8000 Further Improvements to password masking in powerconnect.rb from #1212 by clifcox · Pull Request #3405 · ytti/oxidized · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Further Improvements to password masking in powerconnect.rb from #1212 #3405

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Feb 19, 2025
Merged

Further Improvements to password masking in powerconnect.rb from #1212 #3405

merged 5 commits into from
Feb 19, 2025

Conversation

clifcox
Copy link
Contributor
@clifcox clifcox commented Feb 17, 2025
edited
Loading

In both the 3400 and 6200 series the previous regex would miss the following passwords:

password 123456789abcdef0123456789abcdef0 encrypted
enable password 123456789abcdef0123456789abcdef0 encrypted

This update changes the output From:

username "root" password <hidden> level 15 encrypted
username "foo" password <hidden> level 1 encrypted
line telnet
password 123456789abcdef0123456789abcdef0 encrypted
exit
[...]
enable password 123456789abcdef0123456789abcdef0 encrypted

To:

username "root" password <hidden> level 15 encrypted
username "foo" password <hidden> level 1 encrypted
line telnet
password <hidden> encrypted
exit
[...]
enable password <hidden> encrypted

It is a bit odd that Dell would choose to insert "level ##" in between password, and <secret>, but here is an example from a 3448: enable password level 15 123456789abcdef0123456789abcdef0 encrypted

Pre-Request Checklist

  • Passes rubocop code analysis (try rubocop --auto-correct)
  • Tests added or adapted (try rake test)
  • Changes are reflected in the documentation
  • User-visible changes appended to CHANGELOG.md

Description

Further improvements to #1212 and PR:
Skip the word 'encrypted' in Powerconnect password masking #1227

clifcox and others added 5 commits February 16, 2025 21:57
@clifcox
Further Improvements to password masking in powerconnect.rb from ytti…
ae14a11 
…#1212

In both the 3400 and 6200 series the previous regex would miss the following passwords:

password 123456789abcdef0123456789abcdef0 encrypted
enable password 123456789abcdef0123456789abcdef0 encrypted
@clifcox
Update CHANGELOG.md
ea86c65 
powerconnect: Hide enable, and line secrets
@clifcox
Merge branch 'ytti:master' into 1212-Improve_password_masking_in_powe…
d9e3b63 
…rconnect.rb
@clifcox
Update CHANGELOG.md
6fcbcc9 
powerconnect: Hide enable, and line secrets. Further Fixes ytti#1212 (#clifcox)
@robertcheramy
Fix Changelog
6650c8a
@robertcheramy robertcheramy merged commit 43e837a into ytti:master Feb 19, 2025
@clifcox clifcox deleted the 1212-Improve_password_masking_in_powerconnect.rb branch February 19, 2025 21:25
@syn-bit syn-bit mentioned this pull request Mar 11, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@clifcox @robertcheramy
0