Cisco SNMP
If you are interested in hacking career and hack the unhackable - we are hiring! (fluent polish written and spoken required).
Pentesting Cisco Networks
SNMP inafanya kazi kupitia UDP na bandari 161/UDP kwa ujumbe wa jumla na 162/UDP kwa ujumbe wa mtego. Protokali hii inategemea nyuzi za jamii, zinazofanya kazi kama nywila zinazowezesha mawasiliano kati ya wakala wa SNMP na seva. Nyuzi hizi ni muhimu kwani zinabainisha viwango vya ufikiaji, haswa kusoma tu (RO) au ruhusa za kusoma-kandika (RW). Njia maarufu ya shambulio kwa wapimaji ni kujaribu nguvu za nyuzi za jamii, lengo likiwa kuingia kwenye vifaa vya mtandao.
Chombo cha vitendo kwa ajili ya kutekeleza mashambulizi kama haya ya nguvu ni onesixtyone, ambacho kinahitaji orodha ya nyuzi za jamii zinazoweza kuwa na anwani za IP za malengo:
cisco_config_tftp
cisco_config_tftp
The Metasploit framework features the cisco_config_tftp
module, facilitating the extraction of device configurations, contingent upon acquiring an RW community string. Essential parameters for this operation include:
RW community string (COMMUNITY)
IP ya mshambuliaji (LHOST)
IP ya kifaa kilicholengwa (RHOSTS)
Njia ya marudio kwa ajili ya faili za usanidi (OUTPUTDIR)
Upon configuration, this module enables the download of device settings directly to a specified folder.
snmp_enum
snmp_enum
Another Metasploit module, snmp_enum
, specializes in gathering detailed hardware information. It operates with either type of community string and requires the target's IP address for successful execution:
References
Ikiwa unavutiwa na hacking career na kuweza kuvunja yasiyoweza kuvunjwa - tunatafuta wafanyakazi! (kuandika na kuzungumza kwa ufasaha Kiswahili kunahitajika).
Last updated