Penetration Testing mailing list archives
Re: Physical ports in IOS
From: "Eagle Fire" <tlecuauhtli () googlemail com>
Date: Thu, 15 Jun 2006 16:34:21 +0100
It appears that you are in a 6500 in hybrid OS as some said. You are in the MSFC, in other words in the router of the 6500. Do a "show cdp n" and look for the supervisor engine on L2 (the switch). If it has an IP, try to telnet and access it. If you can, type show cam <your_mac_address> It works in IOS 6500 to check switch commands, but I do not know if it works in hybrid. Type "remote command switch show cam <your_mac_address>" To know your mac address if you have the IP in the router type: show ip arp <your_ip> To know your IP if you know your MAC show ip arp <your_mac> If you are remotly connected, do a trace to know what is the previous hop. Check for mac and then for port. -tlec P.D. Si necesitas mas ayuda avisame. On 14/06/06, Eduardo Espina <eduardomx () gmail com> wrote:
Rkraus, You're right, that's exactly what I'm looking for, the problem is, I don't see the "show mac-address-table" command anywhere. I think the device is configured as Dan Bogda wrote, in hybrid mode. I do have the enable password, so it isn't a privileges issue. I think I would change my approach to exploit the device, another scenario would be to enable the VLAN where I'm plugged to be a multi-VLAN so I can force the traffic to route through my linux box (with ARP cache poisoning). Do anyone know if is it possible to enable the original VLAN to get traffic from other VLAN? without knowing the physical port where I'm plugged? Greets, Eduardo. On 14 Jun 2006 13:31:54 -0000, rkraus () telcomtex net <rkraus () telcomtex net> wrote: > Eduardo, > > > I fi understand you correctly you want to find out what port you have access > to on the Cisco switch. > > > If you issue the command: > > sh ip arp - you whould see a list of macs, vlans, IP addresses. > > > Then you can issue the command: > > sh mac-address-table - and you will see the mac address and what port it is > associated to. > > > After doing this I now see that my computer is plugged into physical port > FastEthernet 0/9. > > > Is this what you were looking for? > > ------------------------------------------------------------------------------ > This List Sponsored by: Cenzic > > Concerned about Web Application Security? > Why not go with the #1 solution - Cenzic, the only one to win the Analyst's > Choice Award from eWeek. As attacks through web applications continue to > rise, > you need to proactively protect your applications from hackers. Cenzic has > the > most comprehensive solutions to meet your application security penetration > testing and vulnerability management needs. You have an option to go with a > managed service (Cenzic ClickToSecure) or an enterprise software > (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can > help you: http://www.cenzic.com/news_events/wpappsec.php > And, now for a limited time we can do a FREE audit for you to confirm your > results from other product. Contact us at request () cenzic com for details. > ------------------------------------------------------------------------------ > > ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
------------------------------------------------------------------------------ This List Sponsored by: CenzicConcerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------
Current thread:
- Physical ports in IOS Eduardo Espina (Jun 13)
- Re: Physical ports in IOS John Kinsella (Jun 14)
- <Possible follow-ups>
- RE: Physical ports in IOS Dan Bogda (Jun 14)
- Re: Physical ports in IOS lion nagar (Jun 14)
- RE: Physical ports in IOS Dixon, Wayne (Jun 14)
- Re: Physical ports in IOS luthor (Jun 14)
- Re: Physical ports in IOS rkraus (Jun 14)
- Re: Physical ports in IOS Eduardo Espina (Jun 14)
- Re: Physical ports in IOS Eagle Fire (Jun 15)
- Re: Physical ports in IOS Eduardo Espina (Jun 14)
- RE: Physical ports in IOS Dan Bogda (Jun 14)
- RE: Physical ports in IOS Luis Gutierrez (Jun 14)
- Re: Physical ports in IOS Eduardo Espina (Jun 14)
- Re: Physical ports in IOS Francois Labreque (Jun 15)
- Re: Physical ports in IOS Eduardo Espina (Jun 15)
- Re: Physical ports in IOS Eduardo Espina (Jun 14)
- RE: Physical ports in IOS Ramsdell, Scott (Jun 15)
- RE: Physical ports in IOS Dan Bogda (Jun 16)
- Re: Physical ports in IOS Eduardo Espina (Jun 16)