H3dg3h0g's Blog
    H3dg3h0g's Blog

    Search

    Pentesting Guide and Notes

    Certification Reviews

    Writeups

    snmp (Simple Network Management Protocol)

    Description

    The Simple Network Management Protocol is used to remotely manage devices. It can be used to configure or to check the configuration of a host.

    By design, this service is a great source of both information gathering and privilege escalation in a network.

    Enumeration

    sudo nmap -sU -p 161 --script=snmp* -oX ./nmap/snmp.xml $IP

    Note that one of the scripts that nmap will run is snmp-brute which brute forces for community strings. To change the default wordlist, use:

    sudo nmap -sU -p 161 --script=snmp* --script-args snmp-brute.communitiesdb=$WORDLIST -oX ./nmap/snmp.xml $IP

    Also note that this nmap command will output a lot of information. Do not underestimate the importance of thoroughly inspecting the output which can contain crucial information on a target.

    Exploitation