Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5a52cc5c-31b1-4de3-9b50-57fba78f55e9@gmail.com>
Date: Tue, 3 Jun 2025 11:54:18 +0200
From: Albert Veli <albert.veli@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: SNMPv3 format

I asked ChatGPT-4o to write a script for this, and after a few 
iterations and modifications, it's working. The script is attached and 
successfully handles the pcap files I posted earlier. It works for the 
authentication password (but not the encryption password).

It could be improved further to handle encryption keys as well and 
potentially integrated into pcap2john.py.|
|

What do you think?

//Albert


On 2025-06-03 10:53, Albert Veli wrote:
> I'll add two pcap-files for clarity.
>
> On 2025-06-03 10:02, Albert Veli wrote:
>>
>> There is a format for SNMPv3 in the john source here:
>> https://github.com/openwall/john/blob/bleeding-jumbo/src/snmp_fmt_plug.c
>>
> snmpv3_unencrypted_user_albert_auth_md5.pcap was created with the 
> command:
>
> snmpwalk -v3 -l authNoPriv -u albert -a MD5 -A iloveyou 198.18.1.1 
> 1.3.6.1.2.1.1.1.0
>
> Only authentication, no privacy protocol (encryption).
>
> snmpv3_user_albert_auth_md5_aes128.pcap was created with:
>
> snmpwalk -v3 -l authPriv -u albert -a MD5 -A iloveyou -x AES-128 -X 
> princess 198.18.1.1 1.3.6.1.2.1.1.1.0
>
> Here I turned on encryption on the device with a second passphrase 
> (princess).
>
Content of type "text/html" skipped

View attachment "snmpv3tojohn.py" of type "text/x-python" (2653 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.