Defcon 10 Presentation: README
f40973bfafeaf5074a35177435f5d7f4727ba8ad0d5b8e747a089cea016d666a
DefConX - SNMPv3 Talk by Matthew G. Marsh
In this file list is everything you need to get the example
source code running on a 'nix (preferably Linux) system.
The Net-SNMP v 5.0.2.pre1 source is latest as of 7/8/02.
The mhash library is the version used in developing.
The patch contains all else.
Quick Use:
1. Unpack, configure, install the mhash library.
2. Unpack the net-snmp
3. Patch net-snmp
cd net-snmp-5.0.2.pre1
patch -p1 < ../PakSnmp.DefConX.patch
4. Run PakConfigure - bash PakConfigure
5. make
6. make install
Now configure the software for testing
assuming you did not edit PakConfigure:
cat > /usr/local/share/snmp/snmp.conf
mibs ALL
^D
cat > /usr/local/share/snmp/snmpd.conf
rwuser defconx
^D
mkdir /var/net-snmp
cat > /var/net-snmp/snmpd.conf
createUser defconx MD5 defconxv3 DES defconxencrypt
^D
Now you are ready to fire it up and play.
/usr/local/sbin/snmpd
/usr/local/bin/snmpwalk -v 3 -u defconx -l authPriv \
-a MD5 -A defconxv3 \
-x DES -X defconxencrypt \
localhost .1.3.6.1.4.1.9248
and you should get:
PAKDEFCONX-MIB::PakTestFileString.0 = STRING: "/etc/hosts"
PAKDEFCONX-MIB::PakTestFileHash.0 = STRING: "5b41d38e2a46d028902e3cecf808c582"
Now try to set the string:
/usr/local/bin/snmpget -v 3 -u defconx -l authPriv \
-a MD5 -A defconxv3 \
-x DES -X defconxencrypt \
localhost .1.3.6.1.4.1.9248.1.1.1.0 s "/etc/services"
PAKDEFCONX-MIB::PakTestFileString.0 = STRING: "/etc/services"
Now check that you get the new hash:
/usr/local/bin/snmpwalk -v 3 -u defconx -l authPriv \
-a MD5 -A defconxv3 \
-x DES -X defconxencrypt \
localhost .1.3.6.1.4.1.9248
PAKDEFCONX-MIB::PakTestFileString.0 = STRING: "/etc/services"
PAKDEFCONX-MIB::PakTestFileHash.0 = STRING: "49b9ab95c2a4e5bdd3b2e1778cc34eb6"
FV Oiler.
mgm
7/9/02