This repository is deprecated; please follow the main search page or use the ‘Related code repos’ widget on the right side of the current page.

ios-iosxe-security-scanner

Python vulnerabilities scanner for cisco ios and iosxe

to use the script, download vuln_scanner command, NOTE: this command compatibile with linux OS only.
for other OS you can run the python script vuln_scanner.py (.e.apython3 vuln_scanner.py [OPTIONS])

example usage

1) scan single device:

advisory_scanner$ python3 vuln_scanner.py --host=192.168.1.10 --username=admin --password=admin
I0912 00:45:32.719982 139744992458560 vuln_scanner.py:44] scanner started
I0912 00:45:32.720139 139744992458560 vuln_scanner.py:46] scanning single host 192.168.1.10
I0912 00:45:33.147540 139744905295616 transport.py:1687] Connected (version 2.0, client Cisco-1.25)
I0912 00:45:34.427333 139744905295616 transport.py:1687] Authentication (password) successful!
AFFECTED DEVICES:
192.168.1.10:
cisco-sa-20180328-lldp(High)
cisco-sa-20170629-snmp(High)
cisco-sa-20170727-ospf(Medium)
cisco-sa-20170322-dhcpc(High)    
SCANNED DEVICES:
['192.168.1.10']

2) scan multiple devices using .conf file:

advisory_scanner$ python3 vuln_scanner.py --file=devices.conf
I0912 00:45:32.719982 139744992458560 vuln_scanner.py:44] scanner started
I0912 00:45:32.720139 139744992458560 vuln_scanner.py:46] scanning hosts in file devices.conf
I0912 00:45:33.147540 139744905295616 transport.py:1687] Connected (version 2.0, client Cisco-1.25)
I0912 00:45:34.427333 139744905295616 transport.py:1687] Authentication (password) successful!
AFFECTED DEVICES:
192.168.1.10:
cisco-sa-20180328-lldp(High)
cisco-sa-20170629-snmp(High)
cisco-sa-20170727-ospf(Medium)
cisco-sa-20170322-dhcpc(High)    
192.168.1.20:
isco-sa-20130801-lsaospf(Medium)
SCANNED DEVICES:
['192.168.1.10','192.168.1.20']

devices.conf file:

# ip,username,password
192.168.1.10,admin,admin
192.168.1.20,admin,admin
View code on GitHub

Code Exchange Community

Get help, share code, and collaborate with other developers in the Code Exchange community.View Community
Disclaimer:
Cisco provides Code Exchange for convenience and informational purposes only, with no support of any kind. This page contains information and links from third-party websites that are governed by their own separate terms. Reference to a project or contributor on this page does not imply any affiliation with or endorsement by Cisco.