GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → GrrrDog → TacoTaco

GrrrDog / TacoTaco

Licence: MIT license
Some scripts for attacks on Tacacs+ protocol

Programming Languages

python
139335 projects - #7 most used programming language

Labels

ciscotacacs-plustacacs

Projects that are alternatives of or similar to TacoTaco

Firepower O365 Feed Parser
This is a Sample Script that can parse the O365 Web Service API and upload it to Firepower Management Center as Group Objects.
Stars: ✭ 56 (-5.08%)
Mutual labels:  cisco
spark-netflow
NetFlow data source for Spark SQL and DataFrames
Stars: ✭ 16 (-72.88%)
Mutual labels:  cisco
pathman-sr
Pathman SR is an open-source app to compute paths and deploy routes in Segment Routing-enabled network.
Stars: ✭ 79 (+33.9%)
Mutual labels:  cisco
notes
CCIE routing and switching notes and references, with a general directory and specific topic directories.
Stars: ✭ 23 (-61.02%)
Mutual labels:  cisco
finesseGadgets
Collection of gadgets for Cisco Finesse
Stars: ✭ 25 (-57.63%)
Mutual labels:  cisco
cisco-pnp-ztp-guestshell
Cisco Zero Touch Protocol (ZTP) with Python Scripts
Stars: ✭ 17 (-71.19%)
Mutual labels:  cisco
getting-started
pyATS Getting Started guide sources, URL: https://developer.cisco.com/docs/pyats-getting-started/
Stars: ✭ 24 (-59.32%)
Mutual labels:  cisco
yang
NETCONF/YANG related test framework
Stars: ✭ 15 (-74.58%)
Mutual labels:  cisco
pyaci
Python Bindings for Cisco ACI REST API
Stars: ✭ 42 (-28.81%)
Mutual labels:  cisco
node-meraki-dashboard
A modern node.js client library for using the Meraki Dashboard API.
Stars: ✭ 20 (-66.1%)
Mutual labels:  cisco
dne-security-code
No description or website provided.
Stars: ✭ 30 (-49.15%)
Mutual labels:  cisco
gen-cisco
🧨 Generates Cisco scripts based on YAML files
Stars: ✭ 29 (-50.85%)
Mutual labels:  cisco
ccna
A summary of CCNA-useable cisco commands by @elsmr and @Haroenv
Stars: ✭ 16 (-72.88%)
Mutual labels:  cisco
topolograph
Topolograph.com is an online project which can visualize OSPF/ISIS topology based on single OSPF LinkState DataBase scrapping from one network device ( thanks OSPF =). Then you can not only see (and check) the shortest path from source to destination, but also see the outcome from link or node failure along the path to the destination. The exist…
Stars: ✭ 84 (+42.37%)
Mutual labels:  cisco
cisco-cheatsheet
A Cisco Cheatsheet: Commands and Snippets for bootstrapping, boilerplate, configuration, and hardening of Cisco routers and switches.
Stars: ✭ 66 (+11.86%)
Mutual labels:  cisco
DirectFire Converter
DirectFire Firewall Converter - Network Security, Next-Generation Firewall Configuration Conversion, Firewall Syntax Translation and Firewall Migration Tool - supports Cisco ASA, Fortinet FortiGate (FortiOS), Juniper SRX (JunOS), SSG / Netscreen (ScreenOS) and WatchGuard (support for further devices in development). Similar to FortiConverter, Sm…
Stars: ✭ 34 (-42.37%)
Mutual labels:  cisco
sastre
Automation Tools for Cisco SD-WAN Powered by Viptela
Stars: ✭ 43 (-27.12%)
Mutual labels:  cisco
Network-Automation
Cisco ACI, Firepower, Meraki, NETCONF, and SQL Python Programs
Stars: ✭ 47 (-20.34%)
Mutual labels:  cisco
pyats-sample-scripts
Various pyATS-based Test Automation Scripts
Stars: ✭ 79 (+33.9%)
Mutual labels:  cisco
easyucs
EasyUCS is a toolbox to help deploy, manage and document Cisco UCS devices
Stars: ✭ 28 (-52.54%)
Mutual labels:  cisco
View All Similar Projects ➔

TacoTaco

TacoTaco is a project about attacks on TACACS+ protocol.

  1. tac2cat.py - A converter of a TACACS+ packet to a format of the HashCat. The script helps you to extract a MD5_1 hash from a TACACS+ authentication packet. Then you can perform a local brute force attack on the MD5 hash and get a PSK.

Example:

  python tac2cat.py -t 1  -m "Password: " -p c0010200acf4c30b00000010c73c409532a4a80e58ba94391111e300

Where:

  -t 1 – 1 – SSH, 2 - Telnet
  -m "Password: " – a greeting message from a ssh service of a Cisco device
  -p – a hex stream of the second packet (TACACS+ layer) from the Wireshark.
  1. tacoflip.py is a script that you the opportunity to bypass authentication and authorization on a Cisco device that uses a TACACS+ server for AAA. You just need to perform a MitM attack on the Cisco device and the TACACS+ server (arp spoofing, for example)

Example:

  python tacoflip.py –t 192.168.0.100

Where 192.168.0.100 is an IP address of a TACACS+ server.

The video shows whole process of the attack: http://www.youtube.com/watch?v=HdTib8wftHA

Note! Because tacoflip.py works as TCP proxy, if TACACS server is located within different broadcast domain, you may want to use NAT in order to redirect intercepted TACACS communication to script listening on 0.0.0.0:49. Example commands:

iptables -t nat -A PREROUTING -p tcp --dport 49 -d <TACACS_SERVER> -j DNAT --to-destination <YOUR_IP>
iptables -t nat -A POSTROUTING -p tcp --dport 49 -s <YOUR_IP> -j SNAT --to <CISCO_TARGET>
  1. sample dir consists some examples: a router config, a tac_plus config and pcap files of authentication process (telnet, ssh).
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].