SNMP scripts for nmap

I just finished writing a bunch of Windows oriented SNMP scripts for nmap. A zip file containing all of them is available from the nmap-scripts page. The archive currently includes:

  • snmp-get-windows-processes.nse
  • snmp-get-windows-services.nse
  • snmp-get-windows-shares.nse
  • snmp-get-windows-software.nse
  • snmp-get-windows-users.nse

I have included some sample output in the full article.

Listing Windows Services

| snmp-get-windows-services:
|   Apache Tomcat
|   Application Experience Lookup Service
|   Application Layer Gateway Service
|   Automatic Updates
|   COM+ Event System
|   COM+ System Application
|   Computer Browser
|   Cryptographic Services
|   DB2 – DB2COPY1 – DB2
|   DB2 Management Service (DB2COPY1)
|   DB2 Remote Command Server (DB2COPY1)
|   DB2DAS – DB2DAS00
|_  DCOM Server Process Launcher

Listing Windows Shares

| snmp-get-windows-shares:
|   SYSVOL
|     C:WINDOWSsysvolsysvol
|   NETLOGON
|     C:WINDOWSsysvolsysvolinspectit-labb.localSCRIPTS
|   Webapps
|_    C:Program FilesApache Software FoundationTomcat 5.5webappsROOT

Listing Windows Users

| snmp-get-windows-users:
|   Administrator
|   Guest
|   IUSR_EDUSRV011
|   IWAM_EDUSRV011
|   SUPPORT_388945a0
|   Tomcat
|   db2admin
|   ldaptest
|_  patrik

Listing Windows Software

| snmp-get-windows-software:
|   Apache Tomcat 5.5 (remove only); 2007-09-15 15:13:18
|   Microsoft Internationalized Domain Names Mitigation APIs; 2007-09-15 15:13:18
|   Security Update for Windows Media Player (KB911564); 2007-09-15 15:13:18
|   Security Update for Windows Server 2003 (KB924667-v2); 2007-09-15 15:13:18
|   Security Update for Windows Media Player 6.4 (KB925398); 2007-09-15 15:13:18
|   Security Update for Windows Server 2003 (KB925902); 2007-09-15 15:13:18
|_  Windows Internet Explorer 7; 2007-09-15 15:13:18

Listing Windows Processes

| snmp-get-windows-processes:
|   System Idle Process
|     PID: 1
|   System
|     PID: 4
|   smss.exe
|     Path: SystemRootSystem32
|     PID: 256
|   csrss.exe
|     Path: C:WINDOWSsystem32
|     Params: ObjectDirectory=Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserS
|_    PID: 308