Search code examples
decodetelnetcisco

telnet client response how to decode it

telnet client response how to decode it

I think it is a specific response as all cisco servers have the same response . What is the name of this text and how do I decrypt it

'\xff\xfb\x01\xff\xfb\x03\xff\xfd\x18\xff\xfd\x1f'

import socket
import sys

HOST = 'xxx.xxx.xxx.xxx'   # this is my cisco server ip 
PORT = 23
import socket
import gzip
s = socket.socket()
#Connecting using telnet
s.connect((HOST,23))
a = s.recv(10000)
print(str(a))
#'\xff\xfb\x01\xff\xfb\x03\xff\xfd\x18\xff\xfd\x1f'
Solution

  • RFC-854 explains the protocol frames, each frame contains options that are maintained on this IANA page.

    The byte stream "\xff\xfb\x01\xff\xfb\x03\xff\xfd\x18\xff\xfd\x1f" is made of 4 commands:

    First command:

    • ff: Start a command
    • fb: Indicates the desire to begin performing
    • 01: ECHO mode

    Second command:

    • ff: Start of a command
    • fb: Indicates the desire to begin performing
    • 03: GO-AHEAD mode: TCP is a full duplex transport protocol, so the Cisco router asks not to use the GO-AHEAD character that is only useful on half duplex links

    Third command:

    • ff: Start of a command
    • fd: Indicates the request that the other party perform
    • 18: terminal type

    Last command:

    • ff: Start of a command
    • fd: Indicates the request that the other party perform
    • 1f: Negotiate About Window Size

    Therefore, your Cisco server said:

    • I will echo the characters I receive from you
    • Do not use the half duplex mode, we do not need this
    • Send me your terminal type
    • Start negotiating the window size with me

    You must read RFC-854 and IANA page to parse the response.