![Kali Linux Tutorial](/kali_linux/images/kali-linux-mini-logo.jpg)
- Kali Linux Tutorial
- Kali Linux - Home
- Installation & Configuration
- Information Gathering Tools
- Vulnerability Analyses Tools
- Kali Linux - Wireless Attacks
- Website Penetration Testing
- Kali Linux - Exploitation Tools
- Kali Linux - Forensics Tools
- Kali Linux - Social Engineering
- Kali Linux - Stressing Tools
- Kali Linux - Sniffing & Spoofing
- Kali Linux - Password Cracking Tools
- Kali Linux - Maintaining Access
- Kali Linux - Reverse Engineering
- Kali Linux - Reporting Tools
- Kali Linux Useful Resources
- Kali Linux - Quick Guide
- Kali Linux - Useful Resources
- Kali Linux - Discussion
Kali Linux - Vulnerability Analyses Tools
In this chapter, we will learn how to use some of the tools that help us exploit devices or applications in order to gain access.
Cisco Tools
Kali has some tools that can be used to exploit Cisco router. One such tool is Cisco-torch which is used for mass scanning, fingerprinting, and exploitation.
Let’s open the Terminal console by clicking the left pane.
![Terminal Left Panel](/kali_linux/images/terminal_left_panel.jpg)
Then, type “cisco-torch –parameter IP of host” and if there is nothing found to exploit, then the following result will be shown.
![Cisco Torch](/kali_linux/images/cisco_torch.jpg)
To see what are the parameters that can be used, type “cisco-torch ?”
![Cisco Parameter](/kali_linux/images/cisco_parameter.jpg)
Cisco Auditing Tool
It is a PERL script, which scans Cisco routers for common vulnerabilities. To use it, again open the terminal on the left pane as shown in the previous section and type “CAT –h hostname or IP”.
You can add the port parameter “-p” as shown in the following screenshot, which in this case is 23 to brute-force it.
![Port Parameter](/kali_linux/images/port_parameter.jpg)
Cisco Global Exploiter
Cisco Global Exploiter (CGE) is an advanced, simple, and fast security testing tool. With these tools, you can perform several types of attacks as shown in the following screenshot. However, be careful while testing in a live environment as some of them can crash the Cisco devise. For example, option can stop the services.
![Cisco Device](/kali_linux/images/cisco_device.jpg)
To use this tool, type “cge.pl IPaddress number of vulnerability”
The following screenshot shows the result of the test performed on Cisco router for the vulnerability number 3 from the list above. The result shows the vulnerability was successfully exploited.
![Cisco Router](/kali_linux/images/cisco_router.jpg)
BED
BED is a program designed to check daemons for potential buffer overflows, format strings, et. al.
![Check Daemons](/kali_linux/images/check_daemons.jpg)
In this case, we will test the testing machine with IP 192.168.1.102 and the protocol HTTP.
The command will be “bed –s HTTP –t 192.168.1.102” and testing will continue.
![Testing](/kali_linux/images/testing.jpg)
To Continue Learning Please Login