hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
GovernmentSecurity.org > The Archives > General Network Security
SeNSeMaNN
Jun 10 2004, 08:22 AM
hi

just scanned my webserver to find holes and i found Snmp password. is there any opportunity to get a shell or something like that with this pwd ?! what to do with it, or how to secure it ?! what is snmp ? samme with DNS Support IQUERY ?! ;o(

mfg
B3T4
Jun 10 2004, 09:26 AM
LOL - are u sure u scanned UR webserver ? huh.gif

if so u should know what snmp is
SeNSeMaNN
Jun 10 2004, 09:35 AM
[Index]: "192.168.0.7"

[Snmp-Info]

Snmp-Password: ****
[Snmp-System-Info]:
sysDescr.0 = Hardware: x86 Family 6 Model 5 Stepping 1 AT/AT COMPATIBLE - Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free)
sysUpTime.0 = 9 Days, 14 Hours, 22 Minutes, 7 Seconds
sysContact.0 =
sysName.0 = ***-***
sysLocation.0 =
sysServices.0 = 76

...

yes it is MY webserver
B3T4
Jun 10 2004, 09:49 AM
QUOTE
The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of management information between network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth.


http://www.cisco.com/univercd/cc/td/doc/ci...to_doc/snmp.htm

how to change the password, i think that u need to change the password which u use to connect to ur router /switch
SeNSeMaNN
Jun 10 2004, 09:52 AM
hm, puhhhhh..... i thought that someone had the possibility to change something on my sys or get a shell through that hole...

my switch / router pwd is not the same....
B3T4
Jun 10 2004, 09:59 AM
there is a possibleity that u get hacked trough smnp. About the pass, dunno then, but if u know which pass it is, then change it...other then that i cant help u.
GAN_GR33N
Jun 10 2004, 10:49 PM
with snmp on a windows box (which this appears to be) you can get shares and user accounts just like netbios enumeration. so i suppose you could guess an admin password enable telnet and get a shell but snmp is only really deadly on cisco systems
tonikgin
Jun 29 2004, 07:43 AM
QUOTE
what is snmp ?



running processes you havent even heard of, and they are insecure? talk about security
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.