Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docs: Add documentation for the SNMP exploiter #3339

Merged
merged 3 commits into from
May 15, 2023
Merged

Docs: Add documentation for the SNMP exploiter #3339

merged 3 commits into from
May 15, 2023

Conversation

cakekoa
Copy link
Contributor

@cakekoa cakekoa commented May 15, 2023

What does this PR do?

Fixes part of #3234.

Add documentation for the SNMP exploiter

PR Checklist

  • Have you added an explanation of what your changes do and why you'd like to include them?
  • Is the TravisCI build passing?
  • Was the CHANGELOG.md updated to reflect the changes?
  • Was the documentation framework updated to reflect the changes?
  • Have you checked that you haven't introduced any duplicate code?

Testing Checklist

  • Added relevant unit tests?
  • Do all unit tests pass?
  • Do all end-to-end tests pass?
  • Any other testing performed?

    Tested by {Running the Monkey locally with relevant config/running Island/...}

  • If applicable, add screenshots or log transcripts of the feature working

mssalvatore
mssalvatore requested changes May 15, 2023
View reviewed changes
docs/content/reference/exploiters/SNMP.md Outdated
Comment on lines 13 to 14
In versions 1 and 2c of the SNMP protocol the only means of authentication is the community string. In these versions of SNMP, community strings are sent as plaintext in all requests. If a community is configured with read-write access, the machine is vulnerable to an attack using NET-SNMP-EXTEND-MIB to run arbitrary commands on the victim.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

v3 is still vulnerable to CVE2020-15862, right? It's just that authenticating is harder. This language makes it seem like v3 is not vulnerable.

After clarifying the above, we may want to add an explicit note regarding which protocol versions we support in this exploiter.

@cakekoa cakekoa force-pushed the 3234-documentation branch from b340eb1 to 7e4e397 Compare May 15, 2023 15:14
@mssalvatore mssalvatore merged commit f2401b6 into develop May 15, 2023
@mssalvatore mssalvatore deleted the 3234-documentation branch May 15, 2023 15:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mssalvatore mssalvatore mssalvatore approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cakekoa @mssalvatore