Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: nmap snmp scanning
From: David Fifield <david () bamsoftware com>
Date: Mon, 5 Dec 2011 09:21:54 -0800

On Mon, Dec 05, 2011 at 11:58:42AM -0500, Kent Hundley wrote:
David,

Thanks for your response, but this doesn't seem to resolve my issue.
If I run that command, it will tell me that the SNMP port is open,
but it doesn't tell me which of the available SNMP strings a given
device is using (I have 3 possible strings in community.lst).

The command and output are below. I tried putting the community.lst
file in the same dir as the nmap exe as well as in the nselib/data
dir where the other lst files are located. Interestingly, I get the
exact same response if I put a single bogus entry in the
community.lst file or even if I run the command without the
snmp-brute option at all. Its as if nmap is not reading the
community file at all.

D:\Program Files (x86)\Nmap>nmap -sU -p161 --script snmp-brute
--script-args snmplist=community.lst 10.x.y.z

Starting Nmap 5.51 ( http://nmap.org ) at 2011-12-05 16:46 GMT Standard Time
Nmap scan report for 10.x.y.z
Host is up (0.80s latency).
PORT    STATE SERVICE
161/udp open  snmp

Nmap done: 1 IP address (1 host up) scanned in 8.52 seconds

Try using the -d and --script-trace options. You may want to read some
more about how the script engine works at http://nmap.org/book/nse.html.

It's possible that the device is using none of the community strings in
community.lst. --script-trace will reveal what is going on.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]