GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → SalimHaddou → snmp0wn-md5

SalimHaddou / snmp0wn-md5

Licence: GPL-3.0 License
Bash script to bruteforce snmpv3 authentication passwords using MD5 (usmHMACMD5AuthProtocol)

Programming Languages

shell
77523 projects

Labels

bruteforcecrackingsnmpv3

Projects that are alternatives of or similar to snmp0wn-md5

SuperHackerTool5000
A tool that will hack literally anything on the planet. If you get your hands on this tool, be ready to get put behind bars.
Stars: ✭ 31 (+14.81%)
Mutual labels:  bruteforce, cracking
BruteSploit
BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p
Stars: ✭ 26 (-3.7%)
Mutual labels:  bruteforce, cracking
smtplib-bruteforce
bruteforcing gmail (TLS/SSL)
Stars: ✭ 26 (-3.7%)
Mutual labels:  bruteforce, cracking
Socialbox Termux
SocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ] , Coded By Belahsan Ouerghi Edit By init__0 for termux on android
Stars: ✭ 324 (+1100%)
Mutual labels:  bruteforce, cracking
Ethaddrgen
Custom Ethereum vanity address generator made in Rust
Stars: ✭ 84 (+211.11%)
Mutual labels:  bruteforce, cracking
Jwtcat
A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.
Stars: ✭ 181 (+570.37%)
Mutual labels:  bruteforce, cracking
Bitcoin-Stealer
Generate random bitcoin wallets, private keys (seeds) and then check if they match a wallet that contains some kind of balance, and then take it. Node.js
Stars: ✭ 61 (+125.93%)
Mutual labels:  bruteforce, cracking
Plutus
An automated bitcoin wallet collider that brute forces random wallet addresses
Stars: ✭ 404 (+1396.3%)
Mutual labels:  bruteforce, cracking
Wssh
WSSH Is a tool for brute forcing servers that has port 22 open via ssh, wssh is probably the fastest ssh brute forcer available
Stars: ✭ 21 (-22.22%)
Mutual labels:  bruteforce, cracking
Zydra
Stars: ✭ 178 (+559.26%)
Mutual labels:  bruteforce, cracking
password-list
Password lists with top passwords to optimize bruteforce attacks
Stars: ✭ 174 (+544.44%)
Mutual labels:  bruteforce, cracking
pdfcrack
An Advanced tool to Crack Any Password Protected PDF file. A very user friendly script especially for noob hackers.
Stars: ✭ 46 (+70.37%)
Mutual labels:  cracking
Bitcoin-wallet-cracker
Automated Bitcoin wallet generator that with mnemonic and passphrases bruteforces wallet addresses
Stars: ✭ 140 (+418.52%)
Mutual labels:  bruteforce
trj
Execute any command in other's computer using a trojan horse coded and compiled in C. Just for educational purpose.
Stars: ✭ 21 (-22.22%)
Mutual labels:  cracking
Btcbf
Bitcoin private key brute force tool, written in python. Also can be used as a bitcoin wallet generator.
Stars: ✭ 91 (+237.04%)
Mutual labels:  bruteforce
Webspoilt
This script will you help to find the information about the website and to help in penetrating testing
Stars: ✭ 34 (+25.93%)
Mutual labels:  bruteforce
common-substr
Simple tool to extract the most common substrings from an input text. Built for password cracking.
Stars: ✭ 56 (+107.41%)
Mutual labels:  cracking
AnonCracker
A single tool to bruteforce pdf , zip and hashes very super fast tool developed with python3
Stars: ✭ 36 (+33.33%)
Mutual labels:  bruteforce
Xylitol-MASM32-snippets
MASM32 Code collection for reverse engineers
Stars: ✭ 119 (+340.74%)
Mutual labels:  cracking
FCommunity
multi Checkers (Hma/Hulu/Spotify/Call of duty/Instagram/smtp2go/VyprVpn) in One Tool Named FCommunity
Stars: ✭ 26 (-3.7%)
Mutual labels:  cracking
View All Similar Projects ➔

snmp0wn-md5

Bash script to bruteforce snmpv3 authentication passwords using MD5 (usmHMACMD5AuthProtocol)

Great article on the vulnerability and exploit by @0x0ff (in French) : https://www.0x0ff.info/2013/snmpv3-authentification/

Pre-requisites

  • Read RFC3414 => https://tools.ietf.org/html/rfc3414

  • Download a good dictionary (one is included for demo - dico.txt).

  • Install bc - An arbitrary precision calculator language

    • On Debian: sudo apt-get install bc

  • Get a packet capture of snmpv3 traffic using Auth MD5

  • Reset the below variables to match your packet capture

    • "msgAuthoritativeEngineID"="your hex stream here"
    • "msgAuthenticationParameters"="your hex stream here"
    • "msgWhole="your hex stream here"
      • msgWhole represents your whole snmpv3 payload where you substitute msgAuthenticationParameters with 12 \x00 bytes (aka 24 zeroes).
# "msgAuthoritativeEngineID" (SNMP Agent ID)
msgAuthoritativeEngineID=""

# "msgAuthenticationParameters" (Controls authenticity and message integrity)
msgAuthenticationParameters=""

# "msgWhole" (SNMPv3 whole message where msgAuthenticationParameters value is being replaced 12 \x00 bytes
# Before: msgWhole=".....b92621f4a93d1bf9738cd5bd....."
# After: msgWhole=".....000000000000000000000000....."
msgWhole=""

You can easily copy paste your extracted hex streams from Wireshark, they do no contain escape \x nor use the 0x annotation.

How to run

./snmp0wn-md5.sh

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].