Fixes #130 snmp-brute.nse is IPversion agnostic now

2025-12-15 04:09:01 +00:00 · 2015-05-31 16:39:55 +00:00
parent ead27df538
commit a1eeaa8887
1 changed files with 4 additions and 6 deletions
--- a/scripts/snmp-brute.nse
+++ b/scripts/snmp-brute.nse
@@ -48,7 +48,7 @@ No output is reported if no valid account is found.
 -- |   dragon - Valid credentials
 -- |_  jordan - Valid credentials

-author = "Philip Pickering, Gorjan Petrovski, Patrik Karlsson"
+author = "Philip Pickering, Gorjan Petrovski, Patrik Karlsson, Gioacchino Mazzurco"

 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"

@@ -168,12 +168,10 @@ end

 local sniff_snmp_responses = function(host, port, lport, result)
  local condvar = nmap.condvar(result)
-
  local pcap = nmap.new_socket()
  pcap:set_timeout(host.times.timeout * 1000 * 3)
-  local ip = host.bin_ip_src
-  ip = string.format("%d.%d.%d.%d",ip:byte(1),ip:byte(2),ip:byte(3),ip:byte(4))
-  pcap:pcap_open(host.interface, 104, false,"dst host " .. ip .. " and udp and src port 161 and dst port " .. lport)
+  pcap:pcap_open(host.interface, 300, false, "src host ".. host.ip .." and udp and src port 161 and dst port "..lport)
+

  -- last_run indicated whether there will be only one more receive
  local last_run = false
@@ -192,7 +190,7 @@ local sniff_snmp_responses = function(host, port, lport, result)
        return
      end

-      local response = p:raw(28, #p.buf)
+      local response = p:raw(p.udp_offset + 8, #p.buf)
      local res
      _, res = snmp.decode(response)