution Successfully completed all tests.
Metasploit Automation - Test Execution Successfully completed all tests.
continuous-integration/travis-ci/pr The Travis CI build passed

jrobles-r7 added a commit that referenced this pull request Nov 29, 2018

msjenkins-r7 added a commit that referenced this pull request Nov 29, 2018


This comment has been minimized.


jrobles-r7 commented Nov 29, 2018

Release Notes

This improves Cisco SSL VPN fingerprinting for the auxiliary/scanner/http/cisco_ssl_vpn module.

@gdavidson-r7 gdavidson-r7 added the rn-fix label Dec 4, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment