Network Vulnerability Scanning
Kali Linux provides tools that are capable of scanning network devices such as databases, routers, switches and protocols such as SNMP and SMB. Here are the most common tools below:
1. CISCO Analysis
CISCO devices are susceptible to a number of vulnerabilities that can be assessed with a couple of tools. When auditing routers, Kali Linux ships with the Cisco Auditing Tool (CAT), which can help an attacker or penetration tester identify vulnerabilities ranging from SNMP community strings to old CISCO bugs and default credentials that can be used to gain illegal access to the router.
To test our host on Kali, we executed the command below:
#CAT -h 192.168.67.73 -w lists/community -a lists/passwords -i
CAT proceeds to audit for default credentials and SNMP community strings as shown above.
2. SNMP Analysis
Kali Linux also allows attackers and pentesters to obtain information from hosts with the Simple Network Management Protocol (SNMP) protocol. This can be extremely vital in preparing further attacks targeting the host.
On our attacking machine, we executed the command below and were able to get a ton of information about our target.
As can be seen above, we were able to identify the ethernet card information, how long the system had been connected via that card, the host name and, as shown below, the number of network interfaces with their respective information.
ref-https://resources.infosecinstitute.com/topic/vulnerability-mapping-with-kali-linux/#:~:text=Vulnerability%20mapping%20is%20an%20activity,%2C%20however%2C%20the%20same%20thing.
Leave a Reply