86
◾
Ethical Hacking and Penetration Testing Guide
As you can see, it has many tools
related to network discovery, monitoring, and SNMP, which a
hacker can use to his advantage.
SNMP Sweep
Under
network discovery, you would find a very interesting tool named “SNMP sweep.” This tool
could be used to gather information about the devices running on your network. More impor-
tantly, when
I ran a scan against my LAN, it managed to find the community string of a device
running SNMP.
SNMP Brute Force and Dictionary
Under the “Security” tab, it also has SNMP brute force and SNMP
dictionary attack tools to
guess weak passwords. I would not recommend SNMP brute force, since it tries all possible com-
binations, which takes a long time. However, an SNMP dictionary tool allows you to specify a
dictionary, which will be used against an SNMP server in order to guess valid credentials.
SNMP Brute Force Tool
This tool is very simple to use. Just enter the host, and it will try to brute-force the passwords
with all possible combinations. The problem with the brute force tool is that it is both time- and
resource consuming if the password is long. Therefore, it’s not recommended in most cases.
