CSD use and impossible to connect (Linux)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, Jan 4, 2015 at 1:46 AM, Fromzy <fromzy at gmail.com> wrote:
> Thanks Kevin. Really valuable information.
> Unfortunately without help from server side, it's going to be nearly
> impossible to find the good CSD answer.
> And my company has put in place all these mechanism to force us to use the
> "corporate laptop". So they will not accept to explain me how to not use
> it...

I was in a similar situation, and used stunnel 3 + tcpflow to sniff
the CSD response.  Then I kept deleting items from the POST response
and narrowed it down to the bare minimum the gateway would accept.

You could also try mitmproxy although that never worked right for me.

My final result was as simple as:

#!/bin/bash

function run_curl
{
    curl \
        --insecure \
        --user-agent "AnyConnect Windows $ver" \
        --header "X-Transcend-Version: 1" \
        --header "X-Aggregate-Auth: 1" \
        --header "X-AnyConnect-Platform: $plat" \
        --cookie "sdesktop=$token" \
        "$@"
}

set -e

host=https://$CSD_HOSTNAME
plat=win
ver=3.1.00495
token=$CSD_TOKEN

run_curl --data-ascii @- "$host/+CSCOE+/sdesktop/scan.xml?reusebrowser=1" <<-END
endpoint.policy.location="corplaptop";
END

exit 0


The policy name will vary based on how the admins set things up.  You
can probably infer it from looking at
https://<HOSTNAME>/CACHE/sdesktop/data.xml

You may have to paste a bunch of extra stuff from the real CSD
response into the POST data.



[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux