SNMP

MIB

Management Information Base. Offers a standardized tree view of all queryable SNMP objects

Abstract Syntax Notation One (ASN.1) based ASCII text format

The MIBs do not contain data, but they explain where to find which information and what it looks like

OID

The OIDs consist of integers and are usually concatenated by dot notation. We can look up many MIBs for the associated OIDs in the Object Identifier Registry.

Versions

v1 and v2 are plain text and unencrypted.

v3 adds authentication and encryption (pre-shared key).

Community Strings

Community strings can be seen as passwords that are used to determine whether the requested information can be viewed or not. It is important to note that many organizations are still using SNMPv2, as the transition to SNMPv3 can be very complex, but the services still need to remain active

Dangerous settings

Tools

snmpwalk

• snmpwalk -v2c -c public <IP>

onesixtyone

• onesixtyone -c /opt/useful/SecLists/Discovery/SNMP/snmp.txt <IP>

braa

• braa <community string>@<IP>:.1.3.6.*