nstarke · April 16, 2018 22:05
diff --git a/snmp-fuzzer.js b/snmp-fuzzer.js
 // Simple SNMP Fuzzer
 // Date: April 16, 2018
 // Author: Nicholas Starke

 // Run with: INTERVAL=500 REMOTE_PORT=161 REMOTE_HOST=127.0.0.1 node snmp-fuzzer.js
 // requires bluebird
 // npm install bluebird

 if (!process.env.REMOTE_HOST) {
  console.error('[*] Must set REMOTE_HOST environment variable');
  process.exit(1);
 }

 const dgram = require('dgram');

 const Promise = require('bluebird');

 const payload = Buffer.from([
  0x30, 0x26, 0x02, 0x01,  // snmp preamble
  0x01,  // snmp version
  0x04, 0x06, // community header
  0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, // community string
  0xa1, 0x19, 0x02, 0x04, 0x46, 0x87, 0xd0, 0xc4, 0x02,
  0x01, 0x00, 0x02, 0x01, 0x00, 0x30, 0x0b, 0x30, 
  0x09, 0x06, 0x05, 0x2b, 0x06, 0x01, 0x02, 0x01, 0x05, 0x00
 ]);

 const client = dgram.createSocket('udp4');

 console.log('[*] PAYLOAD LENGTH: ' + payload.length + ' | ' + (new Date).toString());

 client.on('message', function(data){
  console.log('[+] DATA RECEIVED: ' + data.length + ' | ' + (new Date).toString());
 });

 var promises = [];
 var offset = 4; //preamble length

 for (var i = offset; i < payload.length - offset; i++){
 for (var j = 0; j < 0xff; j++){
   var data = Buffer.alloc(payload.length);
   payload.copy(data);
   data[i] = j;
   promises.push(data);
 }
 }

 console.log('[*] Making ' + promises.length + ' requests now | ' + (new Date).toString());

 Promise.each(promises, function(buf) {
  return Promise.delay(process.env.INTERVAL || 500).then(function(){
    client.send(buf, process.env.REMOTE_PORT || 161, process.env.REMOTE_HOST, (err) => {
      if (err) console.log('[*] ERROR RECEIVED:', err);
      Promise.resolve();
    });   
  });
 }).then(function(){ 
  console.log('[*] done making requests | ' + (new Date).toString());
 });
	// Simple SNMP Fuzzer
	// Date: April 16, 2018
	// Author: Nicholas Starke

	// Run with: INTERVAL=500 REMOTE_PORT=161 REMOTE_HOST=127.0.0.1 node snmp-fuzzer.js
	// requires bluebird
	// npm install bluebird

	if (!process.env.REMOTE_HOST) {
	console.error('[*] Must set REMOTE_HOST environment variable');
	process.exit(1);
	}

	const dgram = require('dgram');

	const Promise = require('bluebird');

	const payload = Buffer.from([
	0x30, 0x26, 0x02, 0x01, // snmp preamble
	0x01, // snmp version
	0x04, 0x06, // community header
	0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, // community string
	0xa1, 0x19, 0x02, 0x04, 0x46, 0x87, 0xd0, 0xc4, 0x02,
	0x01, 0x00, 0x02, 0x01, 0x00, 0x30, 0x0b, 0x30,
	0x09, 0x06, 0x05, 0x2b, 0x06, 0x01, 0x02, 0x01, 0x05, 0x00
	]);

	const client = dgram.createSocket('udp4');

	console.log('[*] PAYLOAD LENGTH: ' + payload.length + ' \| ' + (new Date).toString());

	client.on('message', function(data){
	console.log('[+] DATA RECEIVED: ' + data.length + ' \| ' + (new Date).toString());
	});

	var promises = [];
	var offset = 4; //preamble length

	for (var i = offset; i < payload.length - offset; i++){
	for (var j = 0; j < 0xff; j++){
	var data = Buffer.alloc(payload.length);
	payload.copy(data);
	data[i] = j;
	promises.push(data);
	}
	}

	console.log('[*] Making ' + promises.length + ' requests now \| ' + (new Date).toString());

	Promise.each(promises, function(buf) {
	return Promise.delay(process.env.INTERVAL \|\| 500).then(function(){
	client.send(buf, process.env.REMOTE_PORT \|\| 161, process.env.REMOTE_HOST, (err) => {
	if (err) console.log('[*] ERROR RECEIVED:', err);
	Promise.resolve();
	});
	});
	}).then(function(){
	console.log('[*] done making requests \| ' + (new Date).toString());
	});