Nmap Development mailing list archives
Re: [NSE] snmp-brute port to brute framework
From: Gorjan Petrovski <mogi57 () gmail com>
Date: Sun, 17 Jul 2011 18:51:38 +0200
I've finished the snmp-brute script. I decided to add a new file: nselib/data/snmpcommunities.lst in which we could add more snmp community strings. It is used in the script in conjunction with the passwords.lst wordlist. I also needed to make changes to the unpwdb making the limited_iterator function global in order to be used with the snmp-brute script. This script opens a sending socket and a sniffing pcap socket in parallel threads. The sending socket sends the SNMP probes with the community strings, while the pcap socket sniffs the network for an answer to the probes. If valid community strings are found, they are added to the creds database and reported in the output. The default wordlists used to bruteforce the SNMP community strings are <code>nselib/data/snmpcommunities.lst</code> and <code>nselib/data/passwords.lst</code>. If the <code>passdb</code> or <code>snmplist</code> argument is specified, that one is used as the wordlist. The <code>passdb</code> argument has precedence over <code>snmplist</code>. No output is reported if no valid account is found. -- 2008-07-03 Philip Pickering, basic verstion -- 2011-07-17 Gorjan Petrovski, Patrik Karlsson, optimization and creds -- accounts, rejected use of the brute library because of -- implementation using unconnected sockets. --- -- @usage -- nmap -sU --script snmp-brute <target> [--script-args [ passdb=<wordlist> | snmplist=<wordlist> ]] -- -- @args snmpcommunity The SNMP community string to use. If it's supplied, this -- script will not run. -- @args snmplist The filename of a list of community strings to try. -- -- @output -- PORT STATE SERVICE -- 161/udp open snmp -- | snmp-brute: -- | dragon - Account is valid -- |_ jordan - Account is valid Cheers, Gorjan
Attachment:
unpwdb.patch
Description:
Attachment:
snmp-brute.nse
Description:
Attachment:
snmpcommunities.lst
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] snmp-brute port to brute framework, (continued)
- Re: [NSE] snmp-brute port to brute framework Patrik Karlsson (Jul 11)
- Re: [NSE] snmp-brute port to brute framework Gorjan Petrovski (Jul 12)
- Re: [NSE] snmp-brute port to brute framework Gorjan Petrovski (Jul 12)
- Re: [NSE] snmp-brute port to brute framework Patrik Karlsson (Jul 12)
- Re: [NSE] snmp-brute port to brute framework Gorjan Petrovski (Jul 12)
- Re: [NSE] snmp-brute port to brute framework Patrik Karlsson (Jul 12)
- Re: [NSE] snmp-brute port to brute framework Gorjan Petrovski (Jul 14)
- Re: [NSE] snmp-brute port to brute framework Gorjan Petrovski (Jul 14)
- Re: [NSE] snmp-brute port to brute framework Patrik Karlsson (Jul 15)
- Re: [NSE] snmp-brute port to brute framework Toni Ruottu (Jul 15)
- Re: [NSE] snmp-brute port to brute framework Gorjan Petrovski (Jul 17)
- Re: [NSE] snmp-brute port to brute framework Patrik Karlsson (Jul 12)