RE: NT snmp

[adam () jaftan com au]

> :Target is an NT4 box with snmp setup with "Read/Create" 
> permissions on one
> :of the communities. I need to demonstrate that this is a bad 
> idea, so im
> :looking for a tool that will spoof the source address (to 
> 127.0.0.1) and
> :send an snmp set. Any suggestions?
>
> snmpwalk the following for usefull information for further 
> compromising the machine. 

Cant be done easily as they have "Accept SNMP traps from these hosts" set.
That's why im looking for a SNMP set DoS, which will work with a spoofed
address rather than reads which are useless without a reply. I'm not local
so i cant sniff.

> I haven't examined the NT write mib, but I'm sure there 
> is a wonderland of exquisite horrors awaiting us in there. 

Setting .1.3.6.1.2.1.2.2.1.7.x (where is the interface number) to 2 turns
off the interface ;-)  All i need is tool to spoof the source address. Could
i write such a tool with Perl? (even if i suck at Perl?)

Adam

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/