Wednesday, May 4, 2011

onesixtyone

Network Mapping -> Identify Live Hosts -> onesixtyone

onesixtyone is an SNMP scanner, which trues to find the community strings with brute force method. It sends requests as fast as it can, by default every 10ms.

We can give a wordlist as an input, but if it has a word which contains more than 16 characters, we get a "Community string too long" error. However it accepts longer, if providing a string for the command directly.

onesixtyone 0.3.2 [options] <host> <community>
-c <communityfile> file with community names to try
-i <inputfile> file with target hosts
-o <outputfile> output log
-d debug mode, use twice for more information

-w n wait n milliseconds (1/1000 of a second) between sending 
packets (default 10)
-q quiet mode, do not print log to stdout, use with -l
examples: ./s -c dict.txt 192.168.4.1 public
./s -c dict.txt -i hosts -o my.log -w 100

root@bt:~# onesixtyone 192.168.1.10
Scanning 1 hosts, 2 communities
192.168.1.10 [public] Cisco IOS Software, 3700 Software (C3745-ADVENTERPRISEK9-M
), Version 12.4(15)T4, RELEASE SOFTWARE (fc2) Technical Support: http://www.cis
co.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Thu
13-Mar-08 07:50 by prod_rel_team
192.168.1.10 [private] Cisco IOS Software, 3700 Software (C3745-ADVENTERPRISEK9-
M), Version 12.4(15)T4, RELEASE SOFTWARE (fc2) Technical Support: http://www.ci
sco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Th
u 13-Mar-08 07:50 by prod_rel_team
root@bt:~# onesixtyone -c /root/mylist 192.168.1.10
 
192.168.1.10 [public] Cisco IOS Software, 3700 Software (C3745-ADVENTERPRISEK9-M
), Version 12.4(15)T4, RELEASE SOFTWARE (fc2) Technical Support: http://www.cis
co.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Thu
13-Mar-08 07:50 by prod_rel_team
192.168.1.10 [private] Cisco IOS Software, 3700 Software (C3745-ADVENTERPRISEK9-
M), Version 12.4(15)T4, RELEASE SOFTWARE (fc2) Technical Support: http://www.ci
sco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Th
u 13-Mar-08 07:50 by prod_rel_team

Official website: http://www.phreedom.org/solar/onesixtyone/

No comments: