161 - SNMP

Introduction

Port: 161,162,10161,10162 (UDP)

The Simple Network Management Protocol (SNMP) is an application layer protocol for different devices on a network to exchange management information with one another. It allows devices to communicate even if they are other devices and run different software.

The Management Information Bases (MIB) is a collection of information in a data tree structure. Each MIB consists of one or more nodes, having each node a unique Object Identifier (OID).

For example, the code 1.3.6.1.2.1.1.1 will be translated to "iso.identified-organization.dod.internet.mgmt.mib-2.system.sysDescr", where you can find the full name and version identification of the system's hardware type, software operating-system, and networking software.

Furthermore, the SNMP requires an authentication string called "community string" to access or alter its information.

Finally, there are different SNMP versions v1, v2c and v3; that you will need to specify depending on the tool.

OID Translation

By default, Kali Linux does not translate the OID; hence if you use snmpwalk, you will see only the OIDs with their associated values. To fix this problem, you need to execute the following commands.

Enumeration

With the following Nmap command, you can enumerate:

• Network interfaces

• SNMPv3 Basic information

• Community string brute-forcing

• Downloads Cisco router IOS configuration

• Netstat information

• Running processes

• System description

• Windows services, shares, installed software and users

Once, discovered a valid community string you can enumerate SNMP with snmapwalk.

Setting SNMP values

You can modify SNMP values with the tool snmpset. Here you can find a list of data types.

References

• What is SNMP?

• What is SNMP? 2

• Pentesting SNMP

• SNMP pentesting

• SNMP Data types