Nmap Development mailing list archives
Re: nmap snmp scanning
From: Kent Hundley <khundley () opnet com>
Date: Mon, 05 Dec 2011 11:58:42 -0500
David,Thanks for your response, but this doesn't seem to resolve my issue. If I run that command, it will tell me that the SNMP port is open, but it doesn't tell me which of the available SNMP strings a given device is using (I have 3 possible strings in community.lst).
The command and output are below. I tried putting the community.lst file in the same dir as the nmap exe as well as in the nselib/data dir where the other lst files are located. Interestingly, I get the exact same response if I put a single bogus entry in the community.lst file or even if I run the command without the snmp-brute option at all. Its as if nmap is not reading the community file at all.
D:\Program Files (x86)\Nmap>nmap -sU -p161 --script snmp-brute --script-args snmplist=community.lst 10.x.y.z
Starting Nmap 5.51 ( http://nmap.org ) at 2011-12-05 16:46 GMT Standard Time Nmap scan report for 10.x.y.z Host is up (0.80s latency). PORT STATE SERVICE 161/udp open snmp Nmap done: 1 IP address (1 host up) scanned in 8.52 seconds Thx, Kent On 12/1/2011 9:51 PM, David Fifield wrote:
On Tue, Nov 29, 2011 at 07:53:43AM -0500, Kent Hundley wrote:I am trying to run an nmap SNMP scan to do the following: 1) scan a range of IP's and tell me if the device responds to any of a list of supplied SNMP community strings 2) report which of the available community strings the device responded to I have read the online docs and tried using the syntax of the provided examples but I cannot seem to get nmap to report which of an available list of snmp strings a device is using. It reports that SNMP is open, but it never tells me which snmp string is in use. Is this possible with nmap and can someone give me an example of the syntax required if it is?It sounds like what you want is the snmp-brute script: http://nmap.org/nsedoc/scripts/snmp-brute.html A usage example is: nmap -sU -p161 --script snmp-brute --script-args snmplist=community.lst<target> community.lst is a file containing the community names you want to try. You can leave that argument off to use the default list. David Fifield
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nmap snmp scanning Kent Hundley (Nov 29)
- Re: nmap snmp scanning David Fifield (Dec 01)
- Re: nmap snmp scanning Kent Hundley (Dec 05)
- Re: nmap snmp scanning David Fifield (Dec 05)
- Re: nmap snmp scanning Kent Hundley (Dec 06)
- Re: nmap snmp scanning Patrik Karlsson (Dec 06)
- Re: nmap snmp scanning Duarte Silva (Dec 06)
- Re: nmap snmp scanning Patrik Karlsson (Dec 06)
- Re: nmap snmp scanning Duarte Silva (Dec 11)
- Re: nmap snmp scanning Patrik Karlsson (Dec 11)
- Re: nmap snmp scanning Duarte Silva (Dec 18)
- Re: nmap snmp scanning Patrik Karlsson (Dec 19)
- Re: nmap snmp scanning Duarte Silva (Dec 20)
- Re: nmap snmp scanning Kent Hundley (Dec 05)
- Re: nmap snmp scanning David Fifield (Dec 01)