Juniper post enum module #9614
Juniper post enum module #9614
Conversation
|
Removed WIP, more like ready for review and testing by others. |
|
Before I mirror this process for juniper, any feedback? |
|
|
| ppp_hash = result[1].strip | ||
| print_good("PPTP username #{ppp_username} hash #{ppp_hash} via PAP") | ||
| cred = credential_data.dup | ||
| cred[:username] = ppp_username |
There was a problem hiding this comment.
in hindsight, does this need an address too?
There was a problem hiding this comment.
oh never mind, this was good (it's set above)
|
Some of the code patterns made me think 'stripping after splitting the config fields is tedious'. |
|
|
||
| This module has been tested on the following hardware/OS combinations. | ||
|
|
||
| * ScreenOS |
|
|
||
| This module will look for the follow parameters which contain credentials: | ||
|
|
||
| * ScreenOS |
There was a problem hiding this comment.
@h00die need to add to this
| radius_server = result[0].strip | ||
| print_good("radius server #{radius_server} password hash: #{radius_hash}") | ||
| cred = credential_data.dup | ||
| cred[:address] = radius_server |
There was a problem hiding this comment.
@busterb I never figured this one out. When this adds to the DB and you run creds you get:
host origin service public private realm private_type
+---- ------ ------- ------ ------- ----- ------------
+1.1.1.1 1.1.1.1 1812/udp (radius) $9$Y-4GikqfF39JGCu1Ileq.PQ6AB1hrlMBIyKvWdV Nonreplayable
I think host should be radius_server and origin would be the IP of this box itself (192.168.1.5), however all my attempts to set one but not the other failed. Any insight?
Release NotesThe post/juniper/gather/enum_juniper module has been added to the framework. It enumerates configuration items from Juniper devices, similar to the Cisco one that exists. |
This is a post module to enumerate configuration items from Juniper devices, similar to the Cisco one that exists.
This is a WIP, as the SSH sessions to ScreenOS devices are being debugged via #9519 .
Do you have a Juniper? Please test this out! I only have 2 devices, and they are ones I bought to write this module (non-production), so I'm unaware of newer OS changes to commands/output, or other fields that may be good to pull/save. Please post censored output and let me know what device and OS you tested against so we can add it to the documentation.
Requires #9524 and rapid7/metasploit-credential#129
Verification
use post/juniper/gather/enum_juniperset session [x]set verbose truerunIf you want to take a look at the config on the device I tested, you can see it here and a no privileges account here
Check docs for output from my device and what fields are pulled/saved.