Date: Sun, 6 Apr 2003 17:09:05 GMT From: Yonatan@xpert.com To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/50642: New port: security/ADMsnmp - SNMP brute forcer Message-ID: <200304061709.h36H94j21378@node-110.xpert.com> Resent-Message-ID: <200304061410.h36EAHsL024505@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 50642 >Category: ports >Synopsis: New port: security/ADMsnmp - SNMP brute forcer >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sun Apr 06 07:10:16 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Yonatan@xpert.com >Release: FreeBSD 4.8-RC i386 >Organization: >Environment: System: FreeBSD Temujin 4.8-RC FreeBSD 4.8-RC #4: Tue Mar 11 17:44:31 GMT 2003 root@Temujin:/usr/obj/usr/src/sys/TEMUJIN i386 >Description: This is a ADM's SNMP brute forcer. This is based on Jason Peel's (jsyn at openbsd.org) OpenBSD port. >How-To-Repeat: N/A >Fix: --- ADMsnmp.shar begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # . # ./Makefile # ./distinfo # ./files # ./files/patch-snmp.c # ./pkg-descr # ./pkg-plist # echo c - . mkdir -p . > /dev/null 2>&1 echo x - ./Makefile sed 's/^X//' >./Makefile << 'END-of-./Makefile' X# Ports collection makefile for: ADMsnmp X# Date created: 16 Apr 2003 X# Whom: Yonatan@xpert.com X# X# $FreeBSD$ X# X XPORTNAME= ADMsnmp XPORTVERSION= 0.1 XCATEGORIES= security XMASTER_SITES= ftp://adm.freelsd.net/pub/ADM/ \ X http://adm.freelsd.net/ADM/ \ X ${MASTER_SITE_PACKETSTORM:=groups/ADM/} XDISTNAME= ${PORTNAME}.${PORTVERSION} XEXTRACT_SUFX= .tgz X XMAINTAINER= Yonatan@xpert.com XCOMMENT= SNMP audit scanner X XWRKSRC= ${WRKDIR}/ADMsnmp X Xdo-build: X ${CC} ${CFLAGS} -DPORTSHAREDIR="${PREFIX}/share/ADMsnmp" \ X -o ${WRKSRC}/ADMsnmp ${WRKSRC}/snmp.c X Xdo-install: X ${INSTALL_PROGRAM} ${WRKSRC}/ADMsnmp ${PREFIX}/bin X ${MKDIR} ${PREFIX}/share/ADMsnmp X ${MKDIR} ${PREFIX}/share/doc/ADMsnmp X ${INSTALL_DATA} ${WRKSRC}/snmp.passwd ${PREFIX}/share/ADMsnmp X ${INSTALL_DATA} ${WRKSRC}/ADMsnmp.README ${PREFIX}/share/doc/ADMsnmp X X.include <bsd.port.mk> END-of-./Makefile echo x - ./distinfo sed 's/^X//' >./distinfo << 'END-of-./distinfo' XMD5 (ADMsnmp.0.1.tgz) = 1b6909ab6ebaaaec49444f51d3162de2 END-of-./distinfo echo c - ./files mkdir -p ./files > /dev/null 2>&1 echo x - ./files/patch-snmp.c sed 's/^X//' >./files/patch-snmp.c << 'END-of-./files/patch-snmp.c' X--- snmp.c.orig Wed Feb 17 07:20:05 1999 X+++ snmp.c Sun Apr 6 16:31:38 2003 X@@ -33,6 +33,8 @@ X #include <sys/stat.h> X #include <netdb.h> X #include <netinet/in.h> X+#include <sys/types.h> X+#include <sys/socket.h> X X X struct snmpchex X@@ -231,7 +233,7 @@ X /** get the ID **/ X sn->id = buf[i + 2]; X for (i = i + (buf[i + 1] + 2); i < size && i + 2 < size; i++) X- if (buf[i] == '\x02') X+ if (buf[i] == '\x02') { X if (buf[i + 1] == '\x01') X { X /** return code **/ X@@ -241,6 +243,7 @@ X } X else X return (-1); X+ } X } X } X } X@@ -300,7 +303,7 @@ X memset (buf, 0, sizeofbuf); X i = getreq (buf, namez, GETREQ_SYSDEC, id, set_req); X memcpy ((buf + i), sysdec, GETREQ_SYSDEC); X- return (sendto (sock, buf, i + GETREQ_SYSDEC, 0, sin, sizeof (struct sockaddr_in))); X+ return (sendto (sock, buf, i + GETREQ_SYSDEC, 0, (const struct sockaddr *)sin, sizeof (struct sockaddr_in))); X } X X /** getreq paket **/ X@@ -460,7 +463,7 @@ X i = 0; X /** we get an answer !!!! */ X X- if ((i = recvfrom (sock, (char *) &buf, sizeof (buf), 0, &sin, &x)) > 0) X+ if ((i = recvfrom (sock, (char *) &buf, sizeof (buf), 0, (struct sockaddr *) &sin, &x)) > 0) X { X nd = 0; X /** extract the ID the return code and the community name **/ X@@ -544,7 +547,7 @@ X "[-waitfor] <mili> : time in milisecond in each send of snmprequest\n" X "[-sleep] <second> : time in second of the scan process life\n" X "[-manysend] <number>: how many paket to send by request \n" X- "[-inter] <mili> : time to wait in milisecond after each request"); X+ "[-inter] <mili> : time to wait in milisecond after each request\n"); X } X X int X@@ -581,7 +584,7 @@ X printf ("cant resolve hostname!\n"); X exit (-1); X } X- opz.wordfile = strdup ("snmp.passwd"); X+ opz.wordfile = strdup ("PORTSHAREDIR/snmp.passwd"); X opz.outputfile = NULL; X opz.guess = -1; X opz.manysend = 2; END-of-./files/patch-snmp.c echo x - ./pkg-descr sed 's/^X//' >./pkg-descr << 'END-of-./pkg-descr' XADMsnmp is an snmpd audit scanner. XADMsnmp can brute force the snmp community name (with a wordfile) or Xmake a wordfile list derived the hostname. XADMsnmp can report to you all valid community Xnames found and inform you if writable access to the MIB has been attained. X XADMsnmp is very easy to use and designed with speed in mind! END-of-./pkg-descr echo x - ./pkg-plist sed 's/^X//' >./pkg-plist << 'END-of-./pkg-plist' X@comment $FreeBSD$ Xbin/ADMsnmp Xshare/ADMsnmp/snmp.passwd Xshare/doc/ADMsnmp/ADMsnmp.README X@dirrm share/doc/ADMsnmp X@dirrm share/ADMsnmp END-of-./pkg-plist exit --- ADMsnmp.shar ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200304061709.h36H94j21378>