Vulnerability Analysis Using Kali LinuxVulnerability in system analyzed by penetration tester using different vulnerability testing and pentesting tools.Penetration tester pentest the system using vulnerability scanner and vulnerability assessment tools.
Perl script which scans cisco routers for common vulnerabilities.
Scan the host (-h 192.168.99.230) on port 23 (-p 23), using a password dictionary file (-a /usr/share/wordlists/nmap.lst):
root@kali:~# CAT -h 192.168.99.230 -p 23 -a /usr/share/wordlists/nmap.lst
Cisco Global Exploiter (CGE), is an advanced, simple and fast security testing tool.
Attack the target host (192.168.99.230) using the Cisco IOS HTTP Auth Vulnerability (3):
root@kali:~# cge.pl 192.168.99.230 3
Cisco Torch mass scanning, fingerprinting, and exploitation tool was written while working on the next edition of the “Hacking Exposed Cisco Networks”, since the tools available on the market could not meet our needs.
The main feature that makes Cisco-torch different from similar tools is the extensive use of forking to launch multiple scanning processes on the background for maximum scanning efficiency. Also, it uses several methods of application layer fingerprinting simultaneously, if needed. We wanted something fast to discover remote Cisco hosts running Telnet, SSH, Web, NTP and SNMP services and launch dictionary attacks against the services discovered.
Run all available scan types (-A) against the target IP address (192.168.99.202):
root@kali:~# cisco-torch -A 192.168.99.202
A mass Cisco scanning tool.
Attempt to exploit Cisco devices in the given IP range (192.168.99.200 192.168.99.202):
root@kali:~# cisco-ocs 192.168.99.200 192.168.99.202
Yersinia is a framework for performing layer 2 attacks. It is designed to take advantage of some weakeness in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Attacks for the following network protocols are implemented in this particular release:
- Spanning Tree Protocol (STP)
- Cisco Discovery Protocol (CDP)
- Dynamic Trunking Protocol (DTP)
- Dynamic Host Configuration Protocol (DHCP)
- Hot Standby Router Protocol (HSRP)
- Inter-Switch Link Protocol (ISL)
- VLAN Trunking Protocol (VTP)
How to perform DHCP DOS attack using yersinia in kali linux.1. Start terminal and type: yersinia-G (This will bring up the GUI of yersinia).
2. Now goto DHCP tab
3. Duble click on DHCP
4. Now ,Choose attack pop on your screen
5. Select sending DISCOVER packet
6. Click “ok”
- HTTP Method
- Encoding methods
- Redirect behavior
- HTTP Auth
- Sid Enumeration
- Passwords tests (common & dictionary)
- Enumerate Oracle version
- Enumerate account roles
- Enumerate account privileges
- Enumerate account hashes
- Enumerate audit information
- Enumerate password policies
- Enumerate database links