Hi,
On Fri, May 07, 2010 at 08:17:15PM -0700, Judah Scott wrote:
But, I don't think you can compare enabling features (possibly as
simple as changing a couple je ops to jmp ops or a couple bytes
here/there) to writing a whole block of IOS assembly code to
facilitate a backdoor ...
... but,
Possibly OT, as it doesn't stricly pertain to networking... Apologies, if
regarded as such...
The SOLE copy I've got of s72033-adventerprisek9_wan-mz.122-18.SXF4.bin
resides on a TFTP server used for backup purposes. This TFTP server
experienced disk issues a year or so ago, and I'm not
Hi,
The SOLE copy I've got of s72033-adventerprisek9_wan-mz.122-18.SXF4.bin
resides on a TFTP server used for backup purposes. This TFTP server
cant you just copy it onto a sup720 flash drive - eg disk0: and run
verify s72033-adventerprisek9_wan-mz.122-18.SXF4.bin
?
alan
/tsweb/psirt/cisco-sr-20080516-rootkits-r2.4.zip
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Alan Buxey
Sent: Friday, May 07, 2010 2:42 PM
To: Rick Kunkel
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Obtaining
Hi,
On Fri, May 07, 2010 at 10:45:24AM -0700, Rick Kunkel wrote:
The SOLE copy I've got of s72033-adventerprisek9_wan-mz.122-18.SXF4.bin
resides on a TFTP server used for backup purposes. This TFTP server
There's two ways here.
a) you could upload the software on a router, and ask the
I've actually done this, yes... But my impression was that I needed to
check it against Cisco's site as well...
Ah... wait.. I am beginning to see... The embedded hash is PART of the
file, and is used for this verification purpose. I *HAD* thought that the
CCO hash was perhaps the one from
Of course one -could- do this. IMO it's not even a -decent- way to
exploit considering to implement this one already needs CF access (as
super-user or physically) and to reload the router with the
compromised image.
Distributing compromised images isn't all that useful either because
it will be
On May 7, 2010, at 4:48 PM, Judah Scott wrote:
Distributing compromised images isn't all that useful either because
it will be difficult to track down which routers the backdoors
(presumably thats what a compromised image would go for) were
installed to unless they send out packets notifying
You got me on the packet cops argument.
But, I don't think you can compare enabling features (possibly as
simple as changing a couple je ops to jmp ops or a couple bytes
here/there) to writing a whole block of IOS assembly code to
facilitate a backdoor ...
... but, uh oh, my ignorance is showing
