Quick SNMP Payload Structure Question

From: Josha Bronson (dmuz@slartibartfast.angrypacket.com)
Date: 02/25/02


Date: Mon, 25 Feb 2002 12:56:28 -0800
From: Josha Bronson <dmuz@slartibartfast.angrypacket.com>
To: vuln-dev@securityfocus.com


Hey folks,

Trying to work on generating arbitrary SNMP request packets, but for the
life of me I can not figure out how the second byte of the payload data
is calculated. I *think* that it is some sort of length signifier... I
think there are also other length based bytes that might need to be
calculated elsewhere in the payload.

What I am trying to do is figure out what bytes need to be modified in a
basic payload structure so that I can drop in different communities,
only altering the bytes necessary.

I've already used ethereal's excellent packet analysis, but it does not
say what the significance is of all the packets, including the second
byte.

Any quick answers or links are greatly appreciated.

-- 
Josha Bronson
dmuz@angrypacket.com
AngryPacket Security



Relevant Pages

  • Re: "shadow" a user?
    ... INIT { ... if ($endian eq '0x78') { ... packets with data. ... -D Print all payload data, ...
    (AIX-L)
  • problem with NdisReturnPackets ( )
    ... If you queue the packets then you must alloc and copy the ... payload in the original packet descriptor. ... >If kernel debugger is available get stack backtrace. ...
    (microsoft.public.development.device.drivers)
  • Re: DMA operation to 64-bits PC platform
    ... On Aug 11, 5:50 pm, Frank van Eijkelenburg ... mistakes of others, here comes the cause of the problem: ... The packets which were transmitted to the pc were too large (more than ... payload size from the device control register in the PCI Express ...
    (comp.arch.fpga)
  • network mystery
    ... strange packets started showing up on my LAN. ... Network Browser (again the payload of the packet ... a malfunctioning file sharing tool (akin to Grokster, ...
    (Incidents)
  • searching for a string in the data contents of a socket buffer
    ... I'm trying to search for character stings in the payload of udp ... packets inside a socket buffer (in the kernel before the socket buffer ... The packets come across the network in big endian byte order. ...
    (comp.os.linux.questions)