Few days ago (when I was working on new version of 'enlil' scanner) I started my mini-internal-pentest related to VM (v5.8.6 afaik) with preinstalled NagiosXI. Below you'll find new notes about it. Here we go...
Today we'll start here:
As we'll talk about postauth bug (again;)) - let's start from running 2 VM's. In my case it was:
- Kali Linux VM (with: $nc -lvvp 4444 -n)
- NagiosXI VM (5.8.6).
If all is ready - we can prepare our (snmp) trap (case should be already known for those who are familiar with Nagios-Security-related-news):
Let's try to set a 'trap using snmp' and check if we're able to receive an interactive shell in 2nd window:
- 'targeted tests' (like this one - for NagiosXI ) are available (commercially)
only for request.
(Other/similar modules will be provided with new enlil release.)
See you soon.
Brak komentarzy:
Prześlij komentarz