Automatically generate OpenConnect CSD

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



In some cases hostscan can be looking for the existence of specific
registry keys or software. Without the correct values the connection
may be rejected. On the other hand, failure to provide the correct
values may result in a successful connection but could result in being
placed in a restricted vlan. It really comes down to how the
administrators configured hostscan. If you find yourself in a scenario
where the static CSD files (such as the one you linked) are not
allowing you to connect then you will need to MITM the correct values
from an AnyConnect client.

That's where hostscan-bypass comes in handy!

On Fri, Aug 17, 2018 at 3:10 PM Daniel Lenski <dlenski at gmail.com> wrote:
>
> On Fri, Aug 17, 2018 at 7:14 AM, Corey Gilks <coreygilks at gmail.com> wrote:
> > All,
> >
> > I'm not certain if this is the appropriate place for this- if not I
> > apologize! I was doing some research on generating openconnect CSD
> > files and stumbled upon this discussion:
> >
> > http://lists.infradead.org/pipermail/openconnect-devel/2015-January/002544.html
> >
> > I wanted to let everyone know that I have automated this process. It's
> > now possible to automatically generate openconnect CSD files in order
> > to bypass the Cisco hostscan requirement. Even if the organization is
> > not publishing binaries for your specific OS you can still connect.
> > You can find the project here:
> >
> > https://github.com/Gilks/hostscan-bypass
> >
> > I realize this isn't really a question but I wanted to notify the
> > openconnect dev team in case someone asks this again in the future!
> >
>
> Very nice! I wish I had known that other people had MITM'ed the
> (incredibly dumb) CSD/hostscan binaries? I had literally wasted weeks
> trying to work around broken Linux and Windows hostscan binaries.
>
> David Woodhouse recently added a static spoofer script to openconnect:
> http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/6eb0a6e3c4e8ae160154a4039a150c4d6a97b7ca
>
> It's basically a version of what your hostscan-bypass does, but with
> pre-filled-in values. Seems to get the job done on the Cisco VPNs that
> require it? is there any advantage to using a customized version,
> other than simply to be more honest in what you're reporting to the
> server?



[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux