Kamis, 22 Maret 2007

Hydra and Cisco Torch

Ok, tried dictionary attacks, brute forcing and fingerprinting a Cisco router today. The tools used are THC hydra and Cisco Torch. The password is hard to guess, that is why hydra couldnt picked it up nor Cisco Torch. I must admit that hydra is such a wonderful tool to have, it fast and waste no time. On the other hand cisco torch is slower, but still gets the job done. p0f is a tool used for passive and active fingerprinting. I would say i would love to use a third tool (SinFP) to actually double verify the IOS version and device running. Unfortunately, SinFP crashed on my machine and i did not probe further.

Well, the command to the tools are:

Nmap: nmap -sV -A -P0 -O -vvv -sS 127.0.0.1

hydra: I prefer to use the GTK

p0f: Because i did a pssive fingerprinting, so i actually save a pcap file first using wireshark and use p0f to run over it. So the command is:
p0f -s cisco.pcap -V -A
The -A is to acutally see the SYN/ACK packet return from the router.

SinFP: sinfp.pl -ai 127.0.0.1 -p 23

Cisco torch: ./cisco-torch.pl -t -b 127.0.0.1

I am going to write a methodology on enumerating VoIP soon, so stay tune.

1 komentar:

  1. Hello, these sites give very interesting information about off-season camping, really like this information which is so much beneficial to us, keep sharing such kind of information, Thanks for sharing this type of information. download Argus Monitor

    BalasHapus