config root man

Current Path : /usr/local/share/nmap/scripts/

FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64
Upload File :
Current File : //usr/local/share/nmap/scripts/SNMPcommunitybrute.nse

-- SNMP community string brute force script
-- 2008-07-03

id = "SNMPv1-communitybrute"

description = "Attempts to find SNMP community string by brute force"

author = "Philip Pickering <pgpickering@gmail.com>"

license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

categories = {"intrusive", "auth"}

require "shortport"
require "snmp"

-- runs before SNMPsysdesr.nse
runlevel = 1

portrule = shortport.portnumber(161, "udp", {"open", "open|filtered"})

action = function(host, port)

  if nmap.registry.snmpcommunity or nmap.registry.args.snmpcommunity then return end

  -- create the socket used for our connection
  local socket = nmap.new_socket()
  
  -- set a reasonable timeout value
  socket:set_timeout(5000)
  
  -- do some exception handling / cleanup
  local catch = function()
    socket:close()
  end

  local try = nmap.new_try(catch)
	
	-- connect to the potential SNMP system
  try(socket:connect(host.ip, port.number, "udp"))

	
  local request = snmp.buildGetRequest({}, "1.3.6.1.2.1.1.3.0")

  local commFile = nmap.fetchfile(nmap.registry.args.snmplist)
  local commTable
  
  -- fetch wordlist from file (from unpwdb-lib)
  if commFile then
     local file = io.open(commFile)
     
     if file then
	commTable = {}
	while true do
	   local l = file:read()
	   
	   if not l then
	      break
	   end
					 
	   -- Comments takes up a whole line
	   if not l:match("#!comment:") then
	      table.insert(commTable, l)
	   end
	end
	
	file:close()
     end
  end
  
  -- default wordlist
  if (not commTable) then	commTable = {'public', 'private', 'snmpd', 'snmp', 'mngt', 'cisco', 'admin'} end
  
  -- send all possible words out before waiting for an answer
  for _, commStr in ipairs(commTable) do
     local payload = snmp.encode(snmp.buildPacket(request, 0, commStr))
     try(socket:send(payload))
  end
  
  -- finally wait for a response
  local status
  local response
  
  status, response = socket:receive_bytes(1)
  
  if (not status) then
     return
  end
  
  if (response == "TIMEOUT") then
     return
  end
  nmap.set_port_state(host, port, "open")
  
  local result
  _, result = snmp.decode(response)
  
  -- response contains valid community string
  if type(result) == "table" then
     nmap.registry.snmpcommunity = result[2]
     return result[2]
  end
  
  return
end

Man Man