SNMP Brute - Fast SNMP brute force, enumeration, CISCO config downloader and password cracking script
SNMP brute force, enumeration, CISCO config downloader and password cracking script. Listens for any responses to the brute force community strings, effectively minimising wait time.
Requirements
- metasploit
- snmpwalk
- snmpstat
- john the ripper
Usage
python snmp-brute.py -t [IP]
Options
--help, -h show this help message and exit
--file=DICTIONARY, -f DICTIONARY Dictionary file
--target=IP, -t IP Host IP
--port=PORT, -p PORT SNMP port
Advanced
--rate=RATE, -r RATE Send rate
--timeout=TIMEOUT Wait time for UDP response (in seconds)
--delay=DELAY Wait time after all packets are send (in seconds)
--iplist=LFILE IP list file
--verbose, -v Verbose output
Automation
--bruteonly, -b Do not try to enumerate - only bruteforce
--auto, -a Non Interactive Mode
--no-colours No colour output
Operating Systems
--windows Enumerate Windows OIDs (snmpenum.pl)
--linux Enumerate Linux OIDs (snmpenum.pl)
--cisco Append extra Cisco OIDs (snmpenum.pl)
Alternative Options
--stdin, -s Read communities from stdin
--community=COMMUNITY, -c COMMUNITY Single Community String to use
--sploitego Sploitego's bruteforce method
Features
- Brute forces both version 1 and version 2c SNMP community strings
- Enumerates information for CISCO devices or if specified for Linux and Windows operating systems.
- Identifies RW community strings
- Tries to download the router config (metasploit module).
- If the CISCO config file is downloaded, shows the plaintext passwords (metasploit module) and tries to crack hashed passords with John the Ripper
0 comments: