Penetration Testing mailing list archives
RE: NT snmp
From: adam () jaftan com au
Date: Tue, 7 Aug 2001 08:45:29 +1000
:Target is an NT4 box with snmp setup with "Read/Create" permissions on one :of the communities. I need to demonstrate that this is a bad idea, so im :looking for a tool that will spoof the source address (to 127.0.0.1) and :send an snmp set. Any suggestions? snmpwalk the following for usefull information for further compromising the machine.
Cant be done easily as they have "Accept SNMP traps from these hosts" set. That's why im looking for a SNMP set DoS, which will work with a spoofed address rather than reads which are useless without a reply. I'm not local so i cant sniff.
I haven't examined the NT write mib, but I'm sure there is a wonderland of exquisite horrors awaiting us in there.
Setting .1.3.6.1.2.1.2.2.1.7.x (where is the interface number) to 2 turns off the interface ;-) All i need is tool to spoof the source address. Could i write such a tool with Perl? (even if i suck at Perl?) Adam ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- NT snmp adam (Aug 05)
- Re: NT snmp batz (Aug 07)
- <Possible follow-ups>
- RE: NT snmp adam (Aug 07)