Cisco SNMP Script v-1.7 released : Automated Cisco SNMP Enumeration, Brute Force, Configuration Download and Password Cracking.
Cisc0wn – Cisco SNMP Script is a Cisco SNMP enumeration, brute force, config downloader and password cracking script.
Tested and designed to work against Cisco IOS Switches and Routers.
Change Version 1.7 – Syntax error causing bug when no enable secrets in config file corrected Version
– Checks SNMP is enabled on the route
– Brute forces the SNMP Read Only and Read Write community strings (can edit which wordlist it uses in script header)
– Enumerates information such as IOS version, hostname, Arp table, Routing table, interface list and IP addresses using the RO or RW community string.
– If RW community was found it will then download the router config automatically.
– It then searches and displays any enable or telnet passwords in clear text.
– If it finds Cisco type 7 encoded enable or telnet passwords it will auto decode them.
– It will display the Enable secret type 5 password and attempt to crack the MD5. It uses John first with its built in wordlist for speed. If this fails it will try and full crack.
Tested on Backtrack 5 and Kali.