5NMP - SNMP scanner/bruteforcer
Background:
SNMP is the Simple Network Management Protocol. It is used by many if not most companies to manage and monitor their infrastructure. It is also often overlooked in terms of security and underestimated as an attack vector.
RFC1157.
Components:
The program is a GUI program, written in c#, so you'll need the .NET framework (3.5) and it will only work in MS Windows (Mono and Windows GUI components are a pain to make compatible for now).
It uses 2 DLL's that were written from scratch: the hacking.snmp and hacking.bruteforce.dll. These components were written from scratch. The SNMP dll is not complete yet but whenever the author finds time it will be extended to support bulkget and extended ASN parsing, so enumeration will become possible as well as SET actions. You will also need to provide a dictionary for dictionary attacks. A very small one is included.
Generic usage:
The interface should be intuitive enough.
Use the slider to increase or decrease scanning speed. This is important to get accurate results. On a LAN the slider can be set to maximum speed. Behind a Natted broadband connection, caution is advised.
Devices such as ADSL modems aren't capable to deal with the large amount of packets and nat connections they generate. The program uses non-blocking udp sockets and a listener for answers, which makes it quite fast.
You can also set the destination port for devices which listen on non-standard ports (not 161) and set the listening port to make sure the packets get back ok in case of firewalls.
For optimal speed, turn off verbosity, errors and reverse lookups (only in case of maximum speed on a LAN).
Results can be saved in XML for further processing and loaded back.
Support && Bugs:
There probably are bugs. Just report them to my email address which can be found on this site.
Download: 5NMP.tar.gz
MD5: codito.de/remote-exploit-md5/5nmp.txt
Author: Filip Waeytens
SCREENSHOT:
reference:remote-exploit.org
SNMP is the Simple Network Management Protocol. It is used by many if not most companies to manage and monitor their infrastructure. It is also often overlooked in terms of security and underestimated as an attack vector.
RFC1157.
Components:
The program is a GUI program, written in c#, so you'll need the .NET framework (3.5) and it will only work in MS Windows (Mono and Windows GUI components are a pain to make compatible for now).
It uses 2 DLL's that were written from scratch: the hacking.snmp and hacking.bruteforce.dll. These components were written from scratch. The SNMP dll is not complete yet but whenever the author finds time it will be extended to support bulkget and extended ASN parsing, so enumeration will become possible as well as SET actions. You will also need to provide a dictionary for dictionary attacks. A very small one is included.
Generic usage:
The interface should be intuitive enough.
Use the slider to increase or decrease scanning speed. This is important to get accurate results. On a LAN the slider can be set to maximum speed. Behind a Natted broadband connection, caution is advised.
Devices such as ADSL modems aren't capable to deal with the large amount of packets and nat connections they generate. The program uses non-blocking udp sockets and a listener for answers, which makes it quite fast.
You can also set the destination port for devices which listen on non-standard ports (not 161) and set the listening port to make sure the packets get back ok in case of firewalls.
For optimal speed, turn off verbosity, errors and reverse lookups (only in case of maximum speed on a LAN).
Results can be saved in XML for further processing and loaded back.
Support && Bugs:
There probably are bugs. Just report them to my email address which can be found on this site.
Download: 5NMP.tar.gz
MD5: codito.de/remote-exploit-md5/5nmp.txt
Author: Filip Waeytens
SCREENSHOT:
reference:remote-exploit.org
0 komentar: