Mailing List Archive

snmp communication
So, i'm working off the GPL dont_scan_printers.nasl script, and i
cannot figure out why i'm not getting anything back when I hit the
snmp port

--code--
if ( get_kb_item("SNMP/community") )
{
port = get_kb_item("SNMP/port");
community = get_kb_item("SNMP/community");
soc = open_sock_udp (port);
if ( soc )
{
security_note(port:port, data: port);
security_note(port:port, data: community);
desc = snmp_request(socket:soc, community:community, oid:".1.3");
close(soc);
if (! desc)
{
security_note(port:port, data: string("no description"));
}
security_note(port:port, data:desc);
}
}

and a sanity check to the kbs

grep "SNMP/port" /opt/nessus/var/nessus/users/user/kbs/host
1159306678 3 SNMP/port=161

Now, I get some output from this:

/opt/nessus/bin/nasl -k /opt/nessus/var/nessus/users/user/kbs/host -t
prt1396 snmpwalk_portscan.nasl Doug_dont_Scan_printers.nasl
Nessus snmp scanner was able to retrieve the open port list with the
community name public

public
no desc
Doug_dont_Scan_printers.nasl: Success

You'll see, it doesn't output the port, which is interesting... it
should be there. I can snmpget on this port and get the appropriate
key (infact, i can snmpwalk the whole thing)

More importantly though, it doesn't return any of the description...
it doesn't exist. Anyone have any idea why it wouldn't be working?

Doug Nordwall
Unix Administrator
EMSL Computer and Network Support
Unclassified Computer Security
Phone: (509)372-6776; Fax: (509)376-0420
The best book on programming for the layman is "Alice in Wonderland";
but that's because it's the best book on anything for the layman.
Re: snmp communication [ In reply to ]
On Sep 26, 2006, at 7:04 PM, Douglas Nordwall wrote:

> So, i'm working off the GPL dont_scan_printers.nasl script, and i
> cannot figure out why i'm not getting anything back when I hit the
> snmp port
>
> --code--
> if ( get_kb_item("SNMP/community") )
> {
> port = get_kb_item("SNMP/port");
> community = get_kb_item("SNMP/community");
> soc = open_sock_udp (port);
> if ( soc )
> {
> security_note(port:port, data: port);


Try :

security_note(port:port, data:string(port));


As security_note() expects a string, not an integer.

You may also want to use display() when working on command-line mode
instead of these calls.



-- Renaud
_______________________________________________
Plugins-writers mailing list
Plugins-writers@list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers
Re: snmp communication [ In reply to ]
thanks! that did the trick on the display

However, that really wasn't the core question :) I'm interested to
know why I can snmpget with the proper community name and get back
that oid, yet nessus doesn't. It seems a little off, as
snmpwalk_portscan.nasl does actually work and get the community name.

On Sep 27, 2006, at 4:07 AM, Renaud Deraison wrote:

>
> On Sep 26, 2006, at 7:04 PM, Douglas Nordwall wrote:
>
> > So, i'm working off the GPL dont_scan_printers.nasl script, and i
> > cannot figure out why i'm not getting anything back when I hit the
> > snmp port
> >
> > --code--
> > if ( get_kb_item("SNMP/community") )
> > {
> > port = get_kb_item("SNMP/port");
> > community = get_kb_item("SNMP/community");
> > soc = open_sock_udp (port);
> > if ( soc )
> > {
> > security_note(port:port, data: port);
>
>
> Try :
>
> security_note(port:port, data:string(port));
>
>
> As security_note() expects a string, not an integer.
>
> You may also want to use display() when working on command-line mode
> instead of these calls.
>
>
>
> -- Renaud
>


Doug Nordwall
Unix Administrator
EMSL Computer and Network Support
Unclassified Computer Security
Phone: (509)372-6776; Fax: (509)376-0420
The best book on programming for the layman is "Alice in Wonderland";
but that's because it's the best book on anything for the layman.
Re: snmp communication [ In reply to ]
On Sep 27, 2006, at 9:24 AM, Douglas Nordwall wrote:

> thanks! that did the trick on the display
>
> However, that really wasn't the core question :) I'm interested to
> know why I can snmpget with the proper community name and get back
> that oid, yet nessus doesn't. It seems a little off, as
> snmpwalk_portscan.nasl does actually work and get the community name.

First, your original code contains :

desc = snmp_request(socket:soc, community:community, oid:".1.3");

[oid should be set to "1.3", not ".1.3"]

However, it seems what you really want is to iterate through the
whole space under 1.3.x so you really want to do :

desc = scan_snmp_string (socket:soc, community:community, oid:"1.3");




-- Renaud
_______________________________________________
Plugins-writers mailing list
Plugins-writers@list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers
RE: snmp communication [ In reply to ]
Thanks, that did it!

You might want to make the same change (snmp_request->scan_snmp_string)
to don't_scan_printers.nasl (id 11933). It's not working because of that
error on our network. The desc never gets populated in the JETDIRECT
snmp check at the top.

>From what I've seen here, if you request oid 1.3.6.1.2.1.1.1.0 directly,
you will speed up the scan (scan_snmp_string reads in a lot of data) and
should be pretty accurate (at least my printers all seem to respond to
that).

> -----Original Message-----
> From: plugins-writers-bounces@list.nessus.org
> [mailto:plugins-writers-bounces@list.nessus.org] On Behalf Of
> Renaud Deraison
> Sent: Wednesday, September 27, 2006 6:36 AM
> To: Nessus Plugin Writers Mailing List
> Subject: Re: [Plugins-writers] snmp communication
>
>
> On Sep 27, 2006, at 9:24 AM, Douglas Nordwall wrote:
>
> > thanks! that did the trick on the display
> >
> > However, that really wasn't the core question :) I'm interested to
> > know why I can snmpget with the proper community name and get back
> > that oid, yet nessus doesn't. It seems a little off, as
> > snmpwalk_portscan.nasl does actually work and get the
> community name.
>
> First, your original code contains :
>
> desc = snmp_request(socket:soc, community:community, oid:".1.3");
>
> [oid should be set to "1.3", not ".1.3"]
>
> However, it seems what you really want is to iterate through
> the whole space under 1.3.x so you really want to do :
>
> desc = scan_snmp_string (socket:soc, community:community,
> oid:"1.3");
>
>
>
>
> -- Renaud
> _______________________________________________
> Plugins-writers mailing list
> Plugins-writers@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/plugins-writers
>
_______________________________________________
Plugins-writers mailing list
Plugins-writers@list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers