• Stars
    star
    292
  • Rank 142,152 (Top 3 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created almost 10 years ago
  • Updated about 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Fast SNMP brute force, enumeration, CISCO config downloader and password cracking script.

SNMP Brute

SNMP brute force, enumeration, CISCO config downloader and password cracking script. Listens for any responses to the brute force community strings, effectively minimising wait time.

Requirements

  • metasploit
  • snmpwalk
  • snmpstat
  • john the ripper

Usage

python snmp-brute.py -t [IP]

Options

--help, -h show this help message and exit

--file=DICTIONARY, -f DICTIONARY Dictionary file

--target=IP, -t IP Host IP

--port=PORT, -p PORT SNMP port

Advanced

--rate=RATE, -r RATE Send rate

--timeout=TIMEOUT Wait time for UDP response (in seconds)

--delay=DELAY Wait time after all packets are send (in seconds)

--iplist=LFILE IP list file

--verbose, -v Verbose output

Automation

--bruteonly, -b Do not try to enumerate - only bruteforce

--auto, -a Non Interactive Mode

--no-colours No colour output

Operating Systems

--windows Enumerate Windows OIDs (snmpenum.pl)

--linux Enumerate Linux OIDs (snmpenum.pl)

--cisco Append extra Cisco OIDs (snmpenum.pl)

Alternative Options

--stdin, -s Read communities from stdin

--community=COMMUNITY, -c COMMUNITY Single Community String to use

--sploitego Sploitego's bruteforce method

Features

  • Brute forces both version 1 and version 2c SNMP community strings
  • Enumerates information for CISCO devices or if specified for Linux and Windows operating systems.
  • Identifies RW community strings
  • Tries to download the router config (metasploit module).
  • If the CISCO config file is downloaded, shows the plaintext passwords (metasploit module) and tries to crack hashed passords with John the Ripper

Credits

  • cisc0wn - github.com/nccgroup/cisco-SNMP-enumeration
  • sploitego project - github.com/allfro/sploitego/blob/master/src/sploitego/scapytools/snmp.py
  • snmpenum.pl script - by Filip Waeytens
  • metasploit - www.metasploit.com

More Repositories

1

sparta

Network Infrastructure Penetration Testing Tool
Python
1,614
star
2

Tunna

Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments.
Python
1,237
star
3

SharpWhispers

C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.
C#
100
star
4

DLL-Hollow-PoC

DLL Hollowing PoC - Remote and Self shellcode injection
C
69
star
5

SharpASM

SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections allocated by the CLR.
C#
57
star
6

sftp-exploit

OpenSSH <=6.6 SFTP misconfiguration universal exploit
Python
27
star
7

fixer

FIX (Financial Information eXchange) protocol fuzzer
Ruby
23
star
8

CVE-2017-3599

Proof of concept exploit for CVE-2017-3599
Python
23
star
9

proxyfuzz

Python
11
star
10

NimWhispers

Nim
9
star
11

CVE-2018-8941

D-Link DSL-3782 Code Execution (Proof of Concept)
8
star
12

Macro-Keystrokes

PoC of execution of commands on a Word macro, without the use of rundll32.exe and importation of kernel32 libraries such as CreateRemoteThread or CreateProcessA. This technique simply relies on sending keystrokes to the host.
7
star
13

SharpZip

C#
6
star
14

CVE-2021-37748

Python
5
star
15

AWS-Cognito-Finder

AWS Cognito Finder Burp Suite Extension
Python
5
star
16

awsome-cis-checker

Python
4
star
17

CVE-2011-4107

phpMyAdmin 3.3.X and 3.4.X - Local File Inclusion
Ruby
4
star
18

WPTimeCapsulePOC

An authentication bypass was recently discovered (https://www.webarxsecurity.com/vulnerability-infinitewp-client-wp-time-capsule/) on WP Time Capsule < 1.21.16. This PoC proves how the issue works and how it can be exploited.
Python
4
star
19

CVE-2008-5416

Microsoft SQL Server sp_replwritetovarbin Memory Corruption via SQL Injection
3
star
20

Beacon2023

Slides from Beacon 2023 Conference
3
star
21

CVE-2008-1613

RedDot CMS versions 7.5 Build 7.5.0.48 and below full database enumeration exploit that takes advantage of a remote SQL injection vulnerability in ioRD.asp.
Python
2
star
22

SharpExtractor

SharpExtractor is a dotnet project that allows file extraction from file containers.
C#
1
star
23

CSS_exfiltration

Python
1
star
24

chrome-stale-pointer-POC

1
star
25

CVE-2011-3368

CVE-2011-3368 exploit code
Python
1
star
26

CVE-2018-1000082-exploit

1
star