Detect SNMP-devices:
nmap -sU --open -p 161 10.11.1.1-254 -oG mega-snmp.txt
onesixtyone
Brute force of community strings against IPs. The following example tries to log in into SMTP devises via a given IP and given community names.
echo public > community echo private >> community echo manager >> community for ip in $(seq 1 254);do echo 10.11.1.$ip;done > ips onesixtyone -c community -i ips
SNMPCheck
Like SNMPWalk:
snmpcheck -t $target -c public
SNMPWalk
- Simple enumeration with snmpwalk to show which SNMP values are provided by a device given the community name (mostly public):
snmpwalk -c public -v1 10.11.1.115 10.10.10.10 ...(multiple ips are possible)
This result in a ist of SNMP parameters like
1.3.6.1.2.1.6.13.1.3
See other resources to check the semantic behind the OIDs:
- Here is a list,
- List 2,
- Enterprise number list
- but I should also just search OIDs.
To obtain detailed information / the values of a OID:
snmpwalk -c public -v1 10.11.1.115 1.3.6.1.2.1.6.13.1.3
Useful examples:
- All currently running processes:
snmpwalk -c public -v1 10.11.1.115 1.3.6.1.2.1.25.4.2.1.2 - All currently open TCP listening ports:
snmpwalk -c public -v1 10.11.1.115 1.3.6.1.2.1.6.13.1.3
Leave a Reply
You must be logged in to post a comment.