Nmap Development mailing list archives
Possible bug in snmp-brute script in 5.61-TEST4
From: Roberto <mrgreiner () gmail com>
Date: Tue, 10 Jan 2012 09:39:34 -0200
Hi,I was trying some IPv6 snmp scan with 5.61-TEST2, but it wasn't working (freezing at 33.3%). So, I installed 5.61-TEST4, but got another problem.
I run the following command:# nmap -sU -p 161 --script snmp-brute --script-args snmplist=snmplist.txt <server-name>
Note: I get the same result with 5.61-TEST4 whether I add the '-6' parameter or not.
With nmap 5.51, I get the following result: ----------------------------------------------------------------------- Starting Nmap 5.51 ( http://nmap.org ) at 2012-01-10 09:22 BRST Nmap scan report for <server name> (<server address>) Host is up (0.00083s latency). rDNS record for 200.145.9.19: <server name> PORT STATE SERVICE 161/udp open snmp |_snmp-brute: xxxxxxxxx MAC Address: xx:xx:xx:xx:xx:xx (Unknown) Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds ----------------------------------------------------------------------- With version 5.61-TEST4 I'm getting the following output: ----------------------------------------------------------------------- Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-01-10 09:20 BRST Nmap scan report for <server name> (<server address>) Host is up (0.00092s latency). rDNS record for 2801:88:ead::19: <server name> PORT STATE SERVICE 161/udp open snmp MAC Address: xx:xx:xx:xx:xx:xx (Unknown) Nmap done: 1 IP address (1 host up) scanned in 1.28 seconds -----------------------------------------------------------------------The snmp-brute script is not giving the output of any community that might have hit. Also, checking the logs of the target, I see a lot less snmp-hits.
For debugging purposes, I verified that nmap-brute uses the file "nselib/data/snmpcommunities.lst" as a reference for communities when none is passed as a parameter. I've set a community from that list in the target server, and with that I've got a proper hit in my scan. So there is something inserted between TEST2 and TEST4 where the snmp-brute script stopped reading the file passed as a parameter. Was the syntax for passing a reference file do snmp-brute modified somehow? Is it a bug?
Thanks,
Roberto
--
-----------------------------------------------------
Marcos Roberto Greiner
Os otimistas acham que estamos no melhor dos mundos
Os pessimistas tem medo de que isto seja verdade
James Branch Cabell
-----------------------------------------------------
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Current thread:
- Possible bug in snmp-brute script in 5.61-TEST4 Roberto (Jan 10)
- Re: Possible bug in snmp-brute script in 5.61-TEST4 Duarte Silva (Jan 10)
- Message not available
- Message not available
- Message not available
- Re: Possible bug in snmp-brute script in 5.61-TEST4 Roberto (Jan 10)
- Message not available