Nmap snmp-processes NSE Script
This page contains detailed information about how to use the snmp-processes NSE script. For list of all NSE scripts, visit the Nmap NSE Library.
Script Overview
Script source code: https://github.com/nmap/nmap/tree/master/scripts/snmp-processes.nse
Script categories: default, discovery, safe
Target service / protocol: snmp, udp
Target network port(s): 161
List of CVEs: -
Script Description
The snmp-processes.nse script attempts to enumerate running processes through SNMP.
Snmp-processes NSE Script Arguments
This is a full list of arguments supported by the snmp-processes.nse script:
creds.globalCredentials to be returned by Credentials.getCredentials regardless of the service.
creds.[service]Credentials to be returned by Credentials.getCredentials for [service]. E.g. creds.http=admin:password
snmp.version
The SNMP protocol version. Use "v1" or 0 for SNMPv1 (default) and "v2c" or 1 for SNMPv2c.
- - -
To use these script arguments, add them to the Nmap command line using the --script-args arg1=value,[arg2=value,..] syntax. For example:
nmap --script=snmp-processes --script-args creds.global=value,creds.\[service]=value <target>Snmp-processes NSE Script Example Usage
Here's an example of how to use the snmp-processes.nse script:
nmap -sU -p 161 --script=snmp-processes <target>
Snmp-processes NSE Script Example Output
Here's a sample output from the snmp-processes.nse script:
| snmp-processes:
| 1:
| Name: System Idle Process
| 4:
| Name: System
| 256:
| Name: smss.exe
| Path: \SystemRoot\System32\
| 308:
| Name: csrss.exe
| Path: C:\WINDOWS\system32\
| Params: ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserS
| 332:
| Name: winlogon.exe
| 380:
| Name: services.exe
| Path: C:\WINDOWS\system32\
| 392:
| Name: lsass.exe
|_ Path: C:\WINDOWS\system32\
Snmp-processes NSE Script Example XML Output
Here's a sample XML output from the snmp-processes.nse script produced by providing the -oX <file> Nmap option:
<table key="1">
<elem key="Name">System Idle Process</elem>
</table>
<table key="4">
<elem key="Name">System</elem>
</table>
<table key="256">
<elem key="Name">smss.exe</elem>
<elem key="Path">\SystemRoot\System32\</elem>
</table>
<table key="308">
<elem key="Name">csrss.exe</elem>
<elem key="Path">C:\WINDOWS\system32\</elem>
<elem key="Params">ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserS</elem>
</table>
<table key="332">
<elem key="Name">winlogon.exe</elem>
</table>
<table key="380">
<elem key="Name">services.exe</elem>
<elem key="Path">C:\WINDOWS\system32\</elem>
</table>
<table key="392">
<elem key="Name">lsass.exe</elem>
<elem key="Path">C:\WINDOWS\system32\</elem>
</table>
Author
- Patrik Karlsson
References
- https://nmap.org/nsedoc/scripts/snmp-processes.html
- https://github.com/nmap/nmap/tree/master/scripts/snmp-processes.nse
See Also
Related NSE scripts to the snmp-processes.nse script:
- snmp-brute.nse
- snmp-hh3c-logins.nse
- snmp-info.nse
- snmp-interfaces.nse
- snmp-ios-config.nse
- snmp-netstat.nse
- snmp-sysdescr.nse
- snmp-win32-services.nse
- snmp-win32-shares.nse
- snmp-win32-software.nse
- snmp-win32-users.nse
Visit Nmap NSE Library for more scripts.
Version
This page has been created based on Nmap version 7.92.
