SNMP-Brute - Fast SNMP brute force, enumeration, CISCO config downloader and password cracking script
SNMP brute force, enumeration, CISCO config downloader and password cracking script. Listens for any responses to the brute force community strings, effectively minimising wait time.
Requirements
- metasploit
- snmpwalk
- snmpstat
- john the ripper
Usage
python snmp-brute.py -t [IP]
Options
--help, -h
show this help message and exit--file=DICTIONARY, -f DICTIONARY
Dictionary file--target=IP, -t IP
Host IP--port=PORT, -p PORT
SNMP portAdvanced
--rate=RATE, -r RATE
Send rate--timeout=TIMEOUT
Wait time for UDP response (in seconds)--delay=DELAY
Wait time after all packets are send (in seconds)--iplist=LFILE
IP list file--verbose, -v
Verbose outputAutomation
--bruteonly, -b
Do not try to enumerate - only bruteforce--auto, -a
Non Interactive Mode--no-colours
No colour outputOperating Systems
--windows
Enumerate Windows OIDs (snmpenum.pl)--linux
Enumerate Linux OIDs (snmpenum.pl)--cisco
Append extra Cisco OIDs (snmpenum.pl)Alternative Options
--stdin, -s
Read communities from stdin--community=COMMUNITY, -c COMMUNITY
Single Community String to use--sploitego
Sploitego's bruteforce methodFeatures
- Brute forces both version 1 and version 2c SNMP community strings
- Enumerates information for CISCO devices or if specified for Linux and Windows operating systems.
- Identifies RW community strings
- Tries to download the router config (metasploit module).
- If the CISCO config file is downloaded, shows the plaintext passwords (metasploit module) and tries to crack hashed passords with John the Ripper
Credits
- cisc0wn - github.com/nccgroup/cisco-SNMP-enumeration
- sploitego project - github.com/allfro/sploitego/blob/master/src/sploitego/scapytools/snmp.py
- snmpenum.pl script - by Filip Waeytens
- metasploit - www.metasploit.com
SNMP-Brute - Fast SNMP brute force, enumeration, CISCO config downloader and password cracking script
Reviewed by Zion3R
on
10:05 AM
Rating: