Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: nmap snmp scanning
From: Patrik Karlsson <patrik () cqure net>
Date: Sun, 11 Dec 2011 20:29:07 +0100

On Sun, Dec 11, 2011 at 6:59 PM, Duarte Silva
<duarte.silva () serializing me>wrote:

On Tuesday 06 December 2011 19:59:34 Patrik Karlsson wrote:
If it can wait for the weekend, I will look into it.

Duarte Silva


Thanks Duarte, sounds good to me. What I saw during my brief look was:
* nmap.fetchfile is used (limits the location of the communityfile)
* the result from nmap.fetchfile isn't checked
* there's no good way to return an error back to the action function, if
the file wasn't found



I had a look at the script and I have some doubts about it. If the user
not supply the snmpcommunity (ant it isn't defined in the nmap.registry)
script will not run. But the script allows the user to supply a file with a
list of community strings to try out. Weird to say the least =P

If I ain't missing something I should remove that restriction and make it
like, "supply a community string or a file containing community strings,
otherwize I will use my own file"?

Duarte Silva

Hi Duarte,

The snmpcommunity registry thing looks strange, not sure why it's there,
but it seems to be the other way around, if it's defined, the script won't
run. I couldn't find any other scripts making use of that registry value,
so I guess that check could be removed.

I think your assessment is right, first check for a list of communities,
either as a string or file and then fallback to the default list. I had a
quick look over the script again and it currently works like this:
* if the passdb argument is supplied, this file is used as the community
* it then tries an alternative file supplied with the argument snmplist
* if the above two arguments are not used, it falls back to the file

The problems I see are:
* if the files supplied by snmplist or passdb fail to open, the script
silently fails
* the script uses nmap.fetchfile for the snmplist file, which requires the
file to reside within nmap's directory structure

Patrik Karlsson
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]