Nmap Development mailing list archives
Re: Possible bug in snmp-brute script in 5.61-TEST4
From: Roberto <mrgreiner () gmail com>
Date: Tue, 10 Jan 2012 14:41:15 -0200
Ok, thanks a lot. As identified, the problems where the following:- --script-args snmplist=snmplist.txt parameter changed to --script-args snmp- brute.communitiesdb=snmplist.txt. - With the -6 parameter there is no answer from net-snmp. This seems to be a problem with net-snmp itself, not with nmap or snmp-brute script. Will go after the net-snmp folks to see if they know what's happening.
Thanks, Roberto On 10/01/2012 14:26, Duarte Silva wrote:
On Tuesday 10 January 2012 14:19:16 Roberto wrote:I used the flags you suggested and also used Wireshark, and both say that nmap IS sending the proper communities now, but net-snmp isn't answering on IPv6. I guess I will have to go there and ask if they know what's happening (already checked documentation).No problem. Could you report it to the list so other people don't go ghost hunting? Thanks, DuareteTks, Roberto On 10/01/2012 12:44, Duarte Silva wrote:On Tuesday 10 January 2012 12:25:05 Roberto wrote:On 10/01/2012 10:41, Duarte Silva wrote:On Tuesday 10 January 2012 09:39:34 Roberto wrote:Hi, I was trying some IPv6 snmp scan with 5.61-TEST2, but it wasn't working (freezing at 33.3%). So, I installed 5.61-TEST4, but got another problem.>> I run the following command: # nmap -sU -p 161 --script snmp-brute --script-args snmplist=snmplist.txt<server-name>Hi Roberto, The argument name has changed =P. Could you try it like this: # nmap -sU -p 161 --script snmp-brute --script-args snmp- brute.communitiesdb=snmplist.txtStrange, could you add the -d and --script-trace arguments, and observe if the server is responding with anything? Other test you could do is use the snmp tools, the command snmpget/snmptest if my memory doesn't fail me, over IPV6 to check if the server responds. It might have nothing to do with the script.>If it doesn't work try with relative/full paths. Regards, Duarte SilvaIt's working, but only in IPv4. If I add the '-6' parameter, I get again the screen as if the communities list hadn't been loaded: # nmap -6 -sU -p 161 --script snmp-brute --script-args snmp-brute.communitiesdb=snmplist.txt<server> Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-01-10 12:21 BRST Nmap scan report for<server name> (<server IPv6) Host is up (0.00097s latency). rDNS record for<IPv6> <servername> PORT STATE SERVICE 161/udp open snmp MAC Address: xx:xx:xx:xx:xx:xx (Unknown) Roberto
-- ----------------------------------------------------- Marcos Roberto Greiner Os otimistas acham que estamos no melhor dos mundos Os pessimistas tem medo de que isto seja verdade James Branch Cabell ----------------------------------------------------- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Possible bug in snmp-brute script in 5.61-TEST4 Roberto (Jan 10)
- Re: Possible bug in snmp-brute script in 5.61-TEST4 Duarte Silva (Jan 10)
- Message not available
- Message not available
- Message not available
- Re: Possible bug in snmp-brute script in 5.61-TEST4 Roberto (Jan 10)
- Message not available