数学建模社区-数学中国

标题: 对中国先锋网络科技基于SNMP的信息刺探 [打印本页]

作者: 韩冰 时间: 2004-10-5 08:56
标题: 对中国先锋网络科技基于SNMP的信息刺探

作者： Net2k 来自：流星轨迹

对中国先锋网络科技基于SNMP的信息刺探

得到系统正在运行的程序信息：' L& E1 ^; f9 g9 g2 ~1 n! W ------------------------------------------------------------ 1 g/ N5 g" ]/ T0 GVariable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1 1 q) D- `! R2 `& |Value = String System Idle Process

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.84 I1 l, d. n) y2 O8 d5 ], C9 d Value = String System

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.172 - d8 K" S+ c: h+ X) GValue = String smss.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.196' f4 \% y, J$ I7 m | Value = String winlogon.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.200 $ R7 X& o5 B4 m5 w+ B$ p. ~Value = String csrss.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.2489 J2 ~7 M) Y9 l2 ]. R! i Value = String services.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.260, n" x. S5 x0 l4 e Value = String lsass.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.296 4 S+ ?' k9 l# G V4 G1 W* s) [! TValue = String wuauclt.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.456/ f8 R/ p8 A+ A* p' r' j& c* L Value = String svchost.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.4962 Y' p/ {- m- t/ ]8 T+ Z Value = String spoolsv.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.524" r: I2 l. f# m2 H9 }0 f' E) s Value = String msdtc.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.656 3 F" ?, H. q' MValue = String DefWatch.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.676 ' ~. H+ `: ]5 A' u. n- c+ \7 k: ?5 pValue = String tcpsvcs.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.692. _) W* H4 T0 N( {3 w1 n' B2 ?. P Value = String svchost.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.720 % ?; d2 ~8 i' ~* ^2 J7 XValue = String llssrv.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.764 @; U$ P( D6 U4 i& D. s2 j Value = String Rtvscan.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.8724 [: W4 ~3 Z& w. c) p% n9 a Value = String hlds.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.9247 W; x2 |* [& F0 R9 Q Value = String nvsvc32.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.992 6 v2 y& [3 w: `- ?Value = String Explorer.EXE

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1000% C+ w3 R. u, M, z) @+ n Value = String regsvc.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1032 , g6 g7 M+ A2 a) M, n' \% b: y. ]Value = String MSTask.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1072 3 E5 H3 A4 F) \3 e. dValue = String snmp.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.10924 L2 B. E& d' A* d. H3 H) E e4 M Value = String ServUDaemon.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1104) n# _% I' ^! y2 S" N( Q# y0 X( ` W Value = String SMAgent.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1140; z* m3 N/ V; u Value = String WinMgmt.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1164 ; H4 H6 Q( f2 O8 k+ l I5 nValue = String wins.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1176. b- k5 f, v' x9 ~+ u) W: ?/ P Value = String svchost.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1196! V- F `$ P' [6 G. A: w Value = String xconfserver_t.e

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1228 9 i' ~( c! W, S5 B- CValue = String Dfssvc.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1248 * |2 y1 `. n$ F& R' [+ C. rValue = String inetinfo.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1348 3 C$ D6 H6 i' }; P2 KValue = String dns.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1568 % o3 T# i/ h- aValue = String vptray.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1580 / H4 L9 u8 [7 C7 bValue = String internat.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1844 5 a& @ z( a+ L( K: C: b3 tValue = String dllhost.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.19520 I u; |" N! Z3 z$ q! u Value = String dllhost.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.2060 * n. M; j) N7 RValue = String mdm.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.2144 $ c9 K( V3 @2 Y' ]5 _- EValue = String conime.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.2216 . L8 t) m S9 X. Y- y8 c) \Value = String hlds.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.23361 ]- `0 I7 a) s& C j( b- \- q Value = String hlds.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.2348+ y$ a3 o# d% t) q' W% ? Value = String svchost.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.2424 " D$ C: |- j" i% t) `# s2 ]Value = String hlds.exe

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.2460 * H- u5 {$ f! c% hValue = String hlds.exe

End of MIB subtree. * o0 ?) |% r2 v------------------------------------------------------------

得到系统信息:8 F1 @" e! I* A ------------------------------------------------------------ % I2 P; }1 b& i8 l: B1 U) JVariable = system.sysDescr.0 7 @/ D- ?+ E) ? C1 VValue = String Hardware: x86 Family 15 Model 2 Stepping 9 AT/AT COMPATIBLE - 5 O8 e* c# S) n; MSoftware: Windows 2000 Version 5.0 (Build 2195 Multiprocessor Free)

Variable = system.sysObjectID.0 4 i" I$ X3 n6 K; f; FValue = ObjectID 1.3.6.1.4.1.311.1.1.3.1.2

Variable = system.sysUpTime.0! h0 J7 E# t: I2 u2 ^9 ^$ V Value = TimeTicks 24725698

Variable = system.sysContact.07 N6 t$ t2 m9 h) t5 g& A s4 {6 J$ G4 T Value = String

Variable = system.sysName.0 4 y) Q! i; g6 i% J5 D: BValue = String XIAOTOU

Variable = system.sysLocation.0 / C# c: h% h* w( N1 U- tValue = String

Variable = system.sysServices.0 " p7 p0 o6 L- fValue = Integer32 76

End of MIB subtree.; n1 \8 E6 P4 `2 G+ }% d( Z ------------------------------------------------------------

------------------------------------------------------------ n) t6 d0 F& K5 ]2 D& l关于snmputil的语法：6 G# h% L/ i( k- ] ------------------------------------------------------------ 5 v1 f4 l: E& v4 `) y2 v6 l7 Qget，就理解成获取一个信息。

getnext，就理解成获取下一个信息。

walk，就理解成获取一堆信息（嗯，应该说所有数据库子树/子目录的信息）

agent，具体某台机器拉。

community，嗯就是那个“community strings”“查询密码”拉。

oid，这个要多说一下，这个呢，就是物件识别代码（Object Identifier）。 ' @; `; |/ c& N' ~............................................................

例：( C0 E3 {1 e4 u4 E4 l/ h. E snmputil.exe walk 对方IP public .1.3.6.1.2.1.25.4.2.1.2 //**进程列表1 f& x$ ?! _( x% d# V snmputil.exe walk 对方IP public .1.3.6.1.4.77.1.2.25.1.1 //**用户列表 7 c" ~; x! z2 M; ]+ [snmputil.exe get 对方IP public .1.3.6.1.4.77.1.4.1.0 //**域名 / a& q) g" o3 @) L V! asnmputil.exe walk 对方IP public .1.3.6.1.2.1.25.6.3.1.2 //**安装的软件 5 Q& F$ f, E3 Jsnmputil.exe walk 对方IP public .1.3.6.1.2.1.1 //**系统信息

欢迎光临数学建模社区-数学中国 (http://www.madio.net/)