Metasploit mailing list archives
Re: SNMP testing
From: Spring Systems <korund () hotmail com>
Date: Tue, 28 Sep 2010 17:42:09 +0000
SNMP Scanner, sure, check port 161. If scan with nmap UBR's private IP address range 10.xxx.xxx.xxx on a cable system out off the sub-net , nmap doesn't show anything, report show no open ports or device is offile. The scanning on cable system is possible only from inside the sub-net? All devices is online and have 80 port open, there is web-interface. Subject: Re: [framework] SNMP testing From: carlos_perez () darkoperator com Date: Tue, 28 Sep 2010 10:18:43 -0400 CC: hviniciusg () gmail com; framework () spool metasploit com To: korund () hotmail com did you UDP Scan for port 161? if not present then SNMP is not enabled, to enable SNMP the service must be install by the server administrator and configured with a community string. On Sep 28, 2010, at 10:04 AM, Spring Systems wrote:I scanned node with standalone SNMP Scanner utility, it doesn't return anything: does this mean SNMP is just disabled or this mean that community string changed from default string to another string? If SNMP just disabled, is it possible to use a DoS attack, like Buffer Overflow Attacks, SYN attack, Teadrop Attack, Smurf attack, which should cause rebooting and enabling snmp? Regards, Date: Tue, 28 Sep 2010 08:40:29 -0400 Subject: Re: [framework] SNMP testing From: hviniciusg () gmail com To: korund () hotmail com CC: framework () spool metasploit com On Tue, Sep 28, 2010 at 6:30 AM, Spring Systems <korund () hotmail com> wrote: Is there still possibility to exploit/test SNMP devices with Metasploit if SNMP is disabled on target devices If the SNMP service is disabled, then you could not exploit anithing , or if community string changed from default "public" to another string? If the community string is changed, there are several tools to "brute force" the community string, but it makes a lot of noise, and there are some devices that will block you when there are several failed attempts, but if this is a last resort option, then i think you should doit, or leave this test to the end of the audit process. Regards, Hugo Vinicius Garcia Razera _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Advanced Format String Attacks Paul Haas (Sep 27)
- SNMP testing Spring Systems (Sep 28)
- Re: SNMP testing Hugo Vinicius Garcia Razera (Sep 28)
- Re: SNMP testing Spring Systems (Sep 28)
- Re: SNMP testing Carlos Perez (Sep 28)
- Re: SNMP testing Spring Systems (Sep 28)
- Re: SNMP testing HD Moore (Sep 28)
- Re: SNMP testing Kruno Cicmir - Java (Sep 28)
- Re: SNMP testing Spring Systems (Sep 29)
- Re: SNMP testing Pete Smith (Sep 29)
- Re: SNMP testing Spring Systems (Sep 29)
- Re: SNMP testing Matt Gardenghi (Sep 29)
- Re: SNMP testing Hugo Vinicius Garcia Razera (Sep 28)
- SNMP testing Spring Systems (Sep 28)
- Re: SNMP testing AK (Sep 29)