RE: NT snmp

From: adamat_private
Date: Mon Aug 06 2001 - 15:45:29 PDT

  • Next message: Dunlap, Terry J (US - Cincinnati): "PeopleSoft Vulnerabilities?"

    > :Target is an NT4 box with snmp setup with "Read/Create" 
    > permissions on one
    > :of the communities. I need to demonstrate that this is a bad 
    > idea, so im
    > :looking for a tool that will spoof the source address (to 
    > and
    > :send an snmp set. Any suggestions?
    > snmpwalk the following for usefull information for further 
    > compromising the machine. 
    Cant be done easily as they have "Accept SNMP traps from these hosts" set.
    That's why im looking for a SNMP set DoS, which will work with a spoofed
    address rather than reads which are useless without a reply. I'm not local
    so i cant sniff.
    > I haven't examined the NT write mib, but I'm sure there 
    > is a wonderland of exquisite horrors awaiting us in there. 
    Setting . (where is the interface number) to 2 turns
    off the interface ;-)  All i need is tool to spoof the source address. Could
    i write such a tool with Perl? (even if i suck at Perl?)
    This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
    Service. For more information on SecurityFocus' SIA service which
    automatically alerts you to the latest security vulnerabilities please see:

    This archive was generated by hypermail 2b30 : Tue Aug 07 2001 - 15:14:05 PDT