Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: NT snmp

Re: NT snmp

From: batz <batsy_at_vapour.net>
Date: Mon, 6 Aug 2001 11:49:24 -0400 (EDT)

On Sat, 4 Aug 2001 adam_at_jaftan.com.au wrote:

:Target is an NT4 box with snmp setup with "Read/Create" permissions on one
:of the communities. I need to demonstrate that this is a bad idea, so im
:looking for a tool that will spoof the source address (to 127.0.0.1) and
:send an snmp set. Any suggestions?

snmpwalk the following for usefull information for further compromising
the machine. I haven't examined the NT write mib, but I'm sure there
is a wonderland of exquisite horrors awaiting us in there.

The following mibs should be walked on any NT system to ascertain
 the data named above them.

Will it route?
ip.ipForwarding.0

name.
system.sysName.0

IP services.
enterprises.232.11.2.6.1.1.2.

Walk this for User ID's and other things.
The best of these to walk is:
enterprises.77.1.2.25.1.1

 walk this for processes
enterprises.232.11.2.6.1.1.2

Cheers 

--
batz
Reluctant Ninja
Defective Technologies
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on Aug 07 2001
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos