Re: Mapping a network

Forget about scapy or the cisco perl scripts. Use dynamips and get
your own virtual router running on their network.
But if passive interface is enabled, you're pretty screwed attempting
route injection from that vantage point in the network.
I would probably resort to arp spoofing to client side browser pwnage
and trying to escalate that way.

On Tue, Sep 22, 2009 at 10:05 AM, Lee <ler762@xxxxxxxxx> wrote:
On 9/22/09, Zack Payton <zpayton@xxxxxxxxx> wrote:
Very nice idea.  counter: SNMP string just for the NMS, access list
allowing just the NMS to use that string and uRPF enabled on all user

Generally they won't have passive-interface enabled.  Hint: dynamips
-> route injection.
Bypass all ip filtering.

And if they're using eigrp and passive-interface is enabled?

I got a perl script for attacking eigrp from a hacking cisco web site,
but everything seems to depend on establishing an adjacency first.  As
far as I can tell, the neighbor has to be on the same subnet & eigrp
won't establish an adjacency if the interface is passive, so it seems
like route injection is blocked.  Is there some way around


This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

Relevant Pages