02-21-2016 02:02 PM
Below is a script I wrote that changes the guest SSID on my Cisco access point to always tell the current time. It also changes the pre-shared key every time the script runs. There is no way to connect using guest SSID. It is just a way to have fun with the neighbors and visitors. Feel free to use and share!
##################
event manager applet ssid-clock
event timer watchdog name ssid-clock-timer time 30
action 0.00 cli command "enable"
action 0.01 cli command "configure terminal"
action 1.00 cli command "do sho run | sec dot11 ssid CurrentTimeIs"
action 1.01 regexp "[A-Z0-9][A-Z0-9][A-Z0-9][A-Z0-9][A-Z0-9][A-Z0-9][A-Z0-9][A-Z0-9][A-Z0-9][A-Z0-9][A-Z0-9][A-Z0-9][A-Z0-9][A-Z0-9][A-Z0-9][A-Z0-9]" "$_cli_result" key
action 2.00 cli command "do show run | inc dot11 ssid CurrentTimeIs[0-9]"
action 2.01 gets $_cli_result
action 2.02 cli command "no $_cli_result"
action 2.03 cli command "do show run | inc ^ssid CurrentTimeIs[0-9]"
action 2.04 gets $_cli_result
action 2.05 cli command "interface Dot11Radio0/1/0"
action 2.06 cli command "no $_cli_result"
action 2.07 cli command "exit"
action 3.00 cli command "do show clock"
action 3.01 gets $_cli_result
action 3.02 regexp "[0-9][0-9]" "$_cli_result" hours
action 3.03 cli command "do show clock"
action 3.04 gets $_cli_result
action 3.05 regexp ":[0-9][0-9]" "$_cli_result" minutes
action 3.06 gets $minutes
action 3.07 regexp "[0-9][0-9]" "$minutes" minutes
action 4.00 cli command "configure terminal"
action 4.01 cli command "dot11 ssid CurrentTimeIs$hours$minutes"
action 4.02 cli command "wpa-psk ascii $key"
action 4.03 cli command "guest-mode"
action 4.04 cli command "exit"
action 4.05 cli command "interface Dot11Radio0/1/0"
action 4.06 cli command "ssid CurrentTimeIs$hours$minutes"
action 4.07 cli command "exit"
action 5.00 exit
##################
02-22-2016 01:03 PM
Nice EEM learning exercise. Though I suppose one could predict the next SSID and key and be ready for it :-).
In any event, can you redo this as a Document in this forum? Thanks.
02-22-2016 02:08 PM
It would definitely be reasonable to predict, especially if the attacker had knowledge of how many characters of the previous encrypted key were used for the next key and the limited number of possible character values.
For this script to work as is, a couple lines of config should be in place to match what the EEM script looks for. This seeds the $key value needed for it to work correctly. Otherwise you run into the "chicken or the egg" problem.
I've recreated this as a document. Let me know if you'd like this discussion removed.
Thanks,
Ian
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide