Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

[NSE] bug in snmp library

From: Victor Rudnev <victor.rudnev () gmail com>
Date: Thu, 10 Dec 2009 14:35:33 +0200
Hi All,

I found in snmp.lua a bug with encoding snmp oid string

Let's see
We need to set (int) 100 in a OID
'.1.3.6.1.4.1.4935.1000.100.200.100.800.1.100.400.100.0' and will use
snmpset tool and snmp.lua for that

snmp.lua
.....
#
U 192.168.1.222:32792 -> 192.168.1.151:161
  30 30 02 01 00 04 06 70    75 62 6c 69 63 a3 23 02    00.....public.#.
  02 01 44 02 01 00 02 01    00 30 17 30 15 06 10 2b    ..D......0.0...+
  06 01 04 01 47 e8 64 c8    64 20 01 64 90 64 00 02    ....G.d.d .d.d..
  01 64                                                 .d
#
U 192.168.1.151:161 -> 192.168.1.222:32792
  30 30 02 01 00 04 06 70    75 62 6c 69 63 a2 23 02    00.....public.#.
  02 01 44 02 01 02 02 01    01 30 17 30 15 06 10 2b    ..D......0.0...+
  06 01 04 01 47 e8 64 c8    64 20 01 64 90 64 00 02    ....G.d.d .d.d..
  01 64


$ snmpset -c public -v 1 192.168.1.151
.1.3.6.1.4.1.4935.1000.100.200.100.800.1.100.400.100.0 i 100
...
#
U 192.168.1.222:32792 -> 192.168.1.151:161
  30 37 02 01 00 04 06 70    75 62 6c 69 63 a3 2a 02    07.....public.*.
  04 45 f6 c4 19 02 01 00    02 01 00 30 1c 30 1a 06    .E.........0.0..
  15 2b 06 01 04 01 a6 47    87 68 64 81 48 64 86 20    .+.....G.hd.Hd.
  01 64 83 10 64 00 02 01    64                         .d..d...d
#
U 192.168.1.151:161 -> 192.168.1.222:32792
  30 37 02 01 00 04 06 70    75 62 6c 69 63 a2 2a 02    07.....public.*.
  04 45 f6 c4 19 02 01 00    02 01 00 30 1c 30 1a 06    .E.........0.0..
  15 2b 06 01 04 01 a6 47    87 68 64 81 48 64 86 20    .+.....G.hd.Hd.
  01 64 83 10 64 00 02 01    64                         .d..d...d

So, we could compare encoded OID string in both cases which are not the same

snmp.lua : 2b 06 01 04 01 47 e8 64 c8 64 20 01 64 90 64 00 | 02 01 64

snmpset : 2b 06 01 04 01 a6 47 87 68 64 81 48 64 86 20 01 64 83 10 64 00 |
02 01 64

As a result I get "0x02 -- The name of the requested object was not found"
in error field of response..

Regards,
Victor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: