UDP 161: SNMP

Simple Network Management Protocol is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Typically, SNMP agents listen on UDP port 161, asynchronous traps are received on port 162.
--Wikipedia

Nmap

nmap -sU --open -p 161 <ip>

Management information Base (MiB)

IBM Knowledge Center

MiB	Description
1.3.6.1.2.1.25.1.6.0	System Processes
1.3.6.1.2.1.25.4.2.1.2	Running Programs
1.3.6.1.2.1.25.4.2.1.4	Processes Path
1.3.6.1.2.1.25.2.3.1.4	Storage Units
1.3.6.1.2.1.25.6.3.1.2	Software Name
1.3.6.1.4.1.77.1.2.25	User Accounts
1.3.6.1.2.1.6.13.1.3	TCP Local Ports

Community strings fuzzdb/wordlist-common-snmp-community-strings.txt at master · fuzzdb-project/fuzzdb · GitHub

GitHub - trailofbits/onesixtyone: Fast SNMP Scanner

onesixtyone -c <community-strings-file> -i <ips>

SNMPWalk

snmpwalk -c public -v1 <ip>

Using mib-values

snmpwalk -c public -v1 <ip> 1.3.6.1.2.1.25.4.2.1.2

Make MiBs readable

apt install snmp-mibs-downloader

Comment out mibs: line in /etc/snmp/snmp.conf

snmpwalk -c public -v2c <ip>

snmp-check

snmp-check <ip>

Other tools

snmpenum

PreviousUDP 137, 138, TCP 139: NetBIOS NextMisc

Last updated 3 years ago

Links

Nmap

Management information Base (MiB)

SNMPWalk

Make MiBs readable

snmp-check

Other tools