hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
GovernmentSecurity.org > System Security > Networking Security / Firewall / IDS / VPN / Routers
myth
Feb 18 2005, 04:19 AM
http://www.securiteam.com/tools/5EP0F1FEUA.html

Another great link supplied to us by SecuriTeam, if your not on their mailing list, then you really should be

www.arhont.com/cisco-torch-0.2b.tar.bz2 <- thats the link, on their site it doesnt work, but you can see where they f'ked it up...

Myself and _SerhaT_ both had problems when trying to run it, if you have similar problems (Cant find a bunch of .pm) post the problem, and if its the same, its a easy solution ... usually.

Anywayz, the program scans for common vulnerabilites in the Cisco Routers

CODE
glitch:/home/brad/Desktop/hackz/cisco/cisco-torch-0.2b# ./cisco-torch.pl
Using config file torch.conf... version 0.2b
usage: ./cisco-torch.pl <options> <IP,hostname,network>

or: ./cisco-torch.pl <options> -F <hostlist>

Available options:
-O <output file>
-A              All fingerprint scan types combined
-t              Cisco Telnetd scan
-s              Cisco SSHd scan
-u              Cisco SNMP scan
-n              NTP fingerprinting scan
-j              ***Not implemented*** TFTP file bruteforce scan
-l <type>       loglevel
                 c  critical (default)
                 v  verbose
                 d  debug
-w              Cisco Webserver scan
-z              Cisco IOS HTTP Authorization Vulnerability Scan
-c              Cisco Webserver with SSL support scan
-b              Password dictionary attack (use with -s, -u, -c -w or -t only)
-V              Print tool version and exit

examples:       ./cisco-torch.pl -A 10.10.0.0/16
               ./cisco-torch.pl -s -b -F sshtocheck.txt
glitch:/home/brad/Desktop/hackz/cisco/cisco-torch-0.2b#
as0l0
Feb 18 2005, 05:31 AM
this could be very handy, i'll give it a rip.

is this functionality replicated in nessus?
myth
Feb 18 2005, 11:50 AM
I would have no idea....

Havent got nessus working on nix yet, some listening error, or something, will look later...

But i'd assume nessus should have something, its not like those vulnerabilites arent known, or are 0-days
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.