Who is smarter is right - Hacker Notes part 3 of 5

    In previous issues, I told the story of the failure of the championship in the computer club and the magical SysRq in Sunrise , from the first you can draw my motives and information about the real sources of these stories.
    So, we will not repeat ourselves, and I immediately proceed to the third ballad from the cycle, about the provider Gorbina, until I was finally blown away.

    My friend was connected to the local “home network” for several years when Gorbina came to his area.
    It so happened that the local network at that time had major communication problems, and he decided to connect to Gorbina in order to know everything in comparison.
    And I - went to visit him, pick up the disk, and at the same time evaluate the delights of the new provider.

    Imagine my surprise when ettercap managed to catch some kind of snmp-package, from which it was clear that the default snmp-community “private” someone in Gorbin decided not to change.

    It was possible to extinguish and raise ports, receive information on interfaces, a table of poppy addresses ...
    Looking ahead, I can say that you could even send a snmp request for the switch to upload its config to the tftp server.

    The first step is to build a network map, focusing on the data from the fdb table. After all, I did not want to accidentally cut myself off from the rest of the world.
    Within a few hours, the scale of the disaster became clear - 4 segments of 20 houses.
    How to put them all?

    The original solution was found - I damaged the original firmware for the switch, right in the binary editor. Hoping that the checksum matches, or the switch does not pay attention to it. I picked up a tftp server from a friend. And he began to send commands to the switch so that he would update this fake firmware from our server. From the third time - a ride! The switch picked up the firmware, and, apparently, did not get up anymore.

    Further, in a few hours, from the farthest "leaves" of our tree, to us, the root, all the switches of the Gorbin provider in the area of ​​my friend were "updated".
    The next 3 days, a friend watched a huge number of Humpback installers in the area with huge backpacks behind them.

    What do you think was in the backpacks? Right, new switches. The humpback is so powerful that in a few days it completely restored everything. And a friend continued to use it, in the end.

    In the next episodes, “the one who is smarter is right” can be expected: “a provider who forgot to delete the demo.php file from the standard spaw package” and “a small provincial provider and a thunderstorm to order”.

    Also popular now: