| ||
In this chapter, we reviewed the black box penetration testing techniques against Cisco devices using SNMP and web server attacks as examples. The logic behind such an approach is to throw everything but the kitchen sink at the target. While in many cases all you can get employing such methodology is a DoS condition, sometimes real jewels , such as hidden SNMP communities or HTTP input validation flaws, are lurking beneath . And even if you accomplish only a DoS, don't worry. In the next chapter, we may just as well explain how to cross this gap between DoS and creating a proper exploit leading to the all-desired enable.
| ||