161, 162, 10161, 10162 - SNMP
MIB
MIB is an independent format for storing device information. A MIB is a text file in which all queryable SNMP objects of a device are listed in a standardized tree hierarchy. It contains at least one Object Identifier
(OID
), which, in addition to the necessary unique address and a name, also provides information about the type, access rights, and a description of the respective object.
The MIBs do not contain data, but they explain where to find which information and what it looks like, which returns values for the specific OID, or which data type is used.
OIDs
OIDs stands for Object Identifiers. OIDs uniquely identify managed objects in a MIB hierarchy. This can be depicted as a tree, the levels of which are assigned by different organizations. Vendors define private branches including managed objects for their own products.
You can navigate through an OID tree from the web here: http://www.oid-info.com/cgi-bin/display?tree=#focus or see what a OID means (like 1.3.6.1.2.1.1
) accessing http://oid-info.com/get/1.3.6.1.2.1.1.
Community Strings
public
mainly read only functionsprivate
Read/Write in general
Brute force community strings:
Enumerate SNMP
SNMP to RCE
Add a new command by appending an additional row to the “nsExtendObjects” table.
Execute the command that we injected to the SNMP by enumerating it using snmpwalk:
Example on reverse shell payload:
It could also be possible to gain control over a device by changing credentials through SNMP.
Interesting Files
Last updated