Metasploit mailing list archives
Re: SNMP testing
From: Spring Systems <korund () hotmail com>
Date: Tue, 28 Sep 2010 14:04:04 +0000
I scanned node with standalone SNMP Scanner utility, it doesn't return anything: does this mean SNMP is just disabled or this mean that community string changed from default string to another string? If SNMP just disabled, is it possible to use a DoS attack, like Buffer Overflow Attacks, SYN attack, Teadrop Attack, Smurf attack, which should cause rebooting and enabling snmp? Regards, Date: Tue, 28 Sep 2010 08:40:29 -0400 Subject: Re: [framework] SNMP testing From: hviniciusg () gmail com To: korund () hotmail com CC: framework () spool metasploit com On Tue, Sep 28, 2010 at 6:30 AM, Spring Systems <korund () hotmail com> wrote: Is there still possibility to exploit/test SNMP devices with Metasploit if SNMP is disabled on target devices If the SNMP service is disabled, then you could not exploit anithing , or if community string changed from default "public" to another string? If the community string is changed, there are several tools to "brute force" the community string, but it makes a lot of noise, and there are some devices that will block you when there are several failed attempts, but if this is a last resort option, then i think you should doit, or leave this test to the end of the audit process. Regards, Hugo Vinicius Garcia Razera
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Advanced Format String Attacks Paul Haas (Sep 27)
- SNMP testing Spring Systems (Sep 28)
- Re: SNMP testing Hugo Vinicius Garcia Razera (Sep 28)
- Re: SNMP testing Spring Systems (Sep 28)
- Re: SNMP testing Carlos Perez (Sep 28)
- Re: SNMP testing Spring Systems (Sep 28)
- Re: SNMP testing HD Moore (Sep 28)
- Re: SNMP testing Kruno Cicmir - Java (Sep 28)
- Re: SNMP testing Spring Systems (Sep 29)
- Re: SNMP testing Pete Smith (Sep 29)
- Re: SNMP testing Spring Systems (Sep 29)
- Re: SNMP testing Matt Gardenghi (Sep 29)
- Re: SNMP testing Hugo Vinicius Garcia Razera (Sep 28)
- SNMP testing Spring Systems (Sep 28)
- Re: SNMP testing AK (Sep 29)