Nmap Development mailing list archives
Re: [NSE] bug in snmp library
From: David Fifield <david () bamsoftware com>
Date: Sun, 13 Dec 2009 18:07:46 -0700
On Thu, Dec 10, 2009 at 02:35:33PM +0200, Victor Rudnev wrote:
I found in snmp.lua a bug with encoding snmp oid string Let's see We need to set (int) 100 in a OID '.1.3.6.1.4.1.4935.1000.100.200.100.800.1.100.400.100.0' and will use snmpset tool and snmp.lua for that snmp.lua ..... # U 192.168.1.222:32792 -> 192.168.1.151:161 30 30 02 01 00 04 06 70 75 62 6c 69 63 a3 23 02 00.....public.#. 02 01 44 02 01 00 02 01 00 30 17 30 15 06 10 2b ..D......0.0...+ 06 01 04 01 47 e8 64 c8 64 20 01 64 90 64 00 02 ....G.d.d .d.d.. 01 64 .d # U 192.168.1.151:161 -> 192.168.1.222:32792 30 30 02 01 00 04 06 70 75 62 6c 69 63 a2 23 02 00.....public.#. 02 01 44 02 01 02 02 01 01 30 17 30 15 06 10 2b ..D......0.0...+ 06 01 04 01 47 e8 64 c8 64 20 01 64 90 64 00 02 ....G.d.d .d.d.. 01 64 $ snmpset -c public -v 1 192.168.1.151 .1.3.6.1.4.1.4935.1000.100.200.100.800.1.100.400.100.0 i 100 ... # U 192.168.1.222:32792 -> 192.168.1.151:161 30 37 02 01 00 04 06 70 75 62 6c 69 63 a3 2a 02 07.....public.*. 04 45 f6 c4 19 02 01 00 02 01 00 30 1c 30 1a 06 .E.........0.0.. 15 2b 06 01 04 01 a6 47 87 68 64 81 48 64 86 20 .+.....G.hd.Hd. 01 64 83 10 64 00 02 01 64 .d..d...d # U 192.168.1.151:161 -> 192.168.1.222:32792 30 37 02 01 00 04 06 70 75 62 6c 69 63 a2 2a 02 07.....public.*. 04 45 f6 c4 19 02 01 00 02 01 00 30 1c 30 1a 06 .E.........0.0.. 15 2b 06 01 04 01 a6 47 87 68 64 81 48 64 86 20 .+.....G.hd.Hd. 01 64 83 10 64 00 02 01 64 .d..d...d So, we could compare encoded OID string in both cases which are not the same snmp.lua : 2b 06 01 04 01 47 e8 64 c8 64 20 01 64 90 64 00 | 02 01 64 snmpset : 2b 06 01 04 01 a6 47 87 68 64 81 48 64 86 20 01 64 83 10 64 00 | 02 01 64 As a result I get "0x02 -- The name of the requested object was not found" in error field of response..
Thanks for the detailed bug report. This should be fixed in r16266. The problem was that the code didn't correctly handle OID component values greater than 127. It just took them mod 256 and stored the octet, which is incorrect. For example, 1000 would encode to e8 instead of 87 68. If you're running from a Subversion checkout, try updating, or if not, replace your copy of snmp.lua with http://nmap.org/svn/nselib/snmp.lua and see if it works now. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] bug in snmp library Victor Rudnev (Dec 11)
- Re: [NSE] bug in snmp library David Fifield (Dec 13)