Comments (5)
Are you being prompted for credentials after that output?
EDIT: Just re-read the issue and saw you put that information at the top.
Are you sure your company is using hostscan? I don't see any indication that it's in use based off those details.
from hostscan-bypass.
Is there any other scan?
What I've also noticed is that when I just connect with AnyConnect the scan is run after I put my credentials in. So it's a 3-step process: 1) Login and establish a connection 2) Run the scan 3) If success then grant the network access.
from hostscan-bypass.
Interesting. That does not appear to be hostscan, which explains why the bypass isn't working for you. That looks like a separate feature built into AnyConnect. I'm sure it's possible to spoof the results of the scan after you connect but I don't have an environment with that capability enabled for development.
If you're looking to try and do that I'd recommend authenticating using a TCP proxy and see what the traffic looks like after it connects. It might be something as simple as a POST request to the ASA with a successful result.
from hostscan-bypass.
I tried that. The only way the authentication works via proxy is with the -c config.json and without the -s option. But then all the traffic is encrypted and unreadable :(
from hostscan-bypass.
In this particular case I can't be of much help. I'd need to have access to the machine to see if it's a control or proxy error.
I'm here if you end up going down the rabbit hole and want someone to bounce ideas off of though!
from hostscan-bypass.
Related Issues (17)
- unexpected EOF when running hostscan-bypass HOT 1
- Login denied (multiple issues) HOT 3
- Connection is good, but never stops to write the bypass HOT 2
- AnyConnect client doesn't want to connect to Hostscan Bypass script HOT 9
- How to run it on Windows 10 PC? HOT 9
- Unable to connect into my server using AnyConnect HOT 4
- On MacOS EOF is never triggered - Potential fix HOT 2
- tls: failed to parse private key HOT 5
- How to forward the certificate validation request. HOT 1
- Does this issue have a CVE? HOT 2
- tls: handshake failure issue HOT 1
- Possible protocol change HOT 6
- OS X Troubleshooting HOT 47
- RSA token with hostscan bypass HOT 3
- Doesn't work with TLS_RSA_WITH_AES_256_CBC_SHA256 cipher HOT 16
- Getting the below error HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hostscan-bypass.