NSE snmp manually rebase #122 provided patch

scripts/snmp-brute.nse

@@ -34,6 +34,8 @@ No output is reported if no valid account is found.
 -- 2011-12-29 Patrik Karlsson - Added lport to sniff_snmp_responses to fix
 --                              bug preventing multiple scripts from working
 --                              properly.
+-- 2015-05-31 Gioacchino Mazzurco - Add IPv6 support by making the script IP
+--                              version agnostic
 
 ---
 -- @usage
@@ -273,9 +275,9 @@ action = function(host, port)
       local account = creds_iter()
       if account then
         if account.pass == "<empty>" then
-          nmap.registry.snmpcommunity = ""
+          host.registry.snmpcommunity = ""
         else
-          nmap.registry.snmpcommunity = account.pass
+          host.registry.snmpcommunity = account.pass
         end
       end
     end

scripts/snmp-hh3c-logins.nse

@@ -122,27 +122,18 @@ end
 
 action = function(host, port)
 
-  local socket = nmap.new_socket()
-  local catch = function() socket:close() end
-  local try = nmap.new_try(catch)
-  local data, oldsnmpoid = nil, "1.3.6.1.4.1.2011.10.2.12.1.1.1"
-  local data, newsnmpoid = nil, "1.3.6.1.4.1.25506.2.12.1.1.1"
-  local users = {}
-  local status
+  local oldsnmpoid = "1.3.6.1.4.1.2011.10.2.12.1.1.1"
+  local newsnmpoid = "1.3.6.1.4.1.25506.2.12.1.1.1"
 
-  socket:set_timeout(5000)
-  try(socket:connect(host, port))
+  local snmpHelper = snmp.Helper:new(host, port)
+  snmpHelper:connect()
 
-  status, users = snmp.snmpWalk( socket, oldsnmpoid )
-  socket:close()
+  local status, users = snmpHelper:walk( oldsnmpoid )
 
   if (not(status)) or ( users == nil ) or ( #users == 0 ) then
 
     -- no status? try new snmp oid
-    socket:set_timeout(5000)
-    try(socket:connect(host, port))
-    status, users = snmp.snmpWalk( socket, newsnmpoid )
-    socket:close()
+    status, users = snmpHelper:walk( newsnmpoid )
 
     if (not(status)) or ( users == nil ) or ( #users == 0 ) then
       return users

scripts/snmp-interfaces.nse

@@ -390,9 +390,6 @@ end
 
 action = function(host, port)
 
-  local socket = nmap.new_socket()
-  local catch = function() socket:close() end
-  local try = nmap.new_try(catch)
   -- IF-MIB - used to look up network interfaces
   local if_oid = "1.3.6.1.2.1.2.2.1"
   -- IP-MIB - used to determine IP address information
@@ -411,21 +408,20 @@ action = function(host, port)
 
     srvport = stdnse.get_script_args({"snmp-interfaces.port", "port"})
     if srvport then
-      srvport = tonumber(srvport)
+      srvport = { number=tonumber(srvport), protocol="udp" }
     else
-      srvport = 161
+      srvport = { number=tonumber(srvport), protocol="udp" }
     end
   else
     srvhost = host.ip
     srvport = port.number
   end
 
-  socket:set_timeout(5000)
-  try(socket:connect(srvhost, srvport, "udp"))
+  local snmpHelper = snmp.Helper:new(host, port)
+  snmpHelper:connect()
 
   -- retrieve network interface information from IF-MIB
-  status, interfaces = snmp.snmpWalk( socket, if_oid )
-  socket:close()
+  status, interfaces = snmpHelper:walk(if_oid)
 
   if (not(status)) or ( interfaces == nil ) or ( #interfaces == 0 ) then
     return
@@ -437,8 +433,7 @@ action = function(host, port)
   interfaces = process_interfaces( interfaces )
 
   -- retrieve IP address information from IP-MIB
-  try(socket:connect(srvhost, srvport, "udp"))
-  status, ips = snmp.snmpWalk( socket, ip_oid )
+  status, ips = snmpHelper:walk( ip_oid )
 
   -- associate that IP address information with the correct interface
   if (not(status)) or ( ips ~= nil ) and ( #ips ~= 0 ) then

scripts/snmp-ios-config.nse

@@ -46,24 +46,6 @@ dependencies = {"snmp-brute"}
 
 portrule = shortport.portnumber(161, "udp", {"open", "open|filtered"})
 
-local try
-
-local function sendrequest(socket, oid, setparam)
-  local payload
-  local options = {}
-  options.reqId = 28428 -- unnecessary?
-  payload = snmp.encode(snmp.buildPacket(snmp.buildSetRequest(options, oid,setparam)))
-
-  try(socket:send(payload))
-
-  -- read in any response we might get
-  local status, response = socket:receive()
-  if ( not(status) ) then return status, response end
-
-  local result = snmp.fetchFirst(response)
-  return true
-end
-
 ---
 -- Sends SNMP packets to host and reads responses
 action = function(host, port)
@@ -74,20 +56,10 @@ action = function(host, port)
     return "ERROR: tftproot needs to end with slash"
   end
 
-  -- create the socket used for our connection
-  local socket = nmap.new_socket()
+  local snmpHelper = snmp.Helper:new(host, port)
+  snmpHelper:connect()
 
-  -- set a reasonable timeout value
-  socket:set_timeout(5000)
-
-  -- do some exception handling / cleanup
-  local catch = function() socket:close() end
-  try = nmap.new_try(catch)
-
-  -- connect to the potential SNMP system
-  try(socket:connect(host, port))
-
-  local status, tftpserver, _, _, _ = socket:get_info()
+  local status, tftpserver, _, _, _ = snmpHelper.socket:get_info()
   if( not(status) ) then
     return "ERROR: Failed to determine local ip"
   end
@@ -95,7 +67,7 @@ action = function(host, port)
   -- build a SNMP v1 packet
   -- set value: .1.3.6.1.4.1.9.9.96.1.1.1.1.2.9999 (ConfigCopyProtocol is set to TFTP [1] )
 
-  local request = sendrequest(socket, ".1.3.6.1.4.1.9.9.96.1.1.1.1.2.9999",1)
+  local request = snmpHelper:set({reqiId=28428},".1.3.6.1.4.1.9.9.96.1.1.1.1.2.9999",1)
 
   -- Fail silently if the first request doesn't get a proper response
   if ( not(request) ) then return  end
@@ -107,13 +79,13 @@ action = function(host, port)
   -- build a SNMP v1 packet
   -- set value: .1.3.6.1.4.1.9.9.96.1.1.1.1.3 (SourceFileType is set to running-config [4] )
 
-  request = sendrequest(socket, ".1.3.6.1.4.1.9.9.96.1.1.1.1.3.9999",4)
+  request = snmpHelper:set({reqId=28428}, ".1.3.6.1.4.1.9.9.96.1.1.1.1.3.9999",4)
 
   -------------------------------------------------
   -- build a SNMP v1 packet
   -- set value: .1.3.6.1.4.1.9.9.96.1.1.1.1.4 (DestinationFileType is set to networkfile [1] )
 
-  request = sendrequest(socket, ".1.3.6.1.4.1.9.9.96.1.1.1.1.4.9999",1)
+  request = snmpHelper:set({reqId=28428}, ".1.3.6.1.4.1.9.9.96.1.1.1.1.4.9999",1)
 
   -------------------------------------------------
   -- build a SNMP v1 packet
@@ -125,7 +97,7 @@ action = function(host, port)
     table.insert(tbl, octet)
   end
 
-  request = sendrequest(socket, nil, { { snmp.str2oid(".1.3.6.1.4.1.9.9.96.1.1.1.1.5.9999"), tbl } } )
+  request = snmpHelper:set({reqId=28428}, nil, { { snmp.str2oid(".1.3.6.1.4.1.9.9.96.1.1.1.1.5.9999"), tbl } } )
   -- request = sendrequest(".1.3.6.1.4.1.9.9.96.1.1.1.1.5.9999",tftpserver)
 
 
@@ -134,26 +106,26 @@ action = function(host, port)
   -- set value: .1.3.6.1.4.1.9.9.96.1.1.1.1.15 (ServerAddressType is set 1 for ipv4 )
   -- more options - 1:ipv4, 2:ipv6, 3:ipv4z, 4:ipv6z, 16:dns
 
-  request = sendrequest(socket, ".1.3.6.1.4.1.9.9.96.1.1.1.1.15.9999",1)
+  request = snmpHelper:set({reqId=28428}, ".1.3.6.1.4.1.9.9.96.1.1.1.1.15.9999",1)
 
   -------------------------------------------------
   -- build a SNMP v1 packet
   -- set value: .1.3.6.1.4.1.9.9.96.1.1.1.1.16 (ServerAddress is set to the IP address of the TFTP server )
 
-  request = sendrequest(socket, ".1.3.6.1.4.1.9.9.96.1.1.1.1.16.9999",tftpserver)
+  request = snmpHelper:set({reqId=28428}, ".1.3.6.1.4.1.9.9.96.1.1.1.1.16.9999",tftpserver)
 
   -------------------------------------------------
   -- build a SNMP v1 packet
   -- set value: .1.3.6.1.4.1.9.9.96.1.1.1.1.6 (CopyFilename is set to IP-config)
 
-  request = sendrequest(socket, ".1.3.6.1.4.1.9.9.96.1.1.1.1.6.9999",host.ip .. "-config")
+  request = snmpHelper:set({reqId=28428}, ".1.3.6.1.4.1.9.9.96.1.1.1.1.6.9999",host.ip .. "-config")
 
   -------------------------------------------------
   -- build a SNMP v1 packet
   -- set value: .1.3.6.1.4.1.9.9.96.1.1.1.1.14 (Start copying by setting CopyStatus to active [1])
   -- more options: 1:active, 2:notInService, 3:notReady, 4:createAndGo, 5:createAndWait, 6:destroy
 
-  request = sendrequest(socket, ".1.3.6.1.4.1.9.9.96.1.1.1.1.14.9999",1)
+  request = snmpHelper:set({reqId=28428}, ".1.3.6.1.4.1.9.9.96.1.1.1.1.14.9999",1)
 
   -- wait for sometime and print the status of filetransfer
   tftp.start()
@@ -162,16 +134,8 @@ action = function(host, port)
   -- build a SNMP v1 packet
   -- get value: .1.3.6.1.4.1.9.9.96.1.1.1.1.10 (Check the status of filetransfer) 1:waiting, 2:running, 3:successful, 4:failed
 
-  local options = {}
-  options.reqId = 28428
-  local payload = snmp.encode(snmp.buildPacket(snmp.buildGetRequest(options, ".1.3.6.1.4.1.9.9.96.1.1.1.1.10.9999")))
-
-  try(socket:send(payload))
-
-  local status
   local response
-  -- read in any response we might get
-  status, response = socket:receive()
+  status, response = snmpHelper:get({reqId=28428}, ".1.3.6.1.4.1.9.9.96.1.1.1.1.10.9999")
 
   if (not status) or (response == "TIMEOUT") then
     return "\n  ERROR: Failed to receive cisco configuration file"
@@ -205,9 +169,8 @@ action = function(host, port)
   -- build a SNMP v1 packet
   -- set value: .1.3.6.1.4.1.9.9.96.1.1.1.1.14 (Destroy settings by setting CopyStatus to destroy [6])
 
-  request = sendrequest(socket, ".1.3.6.1.4.1.9.9.96.1.1.1.1.14.9999",6)
+  request = snmpHelper:set({reqId=28428}, ".1.3.6.1.4.1.9.9.96.1.1.1.1.14.9999",6)
 
-  try(socket:close())
 
   return result
 end

scripts/snmp-netstat.nse

@@ -103,23 +103,19 @@ end
 
 action = function(host, port)
 
-  local socket = nmap.new_socket()
-  local catch = function() socket:close() end
-  local try = nmap.new_try(catch)
   local tcp_oid = "1.3.6.1.2.1.6.13.1.1"
   local udp_oid = "1.3.6.1.2.1.7.5.1.1"
   local netstat = {}
   local status, tcp, udp
 
-  socket:set_timeout(5000)
-  try(socket:connect(host, port))
+  local snmpHelper = snmp.Helper:new(host, port)
+  snmpHelper:connect()
 
-  status, tcp = snmp.snmpWalk( socket, tcp_oid )
+  status, tcp = snmpHelper:walk( tcp_oid )
   if ( not(status) ) then return end
 
-  status, udp = snmp.snmpWalk( socket, udp_oid )
+  status, udp = snmpHelper:walk( udp_oid )
   if ( not(status) ) then return end
-  socket:close()
 
   if ( tcp == nil ) or ( #tcp == 0 ) or ( udp==nil ) or ( #udp == 0 ) then
     return
@@ -136,7 +132,6 @@ action = function(host, port)
   netstat = table_merge( tcp, udp )
 
   nmap.set_port_state(host, port, "open")
-  socket:close()
 
   return stdnse.format_output( true, netstat )
 end

scripts/snmp-processes.nse

@@ -140,18 +140,14 @@ end
 
 action = function(host, port)
 
-  local socket = nmap.new_socket()
-  local catch = function() socket:close() end
-  local try = nmap.new_try(catch)
   local data, snmpoid = nil, "1.3.6.1.2.1.25.4.2"
   local shares = {}
   local status
 
-  socket:set_timeout(5000)
-  try(socket:connect(host, port))
+  local snmpHelper = snmp.Helper:new(host, port)
+  snmpHelper:connect()
 
-  status, shares = snmp.snmpWalk( socket, snmpoid )
-  socket:close()
+  status, shares = snmpHelper:walk( snmpoid )
 
   if (not(status)) or ( shares == nil ) or ( #shares == 0 ) then
     return

scripts/snmp-sysdescr.nse

@@ -31,67 +31,32 @@ portrule = shortport.portnumber(161, "udp", {"open", "open|filtered"})
 -- Sends SNMP packets to host and reads responses
 action = function(host, port)
 
-  -- create the socket used for our connection
-  local socket = nmap.new_socket()
-
-  -- set a reasonable timeout value
-  socket:set_timeout(5000)
-
-  -- do some exception handling / cleanup
-  local catch = function()
-    socket:close()
-  end
-
-  local try = nmap.new_try(catch)
-
-  -- connect to the potential SNMP system
-  try(socket:connect(host, port))
-
-  local payload
+  local snmpHelper = snmp.Helper:new(host, port)
+  snmpHelper:connect()
 
   -- build a SNMP v1 packet
   -- copied from packet capture of snmpget exchange
   -- get value: 1.3.6.1.2.1.1.1.0 (SNMPv2-MIB::sysDescr.0)
-  local options = {}
-  options.reqId = 28428 -- unnecessary?
-  payload = snmp.encode(snmp.buildPacket(snmp.buildGetRequest(options, "1.3.6.1.2.1.1.1.0")))
+  local status, response = snmpHelper:get({reqId=28428}, "1.3.6.1.2.1.1.1.0")
 
-  try(socket:send(payload))
-
-  local status
-  local response
-
-  -- read in any response we might get
-  status, response = socket:receive_bytes(1)
-
-  if (not status) or (response == "TIMEOUT") then
+  if not status then
     return
   end
 
   -- since we got something back, the port is definitely open
   nmap.set_port_state(host, port, "open")
 
-  local result
-  result = snmp.fetchFirst(response)
+  local result = snmp.fetchFirst(response)
 
   -- build a SNMP v1 packet
   -- copied from packet capture of snmpget exchange
   -- get value: 1.3.6.1.2.1.1.3.0 (SNMPv2-MIB::sysUpTime.0)
-  local options = {}
-  options.reqId = 28428
-  payload = snmp.encode(snmp.buildPacket(snmp.buildGetRequest(options, "1.3.6.1.2.1.1.3.0")))
+  status, response = snmpHelper:get({reqId=28428}, "1.3.6.1.2.1.1.3.0")
 
-  try(socket:send(payload))
-
-  -- read in any response we might get
-  status, response = socket:receive_bytes(1)
-
-  if (not status) or (response == "TIMEOUT") then
+  if not status then
     return result
   end
 
-  try(socket:close())
-
   local uptime = snmp.fetchFirst(response)
   if not uptime then
     return

scripts/snmp-win32-services.nse

@@ -74,18 +74,14 @@ end
 
 action = function(host, port)
 
-  local socket = nmap.new_socket()
-  local catch = function() socket:close() end
-  local try = nmap.new_try(catch)
   local snmpoid = "1.3.6.1.4.1.77.1.2.3.1.1"
   local services = {}
   local status
 
-  socket:set_timeout(5000)
-  try(socket:connect(host, port))
+  local snmpHelper = snmp.Helper:new(host, port)
+  snmpHelper:connect()
 
-  status, services = snmp.snmpWalk( socket, snmpoid )
-  socket:close()
+  status, services = snmpHelper:walk( snmpoid )
 
   if ( not(status) ) or ( services == nil ) or ( #services == 0 ) then
     return

scripts/snmp-win32-shares.nse

@@ -78,18 +78,14 @@ end
 
 action = function(host, port)
 
-  local socket = nmap.new_socket()
-  local catch = function() socket:close() end
-  local try = nmap.new_try(catch)
   local data, snmpoid = nil, "1.3.6.1.4.1.77.1.2.27"
   local shares = {}
   local status
 
-  socket:set_timeout(5000)
-  try(socket:connect(host, port))
+  local snmpHelper = snmp.Helper:new(host, port)
+  snmpHelper:connect()
 
-  status, shares = snmp.snmpWalk( socket, snmpoid )
-  socket:close()
+  status, shares = snmpHelper:walk( snmpoid )
 
   if (not(status)) or ( shares == nil ) or ( #shares == 0 ) then
     return

scripts/snmp-win32-software.nse

@@ -140,18 +140,14 @@ end
 
 action = function(host, port)
 
-  local socket = nmap.new_socket()
-  local catch = function() socket:close() end
-  local try = nmap.new_try(catch)
   local data, snmpoid = nil, "1.3.6.1.2.1.25.6.3.1"
   local sw = {}
   local status
 
-  socket:set_timeout(5000)
-  try(socket:connect(host, port))
+  local snmpHelper = snmp.Helper:new(host, port)
+  snmpHelper:connect()
 
-  status, sw = snmp.snmpWalk( socket, snmpoid )
-  socket:close()
+  status, sw = snmpHelper:walk( snmpoid )
 
   if ( not(status) ) or ( sw == nil ) or ( #sw == 0 ) then
     return

scripts/snmp-win32-users.nse

@@ -66,18 +66,14 @@ end
 
 action = function(host, port)
 
-  local socket = nmap.new_socket()
-  local catch = function() socket:close() end
-  local try = nmap.new_try(catch)
   local snmpoid = "1.3.6.1.4.1.77.1.2.25"
   local users = {}
   local status
 
-  socket:set_timeout(5000)
-  try(socket:connect(host, port))
+  local snmpHelper = snmp.Helper:new(host, port)
+  snmpHelper:connect()
 
-  status, users = snmp.snmpWalk( socket, snmpoid )
-  socket:close()
+  status, users = snmpHelper:walk( snmpoid )
 
   if( not(status) ) then
     return