Penetration Testing mailing list archives

Re: NT snmp

From: batz <batsy () vapour net>
Date: Mon, 6 Aug 2001 11:49:24 -0400 (EDT)

On Sat, 4 Aug 2001 adam () jaftan com au wrote:

:Target is an NT4 box with snmp setup with "Read/Create" permissions on one
:of the communities. I need to demonstrate that this is a bad idea, so im
:looking for a tool that will spoof the source address (to 127.0.0.1) and
:send an snmp set. Any suggestions?

snmpwalk the following for usefull information for further compromising
the machine. I haven't examined the NT write mib, but I'm sure there 
is a wonderland of exquisite horrors awaiting us in there. 

The following mibs should be walked on any NT system to ascertain 
 the data named above them.

Will it route? 
ip.ipForwarding.0

name.
system.sysName.0

IP services. 
enterprises.232.11.2.6.1.1.2. 


Walk this for User ID's and other things.
The best of these to walk is:
enterprises.77.1.2.25.1.1

 walk this for processes 
enterprises.232.11.2.6.1.1.2


Cheers

--
batz
Reluctant Ninja
Defective Technologies


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

NT snmp adam (Aug 05)
- Re: NT snmp batz (Aug 07)
- <Possible follow-ups>
- RE: NT snmp adam (Aug 07)