Penetration Testing mailing list archives

Re: Physical ports in IOS

From: "Eagle Fire" <tlecuauhtli () googlemail com>
Date: Thu, 15 Jun 2006 16:34:21 +0100

  It appears that you are in a 6500 in hybrid OS as some said. You
are in the MSFC, in other words in the router of the 6500. Do a "show
cdp n" and look for the supervisor engine on L2 (the switch). If it
has an IP, try to telnet and access it. If you can, type

show cam <your_mac_address>

  It works in IOS 6500 to check switch commands, but I do not know if
it works in hybrid. Type "remote command switch show cam
<your_mac_address>"

  To know your mac address if you have the IP in the router type:

show ip arp <your_ip>

  To know your IP if you know your MAC

show ip arp <your_mac>

  If you are remotly connected, do a trace to know what is the
previous hop. Check for mac and then for port.

-tlec

P.D. Si necesitas mas ayuda avisame.

On 14/06/06, Eduardo Espina <eduardomx () gmail com> wrote:

Rkraus,

You're right, that's exactly what I'm looking for, the problem is, I
don't see the "show mac-address-table" command anywhere. I think the
device is configured as Dan Bogda wrote, in hybrid mode. I do have the
enable password, so it isn't a privileges issue.

I think I would change my approach to exploit the device, another
scenario would be to enable the VLAN where I'm plugged to be a
multi-VLAN so I can force the traffic to   route through my linux box
(with ARP cache poisoning).  Do anyone know if is it possible to
enable the original VLAN to get traffic from other VLAN? without
knowing the physical port where I'm plugged?

Greets,
Eduardo.

On 14 Jun 2006 13:31:54 -0000, rkraus () telcomtex net
<rkraus () telcomtex net> wrote:
> Eduardo,
>
>
> I fi understand you correctly you want to find out what port you have access
> to on the Cisco switch.
>
>
> If you issue the command:
>
> sh ip arp - you whould see a list of macs, vlans, IP addresses.
>
>
> Then you can issue the command:
>
> sh mac-address-table - and you will see the mac address and what port it is
> associated to.
>
>
> After doing this I now see that my computer is plugged into physical port
> FastEthernet 0/9.
>
>
> Is this what you were looking for?
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
> Choice Award from eWeek. As attacks through web applications continue to
> rise,
> you need to proactively protect your applications from hackers. Cenzic has
> the
> most comprehensive solutions to meet your application security penetration
> testing and vulnerability management needs. You have an option to go with a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request () cenzic com for details.
> ------------------------------------------------------------------------------
>
>

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?Why not go with the #1 solution - Cenzic, the only one to win the Analyst'sChoice Award from eWeek. As attacks through web applications continue to rise,you need to proactively protect your applications from hackers. Cenzic has themost comprehensive solutions to meet your application security penetrationtesting and vulnerability management needs. You have an option to go with amanaged service (Cenzic ClickToSecure) or an enterprise software(Cenzic Hailstorm). Download FREE whitepaper on how a managed service canhelp you: http://www.cenzic.com/news_events/wpappsec.phpAnd, now for a limited time we can do a FREE audit for you to confirm yourresults from other product. Contact us at request () cenzic com for details.

------------------------------------------------------------------------------

Current thread:

Physical ports in IOS Eduardo Espina (Jun 13)
- Re: Physical ports in IOS John Kinsella (Jun 14)
- <Possible follow-ups>
- RE: Physical ports in IOS Dan Bogda (Jun 14)
  - Re: Physical ports in IOS lion nagar (Jun 14)
  - RE: Physical ports in IOS Dixon, Wayne (Jun 14)
- Re: Physical ports in IOS luthor (Jun 14)
- Re: Physical ports in IOS rkraus (Jun 14)
  - Re: Physical ports in IOS Eduardo Espina (Jun 14)
    - Re: Physical ports in IOS Eagle Fire (Jun 15)
- RE: Physical ports in IOS Dan Bogda (Jun 14)
- RE: Physical ports in IOS Luis Gutierrez (Jun 14)
  - Re: Physical ports in IOS Eduardo Espina (Jun 14)
    - Re: Physical ports in IOS Francois Labreque (Jun 15)
    - Re: Physical ports in IOS Eduardo Espina (Jun 15)
- RE: Physical ports in IOS Ramsdell, Scott (Jun 15)
- RE: Physical ports in IOS Dan Bogda (Jun 16)
  - Re: Physical ports in IOS Eduardo Espina (Jun 16)