SeeYouCM Thief
Simple tool to automatically download and parse configuration files from Cisco phone systems searching for SSH credentials
Usage
Sometimes the CUCM server supplys a list of hostnames. Without specifying a phone IP address the script will attempt to download every config in the listing.
./thief.py -H <Cisco CUCM Server> [--verbose]
OR
if that doesnt work try using the --phone setting which will parse the web interface for the CUCM address and will do a reverse lookup for other phones in the same subnet.
./thief.py --phone <Cisco IP Phoner> [--verbose]
OR
if that doesnt work you can specify a subnet to scan with reverse lookups using
./thief.py --subnet <subnet to scan> [--verbose]
Setup
python3 -m pip install -r requirements.txt
Docker
docker build . -t name thief:latest
docker run thief:latest