161 - SNMP
Introduction
Port: 161,162,10161,10162 (UDP)
The Simple Network Management Protocol (SNMP) is an application layer protocol for different devices on a network to exchange management information with one another. It allows devices to communicate even if they are other devices and run different software.
The Management Information Bases (MIB) is a collection of information in a data tree structure. Each MIB consists of one or more nodes, having each node a unique Object Identifier (OID).
For example, the code 1.3.6.1.2.1.1.1 will be translated to "iso.identified-organization.dod.internet.mgmt.mib-2.system.sysDescr", where you can find the full name and version identification of the system's hardware type, software operating-system, and networking software.
Furthermore, the SNMP requires an authentication string called "community string" to access or alter its information.
Finally, there are different SNMP versions v1, v2c and v3; that you will need to specify depending on the tool.
OID Translation
By default, Kali Linux does not translate the OID; hence if you use snmpwalk, you will see only the OIDs with their associated values. To fix this problem, you need to execute the following commands.
Enumeration
With the following Nmap command, you can enumerate:
Network interfaces
SNMPv3 Basic information
Community string brute-forcing
Downloads Cisco router IOS configuration
Netstat information
Running processes
System description
Windows services, shares, installed software and users
Once, discovered a valid community string you can enumerate SNMP with snmapwalk.
Setting SNMP values
You can modify SNMP values with the tool snmpset. Here you can find a list of data types.
References
Last updated
