Friday, March 23, 2007

Hydra and Cisco Torch

Ok, tried dictionary attacks, brute forcing and fingerprinting a Cisco router today. The tools used are THC hydra and Cisco Torch. The password is hard to guess, that is why hydra couldnt picked it up nor Cisco Torch. I must admit that hydra is such a wonderful tool to have, it fast and waste no time. On the other hand cisco torch is slower, but still gets the job done. p0f is a tool used for passive and active fingerprinting. I would say i would love to use a third tool (SinFP) to actually double verify the IOS version and device running. Unfortunately, SinFP crashed on my machine and i did not probe further.

Well, the command to the tools are:

Nmap: nmap -sV -A -P0 -O -vvv -sS 127.0.0.1

hydra: I prefer to use the GTK

p0f: Because i did a pssive fingerprinting, so i actually save a pcap file first using wireshark and use p0f to run over it. So the command is:
p0f -s cisco.pcap -V -A
The -A is to acutally see the SYN/ACK packet return from the router.

SinFP: sinfp.pl -ai 127.0.0.1 -p 23

Cisco torch: ./cisco-torch.pl -t -b 127.0.0.1

I am going to write a methodology on enumerating VoIP soon, so stay tune.

2 comments:

Unknown said...

The holidays are a time ed hardy of getting together with friends ed hardy shoes and family, attending elaborate ed hardy clothing parties, and other exciting events ed hardy clothes that involves dressing up in stunning ed hardy store wardrobes. If you ed hardy Bikini are pregnant during ed hardy swimsuits the holidays, it does not ed hardy Caps mean that you are unable buy ed hardy to look fabulous and ed hardy swimwear stylish. Now, an expectant ed hardy sale mother has many styles of chic ed hardy glasses maternity clothing that allows cheap ed hardy her to show off her baby bump Christian audigier while looking spectacular.

Unknown said...

Sabong Ayam