Cisco Torch is a mass scanning, fingerprinting, and exploitation tool. It can be used to exploit Cisco router.

Table of Contents

1. Install Cisco-Torch
2. Options
3. Capabilities
4. Usage Examples

Install Cisco-Torch

It’s a default tool of Kali. You can also install it manually:

# Debian distros
sudo apt-get install cisco-torch

Options

Run this command to see all available options:

cisco-torch
#or
cisco-torch -h

The options:

-O <output file>
-A              All fingerprint scan types combined
-t              Cisco Telnetd scan
-s              Cisco SSHd scan
-u              Cisco SNMP scan
-g              Cisco config or tftp file download
-n              NTP fingerprinting scan
-j              TFTP fingerprinting scan
-l        loglevel
                c  critical (default)
                v  verbose
                d  debug
-w              Cisco Webserver scan
-z              Cisco IOS HTTP Authorization Vulnerability Scan
-c              Cisco Webserver with SSL support scan
-b              Password dictionary attack (use with -s, -u, -c, -w , -j or -t only)
-V              Print tool version and exit

Capabilities

It can scan for the following types of services:

• SSH
• SNMP
• Telnet
• NTP & TFTP Fingerprinting
• Cisco Webservers
• Cisco Webserver with SSL Support Scan
• Cisco IOS HTTP Authorization Vulnerability Scan

Usage Examples

The command syntax:

cisco-torch <options> <IP,hostname,network>
# or
cisco-torch <options> -F <hostlist>

Run all fingerprint and scan types against the desired host:

cisco-torch -A 10.1.1.54

Scan an entire network or subnet:

cisco-torch -A 10.1.1.0/24

Run a dictionary attack against the host:

cisco-torch -t -b 10.1.1.54

That’s it. Thanks for reading.