161 - SNMP

Few checklist commands

  1. Nmap: sudo nmap -sU --open -p 161 10.11.1.1-254 (find ip with SMTP open)

  2. onesixtyone bruteforce tool: for ip in $(seq 1 254); do echo 10.11.1.$ip; done > ips then, onesixtyone -c community -i ips

  3. Enumerating Entire MIB Tree: snmpwalk -c public -v1 -t 10 <IP>

  4. Enumerating Windows Users: snmpwalk -c public -v1 <IP> 1.3.6.1.4.1.77.1.2.25

  5. Enumerating Running Windows Processes: snmpwalk -c public -v1 <IP> 1.3.6.1.2.1.25.4.2.1.2

  6. Enumerating Open TCP Ports: snmpwalk -c public -v1 <IP> 1.3.6.1.2.1.6.13.1.3

Previous389/636/3268 - LDAPNext25 - SMTP

Last updated