数学建模社区-数学中国

标题: 对中国先锋网络科技基于SNMP的信息刺探 [打印本页]

作者: 韩冰    时间: 2004-10-5 08:56
标题: 对中国先锋网络科技基于SNMP的信息刺探

作者: Net2k 来自:流星轨迹

2 ~8 ~( m8 a; Q7 u

对中国先锋网络科技基于SNMP的信息刺探

6 y K9 G6 g* Q1 a5 v$ X1 a4 _3 X, `0 f2 ?1 N * A; a; A! }: L, m

得到系统正在运行的程序信息: / L1 K# j$ ?1 v: \5 Y8 \------------------------------------------------------------! C; O2 r0 Z! T9 f0 F1 K# L% X Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1 ( B9 J! t/ @. ~) e8 t4 RValue = String System Idle Process

/ X# J( |+ H+ K" z9 f

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.8 : K7 S% a* n. j$ q% B4 EValue = String System

. N/ L: S/ m' V: { h4 o

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.172) Z$ F; T/ U: g; G Value = String smss.exe

* ?; ~) D3 y; M- ?1 e( t

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.196% e; G4 p" v# Z W Value = String winlogon.exe

* ]1 F6 ^) x- _ _

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.2006 q: Q- v6 _( X* W9 x! ]' C4 i Value = String csrss.exe

$ ?% {6 E. | h/ G0 ~/ k& f- \

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.248 , r0 ^ _' p9 O# g* XValue = String services.exe

* F: [4 N$ Y0 z- v" P1 Z3 B

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.260 / e+ N" ^( l/ ~( x: O; T3 CValue = String lsass.exe

0 C8 b$ q5 _0 [

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.296 0 T `; T. d% H# w" a# L# BValue = String wuauclt.exe

/ b+ a) \$ S1 d4 S( A

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.4561 ~4 x$ {6 h( G. L4 K Value = String svchost.exe

& {9 _% q4 L# k! C4 X5 p# c( s

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.496; t- m. i9 \. K0 Y Value = String spoolsv.exe

; [; a" I" y+ w# \1 ^6 z& U

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.524 4 j& j3 c+ m* S) ]3 O" K5 W7 gValue = String msdtc.exe

% J+ W. x3 ]& L1 S- d

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.656 ( y5 B U. z2 h/ r, z8 QValue = String DefWatch.exe

+ d5 p/ t+ k; W+ E8 c

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.6760 `. M8 f" x. V! D' e Value = String tcpsvcs.exe

0 b' a. q) u. p, n, _1 T

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.692+ c& u/ U+ \: ~* M& Y- e Value = String svchost.exe

2 F7 w/ e4 }6 C, u

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.720! s4 S+ R5 r! ~8 P0 e4 a Value = String llssrv.exe

" B- H* W% x0 o7 \

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.764 4 ?6 C, ]- V$ G1 n6 j8 xValue = String Rtvscan.exe

L) A O% o Z, C

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.872. w, i, h8 g! C5 `4 O9 I; _ Value = String hlds.exe

; T8 {& s8 b( i1 n/ Q" Y- m

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.9247 z5 N) U$ F8 Y. R Value = String nvsvc32.exe

1 u" J5 K+ \8 X) T

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.992 `, Q$ {5 e" _7 J, | Z' Z Value = String Explorer.EXE

- u. w9 H& L% w) V0 Y- ^1 L5 t

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1000$ J- g8 Q- [3 w3 [9 l Value = String regsvc.exe

1 v2 `% v, w7 O

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1032 i0 o7 y& S9 u/ G2 ? Value = String MSTask.exe

0 D l: ~/ b; F$ g' R- _' u0 S- I

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.10729 \; y/ Z+ T# R2 a& r Value = String snmp.exe

% d3 \, N' B+ j6 R( z: k& ]8 F

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1092% F& i4 m. b0 J/ R) L Value = String ServUDaemon.exe

& z+ W# v5 V- X8 z0 K3 c+ P

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1104 B9 R; D" D5 d% m, L! |5 [3 l/ M( JValue = String SMAgent.exe

' y. z/ V( W0 D

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1140 & q+ H6 E* z2 `: \* C/ x- nValue = String WinMgmt.exe

2 a0 M; f4 a* u/ w1 p, g; v0 y9 v

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1164 : Z' y$ u1 t2 P( z8 `; K( N! nValue = String wins.exe

: U$ G" q m3 x; {" z% O! v: E

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1176 ( I% y J1 z% o* l% j5 [Value = String svchost.exe

1 v' Y9 q1 u- K$ W% m% j

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1196. I. ]/ ]5 n* e0 A1 U/ |) V9 M Value = String xconfserver_t.e

L% U: r! D+ ` X# V4 U9 p

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1228 0 c) E" v0 ^6 |' F1 gValue = String Dfssvc.exe

! i0 D+ k* C* i" ?$ |0 `% l5 R

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.12481 `4 g7 O' |, [- v' d o4 l Value = String inetinfo.exe

" X- K. d8 }2 M1 p: \) O

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1348 ' @2 t j* U ]$ W4 S+ _3 I8 _Value = String dns.exe

5 x; e1 K) ]- w7 D

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1568 7 y. r: t6 ]2 K( {3 p1 M" CValue = String vptray.exe

6 S: i9 G8 _" Z% I

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1580, I+ l9 f" N$ }# x8 { Value = String internat.exe

( h9 B, H ^3 ?% y0 k

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1844$ l& v V, u- t2 M* h* B Value = String dllhost.exe

: h- _$ g$ i0 d" ~$ |* j) x

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.1952% I* Z# {. B& l U$ ? o8 O Value = String dllhost.exe

8 I# F# ^( Y# T7 H1 T

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.2060, E+ l# @5 |6 w y Value = String mdm.exe

. P% x& y3 w8 y! m! W8 [! F

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.2144 * m& m2 s3 i' KValue = String conime.exe

$ c9 S: i; y- W- G

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.2216 1 {5 {$ I# k9 Z5 `1 X& ]Value = String hlds.exe

/ J; N0 F( }& m! N6 J) o. x% P

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.2336 1 m. I+ W8 b; x3 ] a8 B {Value = String hlds.exe

: D( a7 Z' D, C1 X( M

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.2348) Q3 ~& L4 m; b' {" \9 `7 o3 S Value = String svchost.exe

8 _, R+ \" O" y: h

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.2424, \3 p1 d! I5 } k# z Value = String hlds.exe

2 S. L' P. L) k3 U, v( j; R

Variable = host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunName.2460 1 r# k1 e( v7 V! i" n9 d1 [3 TValue = String hlds.exe

H/ E1 o! D! p* s0 d

End of MIB subtree. & @1 S9 r2 z8 o) } l; l$ z------------------------------------------------------------

3 ?: K1 Y( A$ V4 j

得到系统信息:) J) J1 M, M6 M" N- o- Q; f ------------------------------------------------------------, s; }% ^! ]- }* X. Z; U0 C- u Variable = system.sysDescr.0$ I( K/ [4 d5 u$ I8 I0 z+ i Value = String Hardware: x86 Family 15 Model 2 Stepping 9 AT/AT COMPATIBLE -+ O) W) M! z, ~. P' o) _& W Software: Windows 2000 Version 5.0 (Build 2195 Multiprocessor Free)

7 l+ O/ t( x o, m! ?2 E

Variable = system.sysObjectID.0 / Y D7 e- O6 Z" u9 O& ~4 uValue = ObjectID 1.3.6.1.4.1.311.1.1.3.1.2

$ ~8 T9 d0 [9 t9 O7 J

Variable = system.sysUpTime.0 * x0 o G: H5 l/ F. q: H! r7 I$ G, JValue = TimeTicks 24725698

+ w U/ V4 G3 n

Variable = system.sysContact.0" y7 l! w$ C/ z Value = String

4 B% C7 o9 j9 B2 S4 u

Variable = system.sysName.0. \; {6 @; S! ?% L Value = String XIAOTOU

' l7 w, @9 K* N" d0 R$ q" X8 d

Variable = system.sysLocation.0 5 y! H# ^! H1 ]" b4 i) y* EValue = String

; r* R( S# P% G% K& ~% ]

Variable = system.sysServices.0* m W& P, @( O* m Value = Integer32 76

( D8 {( D, J% h% v

End of MIB subtree. - d$ J' o2 k& D1 E; v& n------------------------------------------------------------

, o: R o$ L% O9 N7 l! E3 \

------------------------------------------------------------) c" ?/ _" s5 ~$ Z I: m1 L# W 关于snmputil的语法: ) X; g( q2 |2 v+ p) H------------------------------------------------------------$ {) v2 @ C' h% {8 ?8 G7 T5 r get,就理解成获取一个信息。

. F. G) j2 G0 i

getnext,就理解成获取下一个信息。

- D, {7 P( K+ L! J# B4 n9 k

walk,就理解成获取一堆信息(嗯,应该说所有数据库子树/子目录的信息)

$ o6 q; d7 t; p u

agent,具体某台机器拉。

7 ^# t$ N7 e8 W5 _( Y2 P

community,嗯就是那个“community strings”“查询密码”拉。

& v4 b' }! E5 \2 n5 | K

oid,这个要多说一下,这个呢,就是物件识别代码(Object Identifier)。 z/ X* I; h1 P3 ~+ A( |" L* ]0 S............................................................

9 y- m# }8 I1 g/ |# I+ A$ B

例: & Q+ B9 E( k8 e+ c( Msnmputil.exe walk 对方IP public .1.3.6.1.2.1.25.4.2.1.2 //**进程列表$ Z$ ^* p* V, [) Z4 v snmputil.exe walk 对方IP public .1.3.6.1.4.77.1.2.25.1.1 //**用户列表 , N4 I0 W. k! A% |; r+ Asnmputil.exe get 对方IP public .1.3.6.1.4.77.1.4.1.0 //**域名 0 G, o5 H" i- ~snmputil.exe walk 对方IP public .1.3.6.1.2.1.25.6.3.1.2 //**安装的软件 5 S3 f8 P9 l% @' b ]snmputil.exe walk 对方IP public .1.3.6.1.2.1.1 //**系统信息






欢迎光临 数学建模社区-数学中国 (http://www.madio.net/) Powered by Discuz! X2.5