# SNMP

## MIB

Management Information Base. Offers a standardized tree view of all queryable SNMP objects

`Abstract Syntax Notation One` (`ASN.1`) based ASCII text format

The MIBs do not contain data, but they explain where to find which information and what it looks like

## OID

The OIDs consist of integers and are usually concatenated by dot notation. We can look up many MIBs for the associated OIDs in the [Object Identifier Registry](https://www.alvestrand.no/objectid/).

## Versions

v1 and v2 are plain text and unencrypted.

v3 adds authentication and encryption (pre-shared key).

## **Community Strings**

Community strings can be seen as passwords that are used to determine whether the requested information can be viewed or not. It is important to note that many organizations are still using `SNMPv2`, as the transition to `SNMPv3` can be very complex, but the services still need to remain active

## Dangerous settings

| **Settings**                                     | **Description**                                                                       |
| ------------------------------------------------ | ------------------------------------------------------------------------------------- |
| `rwuser noauth`                                  | Provides access to the full OID tree without authentication.                          |
| `rwcommunity <community string> <IPv4 address>`  | Provides access to the full OID tree regardless of where the requests were sent from. |
| `rwcommunity6 <community string> <IPv6 address>` | Same access as with `rwcommunity` with the difference of using IPv6.                  |

## Tools

snmpwalk

* `snmpwalk -v2c -c public <IP>`

onesixtyone

* `onesixtyone -c /opt/useful/SecLists/Discovery/SNMP/snmp.txt <IP>`

braa

* `braa <community string>@<IP>:.1.3.6.*`


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.rtlcopymemory.com/footprinting/snmp.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.