SNMP port 161 open- Enumeration Guide used in Penetration Testing ~ MrLeet

Title: SNMP port 161 open- Enumeration Guide used in Penetration TestingAuthor: ajayverma

Default Community Strings
> public
> private
> cisco
>> cable-docsis
>> ILMI

MIB enumeration
> Windows NT
>> .1.3.6.1.2.1.1.5 Hostnames
>> .1.3.6.1.4.1.77.1.4.2 Domain Name
>> .1.3.6.1.4.1.77.1.2.25 Usernames
>> .1.3.6.1.4.1.77.1.2.3.1.1 Running Services
>> .1.3.6.1.4.1.77.1.2.27 Share Information
> Solarwinds MIB walk ( http://www.solarwinds.net/Download-Tools.htm )
> Getif ( http://www.wtcs.org/snmp4tpc/getif.htm )
> snmpwalk
snmpwalk -v <Version> -c <Community string> <IP>
> Snscan ( http://www.foundstone.com/ )
> Applications
>> ZyXel
snmpget -v2c -c <Community String> <IP> 1.3.6.1.4.1.890.1.2.1.2.6.0
snmpwalk -v2c -c <Community String> <IP> 1.3.6.1.4.1.890.1.2.1.2

SNMP Bruteforce
> onesixtyone
onesixytone -c SNMP.wordlist <IP>
> cat
./cat -h <IP> -w SNMP.wordlist
> Solarwinds SNMP Brute Force ( http://www.solarwinds.net/Download-Tools.htm )
> ADMsnmp ( http://adm.freelsd.net/ADM/ )

Examine SNMP Configuration files
> snmp.conf
> snmpd.conf
> snmp-config.xml

Dislike

Submitted On: 2019-05-29 16:47:45