+- Haxorware Forums (http://www.haxorware.com/forums)
+-- Forum: General (http://www.haxorware.com/forums/forumdisplay.php?fid=6)
+--- Forum: Modems (http://www.haxorware.com/forums/forumdisplay.php?fid=7)
+--- Thread: Many questions.... (/showthread.php?tid=3277)
Many questions.... - geoneo111 - 10-09-2014
Even though one might have the private string, can the ISP lock the SNMP manager so you can't scan?
I understand that the ISP can lock down the SNMP manager and only allow inquires from specific IP's and subnets. But if they don't do this, how else are they able to lock it down?
In a config file I see 4 strings, 2 public & 2 private. Two always stay the same and the other public and private seem to vary every so often. What is that about? Is the ISP implementing random strings for every modem? Another way of protecting SNMP for ISP? I've seen this before but It never interfered with my scanning.
My head is exploding...
RE: Many questions.... - modembricker - 11-09-2014
From what I understand, there is a different private string that is NOT visible in plain text (ie - the cfg file) I too am just starting to touch the surface on this. If you head over the SBH you will see a thread in the SNMP section regarding Bruteforcing the string. However, I believe you need to learn a little Linux to use the tool. So far no one has reported if it works or not, and if it does work, keep it quiet.
RE: Many questions.... - drewmerc - 11-09-2014
http://null-byte.wonderhowto.com/how-to/hack-like-pro-crack-private-public-snmp-passwords-using-onesixtyone-0150332/
unfortunately your unlikely to crack it with a dictionary attack, as the pass will not be a dictionary word as it'll be coded
luckily you can see how your isp codes there passes by looking at the config passes
RE: Many questions.... - newname - 11-09-2014
(11-09-2014, 08:27 PM)drewmerc Wrote: http://null-byte.wonderhowto.com/how-to/hack-like-pro-crack-private-public-snmp-passwords-using-onesixtyone-0150332/
unfortunately your unlikely to crack it with a dictionary attack, as the pass will not be a dictionary word as it'll be coded
luckily you can see how your isp codes there passes by looking at the config passes
what he means is:
Unfortunately you're unlikely to crack it with a dictionary attack, as the pass will not be a dictionary word as it will be coded.
Luckily you can see how your isp codes there passes by looking at the config passes.