Penetration Testing mailing list archives
Re: Sonic Wall .exp format?
From: zach () thegiezens com
Date: Wed, 19 Aug 2009 13:12:13 -0700
Hello All: Yes they are Base64 files. SW does this because they use the SAME format in the management interface from the Global Management System so wen to connect to a remote appliance you can push a new config file. GMS actually takes an xml document and translates it into an .exp file before uploading it to the remote appliance in the GMS interface in the unit. Again this can be easly addressed by doing the fallowing: 1. Obtaining a base .exp file for the intended appliance 2. Decode a COPY of that file. 3. run the output decode file through a script php,perl,python,etc. to read the key value pairs into a 2D array. 4. Make your changes to the array. 5. run script to convert the array into a flat file (no CR or LF [one big line of stuff]) 6. re-encode the file and rename it to a .exp Please, Please, Please Pay attention to ALL mac address values in your file as you will bork your unit if to take a base file from unit A and modify it and send it to Unit B. Trust me I have deployed over 500 units this way, you don't want to loose communications with your units in Australia because you didn't set the MAC address correctly. :-) Hope this helps. ~cfman
I found a few .exp files by googling and decoded them. They are indeed base64 and in this format: option1=off&addr1=0.0.0.0&someotheroption=on&someotheroption1=true etc... No line terminators. On Tue, Aug 18, 2009 at 16:48, Ben Greenfield<bcg () struxural com> wrote:Is anyone familiar with the Sonic Wall .exp format? I've done some Google searches, and it sounds like it's just a base 64 encoded plain text file. I have a Sonic Wall config in plain text that I'd like to convert to the .exp format, without access to the Sonic Wall device itself. I'd like to feed the .exp file to a tool that expects the .exp format. I took the plain text file and stripped out the newline characters with awk and then base 64 encoded that with openssl, but I have the feeling that some important formatting is being lost (or that the .exp format maybe isn't base64). Has anyone got a good method for converting a plain text Sonic Wall config into a .exp without losing that formatting? ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Sonic Wall .exp format? Ben Greenfield (Aug 18)
- Re: Sonic Wall .exp format? J. Oquendo (Aug 19)
- RE: Sonic Wall .exp format? Girish R (Aug 19)
- Re: Sonic Wall .exp format? Matt (Aug 19)
- Re: Sonic Wall .exp format? zach (Aug 19)