Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
How do I use SNMPcfgAdmin?
#1
I want to see if I can get results with this program in my area, but can someone tell me what it is I am looking for and how to use the information (if any) that may appear in the results window? I looked around and dont see any tutorials for this.
Reply
#2
SNMPcfg Admin was a great scanning app. But it's not pre-programmed (like fastsnmp is) with any OIDS..and is not for the Novice..You have to manually enter them and know what OID your ISP is using for what Traps on the Network Elements.You also need to put in the IP ranges and the community string (Try Public but Private does it all). But if you know what you are doing, it is definitely (IMO) the best SNMP scanning app.

I have used it to test weakness in the CMTS's current config and to see if I can throw a remote CM into "stupid mode" and rape it..

There is a tutorial used by the ISP Engineers that actually uses SNMPcfg ADMIN for vulnerability testing. I have that only for Comcast, WOW, RR NYC and RCN..

Your gonna have a hard time getting the OIDS needed
Knowledge=Power
Reply
#3
I can use this app no problem on my ISP with public oid, I get macs and config names. I tried both private strings found in cm.cfg and get nothing. Could someone share with me the way to discover the private string needed for SNMPcfgAdmin to search private oids? I have snmp walked modems in solarwinds mib browser, but do not see the private string show on public scan
Reply
#4
(07-03-2013, 05:13 AM)dishfear Wrote: I can use this app no problem on my ISP with public oid, I get macs and config names. I tried both private strings found in cm.cfg and get nothing. Could someone share with me the way to discover the private string needed for SNMPcfgAdmin to search private oids? I have snmp walked modems in solarwinds mib browser, but do not see the private string show on public scan

I seriously doubt that anyone is dumb enough to openly post how to snatch the private string. It is completely possible. of course, but it would do the community much more harm than good. Maybe someone will help you privately, you never know.
Reply
#5
Well, since you brought it up, it just so happened that the copy I got already had my local public string, and OID's entered along with some ranges that produced results but I don't know what to fully make of them. I do appreciate the fact that it differentiates between D2 and D3 modems though. Other than that, I see D3 modems with very low Max US and DS. Is that normal for a D3? The only thing I wish it had was the "class" column like supersnmp. That being said, i would also ,like to know the answers dishfear is seeking.
Reply
#6
Problem is you have almost no posts. your best bet is to network within the community. That is where you'll find current info as we all learned the hard way to stop posting ANYTHING that works. That's why most of the posts here are more about socializing than testing anymore. I'm going to direct you to Cisco.com to research docscis configuration files and how they are "configured" by the engineers. I'm not gonna post any links because what you seek is still openly posted there and we don't need to pinpoint the info so they can take it down...

I could be wrong, but I'm almost positive that your answer lies with Wireshark and some decryption skills. I don't need any of that for my methods but I KNOW it can be done with WS!
Reply
#7
I recognized you dishfear, from snatty's site. I hung at Hash, actually was SM there. under a different moniker of course. Seeing that you mentioned mili and r10x in the same sentence, I willing to bet you didn't like lance either... hahaha. I still talk to TDG
Reply
#8
this hobby has gone to shit. Very few who still CAN test are as dumb as me to even post anymore as the constant, neverending deluge of Freetards runs the real testers off for fear of getting PM'd to death with whiny, pleading pleas for "the fix" or even worse....for Jr's Magic Telnet Miniature Purple Unicorn spell of Might and Magic" as I like to call it now!!1 Hehe..


There are ways that so simple you'd fall out of your damn chair if you saw it work....For all of the many layers of available security there are still holes you could drive a Winnebago through. You have to take the posted methods as a very rough guide and know that they will not get you there anymore and think like an ISP Engineer from the headend. That's as much as I need to say.
Reply
#9
I have a pretty good idea of what you mean "simple". Im pretty shocked on what I have seen already here with very, very basic tools. I have found a few hints here and there in public, that leave me with many questions. Like I said though...one day at a time.


I think what I need more then anything is a bit of guidance in solarwinds. Its a massive program. I managed to get a few things to work with it. Doe's anyone maybe have a good vid on solarwinds usage? I found a few on youtube, they are more for sales then features
Reply
#10
Ive been looking around for a tutorial on snmpcfgadmin but with no luck, all i see is tutorials on how to hack a cable modem. I'm not interested in that, I just want to know how the program works and what Im looking at (especially is ABMJR likes that program!)


Ahaa ---> Lookie Here <---

And here are some Solarwinds Videos
Reply


Forum Jump:


Users browsing this thread: 7 Guest(s)