From: Eagle Fire (tlecuauhtli@googlemail.com)
Date: Thu Jun 15 2006 - 11:34:21 EDT
It appears that you are in a 6500 in hybrid OS as some said. You
are in the MSFC, in other words in the router of the 6500. Do a "show
cdp n" and look for the supervisor engine on L2 (the switch). If it
has an IP, try to telnet and access it. If you can, type
show cam <your_mac_address>
It works in IOS 6500 to check switch commands, but I do not know if
it works in hybrid. Type "remote command switch show cam
<your_mac_address>"
To know your mac address if you have the IP in the router type:
show ip arp <your_ip>
To know your IP if you know your MAC
show ip arp <your_mac>
If you are remotly connected, do a trace to know what is the
previous hop. Check for mac and then for port.
-tlec
P.D. Si necesitas mas ayuda avisame.
On 14/06/06, Eduardo Espina <eduardomx@gmail.com> wrote:
> Rkraus,
>
> You're right, that's exactly what I'm looking for, the problem is, I
> don't see the "show mac-address-table" command anywhere. I think the
> device is configured as Dan Bogda wrote, in hybrid mode. I do have the
> enable password, so it isn't a privileges issue.
>
> I think I would change my approach to exploit the device, another
> scenario would be to enable the VLAN where I'm plugged to be a
> multi-VLAN so I can force the traffic to route through my linux box
> (with ARP cache poisoning). Do anyone know if is it possible to
> enable the original VLAN to get traffic from other VLAN? without
> knowing the physical port where I'm plugged?
>
> Greets,
> Eduardo.
>
> On 14 Jun 2006 13:31:54 -0000, rkraus@telcomtex.net
> <rkraus@telcomtex.net> wrote:
> > Eduardo,
> >
> >
> > I fi understand you correctly you want to find out what port you have access
> > to on the Cisco switch.
> >
> >
> > If you issue the command:
> >
> > sh ip arp - you whould see a list of macs, vlans, IP addresses.
> >
> >
> > Then you can issue the command:
> >
> > sh mac-address-table - and you will see the mac address and what port it is
> > associated to.
> >
> >
> > After doing this I now see that my computer is plugged into physical port
> > FastEthernet 0/9.
> >
> >
> > Is this what you were looking for?
> >
> > ------------------------------------------------------------------------------
> > This List Sponsored by: Cenzic
> >
> > Concerned about Web Application Security?
> > Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
> > Choice Award from eWeek. As attacks through web applications continue to
> > rise,
> > you need to proactively protect your applications from hackers. Cenzic has
> > the
> > most comprehensive solutions to meet your application security penetration
> > testing and vulnerability management needs. You have an option to go with a
> > managed service (Cenzic ClickToSecure) or an enterprise software
> > (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> > help you: http://www.cenzic.com/news_events/wpappsec.php
> > And, now for a limited time we can do a FREE audit for you to confirm your
> > results from other product. Contact us at request@cenzic.com for details.
> > ------------------------------------------------------------------------------
> >
> >
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
> Choice Award from eWeek. As attacks through web applications continue to rise,
> you need to proactively protect your applications from hackers. Cenzic has the
> most comprehensive solutions to meet your application security penetration
> testing and vulnerability management needs. You have an option to go with a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request@cenzic.com for details.
> ------------------------------------------------------------------------------
>
>
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:07 EDT