Check out Pentest Perfect Storm - Part 6 -"We love Cisco" for some SNMP RW awesomeness from Josh Wright. There are also a few auxiliary modules in Metasploit that allow you to take advantage of RW SNMP access.
PPS-6 here: http://www.willhackforsushi.com/?p=518 Cheers, Rob On Sat, Feb 11, 2012 at 12:53 PM, Larry Pesce <[email protected]> wrote: > Robin, I've had great success on tests with SNMP write strings during > some tests in the last year: > > 1. An external switch between external router and firewall with public > IP address form Netgear. App to manage was downloadable from form > Netgear for a 30 day free trial. Guess what the app allowed? Disable > port. Good bye internets. > > 2. Use to dump Cisco running config to my own TFTP server (with a good > portion of Cisco routers and switches). Once you have the config, all > sorts of things are possible - especially if they are still storing > passwords on the device in the clear or with type 7. With this easily > decoded passwords, you'd not be surprised how often they are re-used > across the org for all sorts of thing, including the rest of their Cisco > infrastructure. I use muts' script that I found here: > http://littlehacker.persiangig.com/cisco/copy-router-config.pl > (I think it also might be on BT5, but I'm not sure.) > > - L > > On 2/10/12 6:32 AM, Robin Wood wrote: > > Does anyone have any good information on using SNMP write strings that > > we find on tests? I'd always been told that you need clients for the > > specific application/device to properly use an SNMP write string to > > modify anything but I'm now questioning that as it doesn't feel right. > > > > It is the kind of thing I would only do with permission to demonstrate > > what can be done but would be useful to be able to show if asked. > > > > Robin > > _______________________________________________ > > Pauldotcom mailing list > > [email protected] > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > Main Web Site: http://pauldotcom.com > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
