# SNMP

Discover devices with default community strings:

```
msf > use auxiliary/scanner/snmp/snmp_login
msf > set PASSWORD public
msf > set RHOSTS file:snmp.txt
msf > set THREADS 25
msf > set VERBOSE false
msf > set VERSION 2c
msf > run
```

## onesixtyone

* <https://github.com/trailofbits/onesixtyone>

Brute force community strings:

```
$ onesixtyone -c /usr/share/seclists/Discovery/SNMP/snmp.txt 10.10.13.37
```

## snmp-check

Collect data:

```
$ snmp-check -v 2c -c public 10.10.13.37
$ for i in `seq 1 254`; do snmp-check -v 2c -c public -t1 10.10.13.$i | grep -aA2 'System information'; done
```

## snmpwn

* <https://github.com/hatlord/snmpwn>

```
$ ./snmpwn.rb --hosts hosts.txt --users users.txt --passlist passwords.txt --enclist passwords.txt
```