Saturday, May 17, 2025
Follow us On Linkedin
HomeVulnerability AnalysisCisco-Torch - Mass scanning, Fingerprinting and Exploitation Tool

Cisco-Torch – Mass scanning, Fingerprinting and Exploitation Tool

Vulnerability Analysis

Published on

By Balaji
Cisco-Torch – Mass scanning, Fingerprinting and Exploitation Tool

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

Cisco Torch mass scanning, fingerprinting, and exploitation tool was written while working on the next edition of the “Hacking Exposed Cisco Networks”, since the tools available on the market could not meet our needs.

The main feature that makes Cisco-torch different from similar tools is the extensive use of forking to launch multiple scanning processes in the background for maximum scanning efficiency. Also, it uses several methods of application layer fingerprinting simultaneously, if needed. We wanted something fast to discover remote Cisco hosts running Telnet, SSH, Web, NTP and SNMP services and launch dictionary attacks against the services discovered.

Also Read: Masscan – World’s Fastest Scanner – Scan the Entire Internet in Under 6 Minutes

- Advertisement - Google News

How Cisco Torch Works…

Syntax

Clone : GitHub

cisco – torch <options> <IP,hostname,network>
COMMANDS:
Using config file torch.conf...
Loading include and plugin ...
 version
usage: cisco-torch  <ip,hostname,network>

or: cisco-torch  -F

Available options:
-O 
-A		All fingerprint scan types combined
-t		Cisco Telnetd scan
-s		Cisco SSHd scan
-u		Cisco SNMP scan
-g		Cisco config or tftp file download
-n		NTP fingerprinting scan
-j		TFTP fingerprinting scan
-l 	loglevel
		c  critical (default)
		v  verbose
		d  debug
-w		Cisco Webserver scan
-z		Cisco IOS HTTP Authorization Vulnerability Scan
-c		Cisco Webserver with SSL support scan
-b		Password dictionary attack (use with -s, -u, -c, -w , -j or -t only)
-V		Print tool version and exit
examples:	cisco-torch -A 10.10.0.0/16
		cisco-torch -s -b -F sshtocheck.txt
		cisco-torch -w -z 10.10.0.0/16
		cisco-torch -j -b -g -F tftptocheck.txt
 cisco-torch-1
gbhackers@root:~$ cisco-torch -A 192.168.1.1
Using config file torch.conf...
Loading include and plugin ...

###############################################################
#   Cisco Torch Mass Scanner                                  #
#   Becase we need it...                                      #
#   http://www.arhont.com/cisco-torch.pl                      #
###############################################################

List of targets contains 1 host(s)
4724:	Checking 192.168.1.1 ...
HUH db not found, it should be in fingerprint.db
Skipping Telnet fingerprint
* Cisco by SNMP found ***
*System Description: Cisco Internetwork Operating System Software
IOS (tm) 3600 Software (C5640-IK9O3S-M), Version 14.3(22), RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by cisco Systems, Inc.
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Cyber Attack

Critical WordPress Plugin Flaw Puts Over 10,000 Sites of Cyberattack

A serious security flaw affecting the Eventin plugin, a popular event management solution for...
Cyber Attack

Sophisticated NPM Attack Leverages Google Calendar2 for Advanced Communication

A startling discovery in the npm ecosystem has revealed a highly sophisticated malware campaign...
Cyber Attack

New Ransomware Attack Targets Elon Musk Supporters Using PowerShell to Deploy Payloads

A newly identified ransomware campaign has emerged, seemingly targeting supporters of Elon Musk through...
cyber security

Printer Company Distributes Malicious Drivers Infected with XRed Malware

Procolored, a printer manufacturing company, has been found distributing software drivers infected with malicious...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

Register Now

More like this

Cyber Security News

Intruder vs. Acunetix vs. Attaxion: Comparing Vulnerability Management Solutions

The vulnerability management market is projected to reach US$24.08 billion by 2030, with numerous...
Cyber Security News

Google Launches Open-Source OSV-Scanner for Detecting Security Vulnerabilities

Google has announced the launch of OSV-Scanner V2, an open-source tool designed to enhance vulnerability...
CVE/vulnerability

New Microsoft Windows GUI 0-Day Vulnerability Actively Exploited in the Wild

A newly discovered vulnerability in Microsoft Windows, identified by ClearSky Cyber Security, is reportedly...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2025 GBHackers On Security - All Rights Reserved