Re: SNMP Detection

[Gisle Vanem via dev <dev () nmap org>]

Tim Naami wrote:

> I have a target with SNMP working and I have confirmed it is responding using snmpwalk.
>
> When I use:
>
> nmap -sU -p 161 --script=snmp-interfaces 10.255.22.222
>
> I get:
>
> Starting Nmap 7.01 ( https://nmap.org ) at 2017-03-21 11:45 CDT
> Nmap scan report for testuser-pc.rhsnet.org <http://testuser-pc.rhsnet.org> (10.255.22.222)
> Host is up (0.00053s latency).
> PORT STATE SERVICE
> 161/udp open|filtered snmp

I think the snmp-interface.lua script is not up-to-date. Because I
get:
c:\> nmap -d -sU -p 161 --script=snmp-interfaces 10.0.0.1

NSE: [snmp-interfaces 10.0.0.1:161] no decoder for etype: a2
NSE: snmp-interfaces against router (10.0.0.1:161) threw an error!
f:\MingW32\src\inet\nmap/nselib/snmp.lua:398: attempt to index a number value (field '?')
stack traceback:
        f:\MingW32\src\inet\nmap/nselib/snmp.lua:398: in function 'snmp.fetchResponseValues'
        f:\MingW32\src\inet\nmap/nselib/snmp.lua:513: in method 'getnext'
        f:\MingW32\src\inet\nmap/nselib/snmp.lua:557: in method 'walk'
        f:\MingW32\src\inet\nmap/scripts\snmp-interfaces.nse:430: in function
      <f:\MingW32\src\inet\nmap/scripts\snmp-interfaces.nse:397>
        (...tail calls...)

Completed NSE at 09:47, 0.10s elapsed
Nmap scan report for router (10.0.0.1)
Host is up, received arp-response (0.00018s latency).
Scanned at 2017-03-28 09:47:43 CET for 1s
PORT    STATE SERVICE REASON
161/udp open  snmp    udp-response ttl 64
MAC Address: 1C:BD:B9:C0:63:C6 (D-Link International)
Final times for host: srtt: 182 rttvar: 4114  to: 100000

--------

But snmp-info.lua works fine.

Since I know very little of Lua, I'm at loss as to what is wrong.
But I guess the ASN1 decoder should be extended somehow.

-- 
--gv
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/