Bugtraq mailing list archives
Re: cisco/ascend snmp config tool or exploit? -- Re: snmp problems still alive
From: lcamtuf () AGS PL (Michal Zalewski)
Date: Sun, 20 Feb 2000 20:11:23 +0100
Hmm, to keep you busy, here's brute-force spoofing scanner for writable snmp communities. Requires NetCat and snmp tools (like snmpget) to be installed. Scanning is mostly harmless - it tries to change system.sysContact.0 to 'null' using common default communities (according to securityfocus). Should be run as root. In addition to list of machines given in initial post, it is known to break some Cisco systems (but not recent IOSes, at least not in default configuration), most of 3com products (there was another writable community, which seems to be present everywhere, regardless of 'private', which is disabled by administrators sometimes), HP switches, printers, Ascend *DSL modems etc. Also, it should bypass most of stupid source IP address restrictions for accessing the community. Please use this tool to scan your network only. _______________________________________________________ Michal Zalewski * [lcamtuf () ags pl] <=> [AGS WAN SYSADM] [dione.ids.pl SYSADM] <-> [http://lcamtuf.na.export.pl] [+48 22 551 45 93] [+48 603 110 160] bash$ :(){ :|:&};: =-----=> God is real, unless declared integer. <=-----= <HR NOSHADE> <UL> <LI>TEXT/PLAIN attachment: nmpscan_ </UL>
Current thread:
- snmp problems still alive... Michal Zalewski (Feb 14)
- NetBSD Security Advisory 2000-001 Daniel Carosone (Feb 15)
- Re: snmp problems still alive... Gus Huber (Feb 15)
- cisco/ascend snmp config tool or exploit? -- Re: snmp problems still alive monti (Feb 17)
- Sun Internet Mail Server Michal Krzysztofowicz (Feb 19)
- flex license manager tempfile predictable name... sp00n (Feb 21)
- Re: flex license manager tempfile predictable name... Roelof JT Jonkman (Feb 22)
- Re: flex license manager tempfile predictable name... David Evans (Feb 23)
- cisco/ascend snmp config tool or exploit? -- Re: snmp problems still alive monti (Feb 17)
- FreeBSD Security Advisory: FreeBSD-SA-00:03.asmon Kris Kennaway (Feb 19)
- Re: cisco/ascend snmp config tool or exploit? -- Re: snmp problems still alive Michal Zalewski (Feb 20)
- Patch Available for "VM File Reading" Vulnerability Microsoft Product Security (Feb 19)
- Re: cisco/ascend snmp config tool or exploit? -- Re: snmp problems still alive Michal Zalewski (Feb 20)
- unused bit attack alert LigerTeam (Feb 21)
- A.L.E.R.T.: BigMailBox.com href tokens leave mailboxes open to control by a malicious site. Cancer Omega (Feb 21)
- Re: unused bit attack alert Jochen Bauer (Feb 22)
- Re: unused bit attack alert Carlos García Argos (Feb 22)
- Re: unused bit attack alert CyberPsychotic (Feb 22)
- Re: snmp problems still alive... Damir Rajnovic (Feb 17)