Nmap Development mailing list archives
[PATCH] SNMPsysdesr.nse Uptime Fix
From: Kris Katterjohn <katterjohn () gmail com>
Date: Fri, 04 Apr 2008 14:20:38 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey everyone, I turned on SNMP on a newer piece of equipment I have on my LAN so I could play with it and use the SNMPsysdesr NSE script. I used the script against it, and it told me the uptime was about 5 days, which is reasonable (I don't remember when it rebooted last). However, later on, the script then told me the uptime was 130 days, so I knew something was up. It usually hovered at 5: 161/udp open snmp script-set | SNMPv1: Prestige 2302R |_ System uptime: 5 days, 20:0:47.48 (50404748 timeticks) Watching the exchange with Wireshark, I saw that the bytes holding the uptime were preceded by a byte which held that length (so the amount of bytes for the uptime can vary from 2-4 [or I guess technically 1, but that's really small so I've never seen it]). So, I've attached a patch which fixes the uptime reporting. It all works great for me. Wireshark confirms the calculated uptime that the script now prints and uses (with 2-3 byte uptimes, I haven't waited long enough for 4 because I've rebooted it several times while testing). 161/udp open snmp script-set | SNMPv1: Prestige 2302R |_ System uptime: 0 days, 0:12:25 (74500 timeticks) If you can test it and verify that this works correctly, I'd appreciate it. I'll commit it soon if there are no issues. Thanks, Kris Katterjohn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBR/Z/hP9K37xXYl36AQIDIA/+LOTYHLuboB1TtbZ8ZlXoFzdHnjRK3txN +fbtErXbv3zO08gUGbHdw8XCCDu9eib+3COar6+gIzTUEaVNvTsm+4F13NgwN8vx plzEkVnxesrPGwv0pPMfK+B8bn8DVA2IPGqgkBOxLcjCN3MZ0Kvjb8YWkiftiZOF ng32X/lfe1pSTTui/i0KlcWAYwjw5RoFFjsirHlP0emjuk8hXyPFm1aCxHRQFVFX 6Slxvkq+AgEoNyznAMYcTAA6ieLOi5zIRA6yVKZeckLjmorWh1gG2lHsLJiFd2w0 6X6Bi4e3Rg8taTd+0aJ8ldlnyCvhps8J8jgdAxATRT40ZV26xNfi7MLPasGnNodP KE8V/YzywN60GH2yvr+KS0UL4UVCeCK4JVhWwbtTMtDNDViZMUii1WjmnBcwd6U3 eNNQtd/VmeLViYyUXG2BtdT9o88X4AbkbLaQ4NKZl0v2fZBg4tcC696gCAM/qj9e 8CRyHWI9Y5VVxsOKeEk2r46q1sPbAVA+Bo0r6cz0fp8CKQZedDm46U3Mp+ILFtos 0I2UTo3UA+aG7qoIom7eT1j/smKWUzCXda63wUCsoujoD83YC46eQ1lk3QwwQpiq 43IhuXY8H5W+M1CgJrZQPuOzymSGFosiOslmkuRKs9pH96IRs9n5iRsbZob5D3lv fU+emEZPxog= =g5JB -----END PGP SIGNATURE-----
Index: scripts/SNMPsysdesr.nse
===================================================================
--- scripts/SNMPsysdesr.nse (revision 7034)
+++ scripts/SNMPsysdesr.nse (working copy)
@@ -90,18 +90,30 @@
try(socket:close())
- if string.find(response, "\006\001\002\001\001\003") == nil then
+ local start, stop = response:find("\006\001\002\001\001\003\000")
+
+ if start == nil then
return result
end
- local length,uptime,s1,s2,s3,s4
-
- length = string.len(response)
-
- s1,s2,s3,s4 = string.byte(response, length - 3, length)
-
- uptime = s1*(2^24) + s2*(2^16) + s3*(2^8) + s4
-
+ local uplen,uptime,s1,s2,s3,s4
+
+ uplen = response:byte(stop + 2)
+
+ s1,s2,s3,s4 = response:byte(stop + 3, stop + 3 + uplen)
+
+ if uplen == 4 then
+ uptime = s1*(2^24) + s2*(2^16) + s3*(2^8) + s4
+ elseif uplen == 3 then
+ uptime = s1*(2^16) + s2*(2^8) + s3
+ elseif uplen == 2 then
+ uptime = s1*(2^8) + s2
+ elseif uplen == 1 then
+ uptime = s1
+ else
+ return result
+ end
+
local days, hours, minutes, seconds, htime, mtime, stime
days = math.floor(uptime / 8640000)
htime = math.fmod(uptime, 8640000)
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [PATCH] SNMPsysdesr.nse Uptime Fix Kris Katterjohn (Apr 04)