[New Tool] NexusTaco v1.0 SNMP Scanner Cisco Nexus Switches (CVE-2014-3341)

NexusTaco is a snmp scanner that can be used both for internal testing and external testing to assess Cisco Nexus switches (all models).

There are many snmp scanners and brute forcers this was made for just completeness. It has the following features:

• Finds Nexus switches specifically since they seem to reply to bogus community strings
• Bruteforces Vlan ID’s which can be used for Vlan hopping / double tagging attacks without a community incase #3 doesn’t come through (useful for internal tests)

Bruteforces snmp community strings To find the following:

• System uptime
• Configured networks (leverage more ground)
• Files and folders
• VTP secret and password ( can be cracked since its md5 and might be the telnet login password if exists or used somewhere else)

Once a write community string is found the running configuration file will be send to your set ip in argv[2]. You need to configure a tftp server like solar winds’s one or something.

More Information:

• Cisco NX-OS Software SNMP Information Disclosure Vulnerability

[button size=large style=round color=red align=none url=https://github.com/ehabhussein/snmpvlan]Download NexusTaco v1.0[/button]

Thanks to Ehab Hussein, for sharing this tool with us. 😉