SNMP
Simple Network Management Protocol
SNMP runs on UDP 161. You can get information about a system from it. But you need to know the community string for it to give you a response.
Brute forcing the community string:
Note: You will likely want to find a better wordlist.
Getting the data dump:
Flags:
-v1
specifies SNMP version 1
This also gives some (but less) info:
Things to grep from the datadump:
System uname
.1.3.6.1.2.1.1.1.0
- System's hardware type, software operating-system, and networking software.trap
- To find other community strings (under "traphost")fail
- Finding failed login attempts from logs (telnet or ssh for example, not all devices log these login attempts but some do).
Getting ipv6 addresses (if any) from the data dump:
Unique local (Link Local/Local Unicast) is probably the output you’re looking for. It will return loopback as well afaik.
Last updated