SNMP

Port: UDP/161 and Traps at UDP/162

MIB

Management Information Base. Offers a standardized tree view of all queryable SNMP objects

Abstract Syntax Notation One (ASN.1) based ASCII text format

The MIBs do not contain data, but they explain where to find which information and what it looks like

OID

The OIDs consist of integers and are usually concatenated by dot notation. We can look up many MIBs for the associated OIDs in the Object Identifier Registry.

Versions

v1 and v2 are plain text and unencrypted.

v3 adds authentication and encryption (pre-shared key).

Community Strings

Community strings can be seen as passwords that are used to determine whether the requested information can be viewed or not. It is important to note that many organizations are still using SNMPv2, as the transition to SNMPv3 can be very complex, but the services still need to remain active

Dangerous settings

Settings

Description

rwuser noauth

Provides access to the full OID tree without authentication.

rwcommunity <community string> <IPv4 address>

Provides access to the full OID tree regardless of where the requests were sent from.

rwcommunity6 <community string> <IPv6 address>

Same access as with rwcommunity with the difference of using IPv6.

Tools

snmpwalk

snmpwalk -v2c -c public <IP>

onesixtyone

onesixtyone -c /opt/useful/SecLists/Discovery/SNMP/snmp.txt <IP>

braa

braa <community string>@<IP>:.1.3.6.*

PreviousIMAP/POP3 NextMySQL

Last updated 5 months ago