Sunday, November 20, 2011

tftpbrute

Exploitation Tools -> Network Exploitation Tools -> Cisco Attacks

tftpbrute is a fast TFTP file search tool. It can scan a server on multiple threads based on a predefined list, and if it finds a match, it prints it to the screen.

192.168.80.129 is a Cisco router, where I run the "tftp-server nvram:startup-config" command. This filename exists on the tftpbrute's default word list, so we can find it:

root@bt:/pentest/cisco/tftp-bruteforce# ./tftpbrute.pl 192.168.80.129 brutefile.txt

The result:


More information:

http://tools.securitytube.net/index.php?title=TFTP-Bruteforce

There is a similar tool in Metasploit as well:

http://www.offensive-security.com/metasploit-unleashed/TFTP_TFTPBrute

No comments: