Vulnerability Development mailing list archives
Re: Router worm exploiting poor SNMP security.
From: nsc () ERIS DERA GOV UK
Date: Wed, 13 Dec 2000 15:58:48 +0000
[snip]
Let's say I write a little program, or batch script that starts by taking advantage of this. - This little script takes a look at which snmp communities are stored in the router MIB and write this to a file. - Next step is to look for other routers nearby by looking at my routing table, ospf neighbours etc. - Then my script checks to see if any of the communities it found, are read/write on any nearby routers by sending a SNMP packet. - If a read/write community is found. It uploads the list of known communities and itself to the nearby router. Then execute the script on that router.
can you execute scripts on routers via snmp writes? I thought this required console access. Also can you upload files via snmp writes? I would be very surprised if you could.... The only way I could think of doing it is placing the payload in the configuration 'script' and reconfiguring via snmp and rebooting forcing a re-configure via tftp or whatever, this may be noticed. I don't know whether this would work i.e. how powerful the configuration 'script' can be. regards, Nathan -- N.Catlow () eris dera gov uk | All opinions | IT Security, DERA, | are my own and | WWB009, St Andrews Rd, | not DERA's | Malvern, Worcs, England. *I'd love to give my 0.02 worth - Have you got change for a dollar?*
Current thread:
- Router worm exploiting poor SNMP security. Lars Nygård (Dec 13)
- Re: Router worm exploiting poor SNMP security. J Edgar Hoover (Dec 15)
- Re: Router worm exploiting poor SNMP security. Bill Pennington (Dec 15)
- Re: Router worm exploiting poor SNMP security. Dragos Ruiu (Dec 15)
- Re: Router worm exploiting poor SNMP security. nsc (Dec 15)
- Re: Router worm exploiting poor SNMP security. Lincoln Yeoh (Dec 15)
- Re: Router worm exploiting poor SNMP security. Ralph Moonen (Dec 15)
- <Possible follow-ups>
- Re: Router worm exploiting poor SNMP security. M ixter (Dec 15)
- Re: Router worm exploiting poor SNMP security. Jose Nazario (Dec 15)
- Re: Router worm exploiting poor SNMP security. Lars Nygård (Dec 15)
- Re: Router worm exploiting poor SNMP security. N Catlow (Dec 15)
- Re: Router worm exploiting poor SNMP security. J Edgar Hoover (Dec 15)
- Re: Router worm exploiting poor SNMP security. Charles C. Lindsay (Dec 16)
- Message not available
- Re: Router worm exploiting poor SNMP security. Ralph Moonen (Dec 17)
- Re: Router worm exploiting poor SNMP security. Joe Shaw (Dec 18)