Description
onesixtyone is an SNMP scanner which utilizes a sweep technique to achieve very high performance. It can scan an entire class B network in under 13 minutes. It can be used to discover devices responding to well-known community names or to mount a dictionary attack against one or more SNMP devices.
Usage
Syntax
onesixtyone [options] <host> <community>
Where:
-
host is the IP address of the system we are targeting
-
community is either public or private
Like any password-cracking software (that is not using brute-force), it’s only as good as its wordlist. Onesixtyone comes with a built-in wordlist of commonly used passwords on SNMP, but if your password isn’t in the list, you can use any word list you want.
Very often, if a sysadmin changes the SNMP community string, they will change it to something simple like the companyname-public orcompanyname-private. It’s always worth trying these or similar combinations before attempting a password crack.
Options
-
-c <communityfile> file with community names to try -i <inputfile> file with target hosts -o <outputfile> output log -d debug mode, use twice for more information -w n wait n milliseconds (1/1000 of a second) between sending packets (default 10)
Example
cyborg@cyborg:~$ onesixtyone -c password.txt 192.168.1.7 Scanning 1 hosts, 1 communities