Rooting CUCM7 & Giving BASH instead of the restricted CLI

1. Boot with gparted
2. cd /tmp
3. mkdir test
4. mount /dev/sda1 /tmp/test
5. chroot /dev/test /bin/bash
6. Change:

/etc/passwd:
root:x:0:0:root:/root:/sbin/nologin
admin:x:591:503::/home/admin:/usr/local/platform/bin/cliscript.sh

to:
root:x:0:0:root:/root:/bin/bash
admin:x:591:503::/home/admin:/bin/bash

/etc/shadow
root:!!:14657:0:99999:7:::

to:
root:$1$D2ISXWJF$urnCHPxcF20BUWWwvTZfX0:14657:0:99999:7:::

/etc/sudoers
add the Line for admin under the user privilege specification so that it looks like this:

# User privilege specification
root ALL=(ALL) ALL
admin ALL=(ALL) ALL

7. exit
8. cd /tmp
9. umount /tmp/test
10. umount /dev/sda1
11. reboot
12. login with admin and your password, you are in the bash shell, not in the cisco cli anymore
13. enter sudo su and your login password and you become root

c3560 Cheat

Hostname:
hostname test

Image Upgrade:
del /r /f flash:c3560-ipbase-mz.122-35.SE5
copy tftp://192.168.2.1/images/c3560-ipbasek9-mz.122-46.SE.bin flash:

del - File
rm - Folder

Boot with other Image:
boot system c3560-advipservicesk9-mz.122-46.SE.bin

Portfast (on dhcpd Problems):
spanning-tree portfast

Switchport with Vlan 10:
interface FastEthernet0/1
switchport access vlan 10
switchport mode access
description nativ
macro description NATIV
spanning-tree portfast

Description Vlan 10:
vlan 10 name testvlan

Trunkport:
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
ip dhcp snooping trust

DHCP Snooping:
Global Activate:
ip dhcp snooping vlan 1-4094
no ip dhcp snooping information option
ip dhcp snooping

Allow DHCP on Port:
ip dhcp snooping trust

ESXi Trunking:
ip dhcp snooping vlan 1-4094
no ip dhcp snooping information option
ip dhcp snooping

these are the vlans, one main, one “test” for the vm
vlan 1
name main
vlan 999
name test

normal client port
interface FastEthernet0/1
switchport access vlan 1
spanning-tree portfast

vm client port which does access vlan 999
interface FastEthernet0/3
switchport access vlan 999
spanning-tree portfast

vm server port, which does access normal vlan 1, and does trunk the rest
” ip dhcp snooping trust” means, that this port is allowed to answer dhcp requests
interface FastEthernet0/7
switchport trunk encapsulation dot1q
switchport trunk native vlan 1
switchport trunk allowed vlan 1,999
switchport mode trunk
ip dhcp snooping trust
end

Routing with c3560-advipservicesk9-mz.122-46.SE.bin:
( Every Net needs a own Vlan! )
( The Vlan Ip is the Gateway )

ip routing

interface FastEthernet0/1
switchport access vlan 2
switchport mode access

interface FastEthernet0/8
switchport access vlan 3
switchport mode access

interface Vlan2
ip address 134.96.10.1 255.255.255.0

interface Vlan3
ip address 192.168.2.1 255.255.255.0

c3560 DHCP Snooping

Global Activate:

ip dhcp snooping vlan 1-4094
no ip dhcp snooping information option
ip dhcp snooping

Allow DHCP on Port:

ip dhcp snooping trust

Using Spanningtree can cause Problems with DHCP, use portfast on Userside Ports, but NEVER on Trunk!