SNMP (161)


===========================first thing first you need to install::
→ sudo apt install snmp-mibs-downloader
→ nano /etc/snmp/snmp.conf                                      [ and comment out the “mibs” line ]

===========================Getting information with snmpwalk::
###snmp check 
>>> snmp-check $IP -c public

>>> snmpwalk -c public -v2c $IP 
>>> snmpbulkwalk -Cr1000 -c public -v2c $IP . > snmpwalk.1								[ Best as per ippsec ]
>>> snmpenum $IP public linux.txt

>>> onesixtyone -c names -i hosts

===========================SMNP v3 :
>>> wget https://raw.githubusercontent.com/raesene/TestingScripts/master/snmpv3enum.rb; ./snmpv3enum.rb

===========================Enumerate Community strings : 

>>> ./onesixtyone -c /usr/share/seclists/Discovery/SNMP/common-snmp-community-strings.txt $IP
>>> python snmpbrute.py -t $IP
>>> nmap -sU  $IP -p161 --script=snmp-brute  -Pn --script-args snmp-brute.communitiesdb=list.txt


===========================Little-Bit Nmap Power : 

>>> nmap -sU -p161 --script "snmp-*" $IP
>>> nmap -n -vv -sV -sU -Pn -p 161,162 –script=snmp-processes,snmp-netstat $IP


===========================SNMPv3 enumeration : 

>>> wget https://raw.githubusercontent.com/raesene/TestingScripts/master/snmpv3enum.rb; ./snmpv3enum.rb

Wordlist
/usr/share/metasploit-framework/data/wordlists/snmp_default_pass.txt


===========================We need to know that there is a community called public : 

# enumerate windows users
>>> snmpwalk -c public -v1 $ip 1.3.6.1.4.1.77.1.2.25 


# enumerates running processes
>>> snmpwalk -c public -v1 $ip 1.3.6.1.2.1.25.4.2.1.2 


→ → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → 

SNMP MIB Trees
1.3.6.1.2.1.25.1.6.0              - System Processes
1.3.6.1.2.1.25.4.2.1.2 			- Running Programs
1.3.6.1.2.1.25.4.2.1.4 			- Processes Path
1.3.6.1.2.1.25.2.3.1.4 			- Storage Units
1.3.6.1.2.1.25.6.3.1.2 			- Software Name
1.3.6.1.4.1.77.1.2.25 			- User Accounts
1.3.6.1.2.1.6.13.1.3 				- TCP Local Ports

← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ←

PreviousUDP NextTFTP

Last updated 2 years ago

===========================first thing first you need to install:: → sudo apt install snmp-mibs-downloader → nano /etc/snmp/snmp.conf [ and comment out the “mibs” line ] ===========================Getting information with snmpwalk:: ###snmp check >>> snmp-check $IP -c public >>> snmpwalk -c public -v2c $IP >>> snmpbulkwalk -Cr1000 -c public -v2c $IP . > snmpwalk.1 [ Best as per ippsec ] >>> snmpenum $IP public linux.txt >>> onesixtyone -c names -i hosts ===========================SMNP v3 : >>> wget https://raw.githubusercontent.com/raesene/TestingScripts/master/snmpv3enum.rb; ./snmpv3enum.rb ===========================Enumerate Community strings : >>> ./onesixtyone -c /usr/share/seclists/Discovery/SNMP/common-snmp-community-strings.txt $IP >>> python snmpbrute.py -t $IP >>> nmap -sU $IP -p161 --script=snmp-brute -Pn --script-args snmp-brute.communitiesdb=list.txt ===========================Little-Bit Nmap Power : >>> nmap -sU -p161 --script "snmp-*" $IP >>> nmap -n -vv -sV -sU -Pn -p 161,162 –script=snmp-processes,snmp-netstat $IP ===========================SNMPv3 enumeration : >>> wget https://raw.githubusercontent.com/raesene/TestingScripts/master/snmpv3enum.rb; ./snmpv3enum.rb Wordlist /usr/share/metasploit-framework/data/wordlists/snmp_default_pass.txt ===========================We need to know that there is a community called public : # enumerate windows users >>> snmpwalk -c public -v1 $ip 1.3.6.1.4.1.77.1.2.25 # enumerates running processes >>> snmpwalk -c public -v1 $ip 1.3.6.1.2.1.25.4.2.1.2 → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → → SNMP MIB Trees 1.3.6.1.2.1.25.1.6.0 - System Processes 1.3.6.1.2.1.25.4.2.1.2 - Running Programs 1.3.6.1.2.1.25.4.2.1.4 - Processes Path 1.3.6.1.2.1.25.2.3.1.4 - Storage Units 1.3.6.1.2.1.25.6.3.1.2 - Software Name 1.3.6.1.4.1.77.1.2.25 - User Accounts 1.3.6.1.2.1.6.13.1.3 - TCP Local Ports ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ← ←