Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert

From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 14 Sep 2015 15:13:50 -0500
Venky,

SNMP is not *usually* run within TLS (SSL). The normal mode is plaintext
over UDP. The ssl-cert script uses the shortport.ssl [1] function to
determine which ports to run against. You can add -sV to your command to
use Nmap's version detection engine to detect a TLS tunnel, which will
allow the script to run. SSL probes are very high-priority, so if this is
the only reason you're using -sV, you can add --version-light to limit the
total number of probes sent.

Dan

[1] https://nmap.org/nsedoc/lib/shortport.html#ssl

On Sun, Sep 13, 2015 at 11:21 AM, knare k <knarelinux () gmail com> wrote:


Hi,

I am not able to get SSL certificate for snmp using ssl-cert script of
nmap, able to get for all others. I tried the following command with
the snmp port.

# nmap  -sU -Pn -p <snmpport> <host> --script=ssl-cert

Could you please help me. Please let me know the correct mailing list
if this is not the proper mailing list for this query.

Thanks
Venky
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: