Information Security

cisco-auditing-tool – Backtrack 5 – Vulnerability Assessment – Network Assessment – Cisco Tools – cisco-auditing-tool

The cisco-auditing-tool located in the Backtrack menu ( Backtrack > Vulnerability Assessment > Network Assessment > Cisco Tools ) is written in Perl and accomplishes three tasks which include attempting to brute force the telnet password on a Cisco device if telnet is running, attempting to show the iOS history on the Cisco device using a vulnerability which I believe is from the late 90’s, and attempting to brute force the SNMP community strings for the device. The tool is fairly outdated as most Cisco devices in corporate networks should now be using SSH and it would seem surprising unless you are doing an internal audit if SNMP was exposed for any Cisco devices still in service. That being said there is definitely still value if you have a ton of Cisco devices to audit you can feed a list of IP’s or hostnames into the script and check basic SNMP community strings and telnet passwords.

Code Snippets

Backtrack cisco-auditing-tool Additional Enable Password Confirmation Added

When using the cisco-auditing-tool script located in the Backtrack Linux menu ( Backtrack > Vulnerability Assessment > Network Assessment > Cisco Tools ) I was getting an error even though I was sure one of the passwords I had in the wordlist was accurate. After some troubleshooting I was able to figure out that the script checked for a non-privileged account on the Cisco device but if the account was actually a privileged account which is also known as an enable account it would crash because it never received the response it expected. I added a couple lines of code and now the cisco-auditing-tool Perl script will provide confirmation of lower level accounts on a Cisco device as well as enable level accounts on a Cisco device. Below I describe the error message output when the cisco-auditing-tool Perl script was crashing followed by the code update to provide Cisco enable level password auditing.

Information Security

readpst – Backtrack 5 – Forensics – Forensics Analysis Tools – readpst

We have had a couple requests to write a post about readpst which is included in the default path of Backtrack 5 and also located in the Backtrack menu underneath Forensics/Forensics Analysis Tools. The readpst application will read PST files which are also known as Microsoft Outlook Personal Folders and convert them to mbox, MH, or KMail formats. There are various other switches that can be used to output each email into a separate file, include attachments, modify contact formats, be recursive, etc. I will explain basic functionality below along with a couple of the formats and various switches.

Technology Insights

Not enough random bytes available. Please do some other work to give the OS a chance to collect more entropy! (Need 283 more bytes)

When working to create a GPG key to sign some RPM packages I was building I ran into a message I had never seen before. I was building the RPM packages on an older server with not a lot of power which I am assuming contributed to my issue. The error is noted below but basically means you need to generate a lot of random bytes which are used to create a unique key. Within the error it states that the computer needs to collect more entropy so below I explain the error in more detail, what entropy means, why more entropy is needed, and how to generate as much as possible in a short amount of time to finish generating the GPG key.

Code Snippets

Wordlist Menu Tool for Backtrack 4 Final

I get really sick of trying to remember all the commands I use to work with wordlists so I had some free time and decided to finally get it all in one place.  I started out just gathering all my notes in a text file but then I decided to code up a menu to make the commands easy to access. Normally I would keep something like this just for my own use since I doubt any one would want it but I decided to release it anyway.