Home page logo
/
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News

Sponsors


File snmp-brute

Script types: portrule
Categories: intrusive, brute
Download: http://nmap.org/svn/scripts/snmp-brute.nse

User Summary

Attempts to find an SNMP community string by brute force guessing.

This script opens a sending socket and a sniffing pcap socket in parallel threads. The sending socket sends the SNMP probes with the community strings, while the pcap socket sniffs the network for an answer to the probes. If valid community strings are found, they are added to the creds database and reported in the output.

The script takes the snmp-brute.communitiesdb argument that allows the user to define the file that contains the community strings to be used. If not defined, the default wordlist used to bruteforce the SNMP community strings is nselib/data/snmpcommunities.lst. In case this wordlist does not exist, the script falls back to nselib/data/passwords.lst

No output is reported if no valid account is found.

Script Arguments

snmp-brute.communitiesdb

The filename of a list of community strings to try.

passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb

See the documentation for the unpwdb library.

snmpcommunity

See the documentation for the snmp library.

Example Usage

nmap -sU --script snmp-brute <target> [--script-args snmp-brute.communitiesdb=<wordlist> ]

Script Output

PORT    STATE SERVICE
161/udp open  snmp
| snmp-brute:
|   dragon - Valid credentials
|_  jordan - Valid credentials

Requires


Author: Philip Pickering, Gorjan Petrovski, Patrik Karlsson

License: Same as Nmap--See http://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]