Re: [SCRIPT] snmpenum.nse

[David Fifield <david () bamsoftware com>]

On Wed, Dec 30, 2009 at 09:24:37PM +0300, William wrote:
> Here's a script that walks the selected subtree and prints out info
> discovered. If the 'subtree' argument is not specified, results from the
> system subtree are returned.
>
> Feedback will be appreciated.

Can you tell us more about what the script does? I don't know much about
SNMP. What is this first example telling us?

> nmap -P0 -n -sU -sC -p161 192.168.2.2 --script-args="subtree=ipaddr"
>
> PORT    STATE SERVICE
> 161/udp open  snmp
> | snmpenum:  
> |   1.3.6.1.2.1.4.20.1.1.10.35.60.10: 10.35.60.10
> |   1.3.6.1.2.1.4.20.1.1.192.168.180.9: 192.168.180.9
> |   1.3.6.1.2.1.4.20.1.1.192.168.2.2: 192.168.2.2
> |   1.3.6.1.2.1.4.20.1.1.192.168.185.246: 192.168.185.246
> |_  1.3.6.1.2.1.4.20.1.1.192.168.118.61: 192.168.118.61

In this example, is there any way to find out what the OID
1.3.6.1.2.1.1.*.0 mean?

> ---
> -- @output
> -- | snmpwalk:  
> -- |   1.3.6.1.2.1.1.1.0: D-link Corp. Access Point
> -- |   1.3.6.1.2.1.1.2.0: 1.3.6.1.4.1.129.43.10.37.15
> -- |   1.3.6.1.2.1.1.3.0: 452533
> -- |   1.3.6.1.2.1.1.4.0: 
> -- |   1.3.6.1.2.1.1.5.0: D-link Corp. Access Point
> -- |   1.3.6.1.2.1.1.6.0: 
> -- |_  1.3.6.1.2.1.1.7.0: 64

What does the output for nexthop and tcpports look like? What do you see
the script being used for?

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/