Nmap Development mailing list archives

Re: snmp-brute plugin not working in IPv6

From: Gioacchino Mazzurco <gmazzurco89 () gmail com>
Date: Fri, 22 May 2015 03:50:03 -0700 (PDT)

I have created a github iussue for this, it seems i cannot add labels to the 
issue, IPv6 and NSE labels are at least needed

https://github.com/nmap/nmap/issues/130

On Thursday, May 21, 2015 04:40:52 PM Gioacchino Mazzurco wrote:

I am interested in this bug I'll take a look at it

On Thursday, May 14, 2015 09:29:04 AM Roberto Greiner wrote:

Hi,

I've looked a bit into the snmp-brute.nse script, to see why it did not
work with ipv6, and I think I found the problem. In the code, there is
function named
local sniff_snmp_responses = function(host, port, lport, result)

Inside it, there is the following code:
  local ip = host.bin_ip_src
  ip =

string.format("%d.%d.%d.%d",ip:byte(1),ip:byte(2),ip:byte(3),ip:byte(4))

  pcap:pcap_open(host.interface, 104, false,"dst host " .. ip .. " and

udp and src port 161 and dst port " .. lport)

Obviously, this will work only with IPv4. My problem is that I have no
knowledge of lua. Actually, my programming knowledge4 altogether is very
limited. Does somebody have a ready made script that would work
properly, or some suggestion to what should replace this code?

Tks,

Roberto Greiner

On 29/04/2015 10:46, Roberto Greiner wrote:

Hi,

I've been using the nmap snmp-brute plugin for debugging my server
infra-structure, and after some tests verified that the plugin does not
work properly over IPv6.

When used with IPv4, it works properly, returning the snmp community.
But over IPv6, it only reports if the ports is open or not, never
returning the valid community. SNMP is working through IPv6, which I
verified using snmpwalk, but the script does not report the valid
community as would be expected.

Roberto Greiner

PS: Tested using Debian 7 and 8 servers, 64 bits, using the following
nmap version, locally  compiled(Debian 7 output):
Nmap version 6.47 ( http://nmap.org )
Platform: x86_64-unknown-linux-gnu
Compiled with: nmap-liblua-5.2.3 openssl-1.0.1e libpcre-8.30
nmap-libpcap-1.2.1 nmap-libdnet-1.12 ipv6
Compiled without:
Available nsock engines: epoll poll select

PS2: Sorry if this is the wrong list to report this problem. If this
mail should have gone to another list, please indicate the correct one.


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

snmp-brute plugin not working in IPv6 Roberto Greiner (Apr 29)
- Re: snmp-brute plugin not working in IPv6 Roberto Greiner (May 14)
  - Re: snmp-brute plugin not working in IPv6 Gioacchino Mazzurco (May 21)
    - Re: snmp-brute plugin not working in IPv6 Gioacchino Mazzurco (May 22)
    - Re: snmp-brute plugin not working in IPv6 Gioacchino Mazzurco (May 23)
    - Re: snmp-brute plugin not working in IPv6 Gioacchino Mazzurco (Jun 02)