Lockdoor Framework

A Penetration Testing Framework

View on GitHub

SNMP Enumeration (Simple Network Management Protocol)

Fix SNMP output values so they are human readable

>apt-get install snmp-mibs-downloader download-mibs
echo "" > /etc/snmp/snmp.conf

Scanning for SNMP

Using nmap

>root@kali:~# nmap -sU -v --open -p 161 192.168.1.12
   Note: SNMP is using UDP not TCP

Using onesixtyone

>root@kali:~# echo public > /tmp/community.txt
root@kali:~# echo private >> /tmp/community.txt
root@kali:~# echo manager >> /tmp/community.txt
root@kali:~# echo 192.168.1.12 > /tmp/ip.txt
root@kali:~# onesixtyone -c /tmp/community.txt -i /tmp/ip.txt

Windows SNMP Enumeration Example

>root@kali:~# snmpwalk -c puplic -v1 192.168.1.12

SNMP Enumeration Commands

>snmpcheck -t $ip -c public

snmpwalk -c public -v1 $ip 1|

grep hrSWRunName|cut -d\* \* -f

snmpenum -t $ip

onesixtyone -c names -i hosts

SNMPv3 Enumeration

>nmap -sV -p 161 --script=snmp-info $ip/24

Automate the username enumeration process for SNMPv3:

>apt-get install snmp snmp-mibs-downloader
wget https://raw.githubusercontent.com/raesene/TestingScripts/master/snmpv3enum.rb

SNMP Default Credentials

>/usr/share/metasploit-framework/data/wordlists/snmp\_default\_pass.tx

SNMP Enumeration (Simple Network Management Protocol)

MIB Tree (SNMP Management Information Base)

Scanning for SNMP

>> nmap -sU --open -p 161 192.168.11.200-254 -oG mega-snmp.txt
# -sU :: UDP scan

Windows SNMP Enumeration Example