Add TCP protocol to SNMP login scanner

[shoebpate1]

This aims to add TCP protocol to snmp login scanner as requested in #9649 .
I tried to test the initial code without this changes on host running SNMP over UDP but couldn't get any result. But SNMP is properly configured and can be verified from following snap :

and MSF snmp scanner errors out with

Added the initial code with reference to already existing code for UDP.
will need help in following thing to polish this more :

• Submitting Snmp GETREQUEST over TCP in ruby.
• Checking port type (UDP/TCP )even before firing packets.

May require lot of work to be able to merge. This is my first PR of many to come to this awesome Project 😄

Cheers 🍻

[shoebpate1]

Any guidance @sinn3r @busterb ? 😃

[jmartin-tech]

Jenkins test this please.

[busterb]

Looks reasonable, but there does not seem to be a way to select or disable connecting with both protocols in parallel. Do you think there should be a way to select them?

[busterb]

Answering my own question, I see you have it as a checkbox

Checking port type (UDP/TCP )even before firing packets.

[busterb]

It looks like the bigger issue is all of the UDP packets sent by this scanner appear to have an incorrect checksum, which explains why you originally saw the scanner error out as well.

EDIT - hah, fooled again by Checksum offload, that looks fine.

[shoebpate1]

@busterb can you give a check-off list to make this merge-able ? 😃

[shoebpate1]

Any suggestion ?

[shoebpate1]

Please have a look at this.

[busterb]

• Ideally, this should be a configurable option, not something that is enabled by unconditionally. Make it an enum for 'UDP', 'TCP', 'UDP or TCP'
• If 'UDP or TCP' is enabled, then TCP should only fire if UDP does not receive a reply. There's not much reason to do a TCP connect after a successful UDP connect.

[busterb]

The real issue that also side-tracked me when reviewing this was that this scanner only supports SNMPv2, which is pretty obsolete, even among the already-obsolete gear I tested it against which only supported SNMPv3. It made me question whether a higher-priority fix for this module would be in adding SNMPv3 support rather than TCP support.

Tl;DR - I'd find SMNPv3 support more useful in this module than TCP today. At least it'd be easier to test in real-world scenarios.

[busterb]

I took a good stab at fixing this up this morning, but there are some additional problems I found during testing. Namely, this uses an unconnected tcp socket via sendto, which doesn't appear to send any data, then uses recvfrom with a fixed buffer size, which when you do fix the socket connection problem, causes the whole scanner to hang indefinitely.

I'm going to close this one for now. I think my best overall suggestion is that the scanner code here needs a lot more work than just swapping in the socket type. I might even suggest evaluating existing SNMP implementations for Ruby that actually implement the protocol properly, and changing the login scanner to use one of those instead of the minimal implementation present inside of this login scanner.

https://rubygems.org/search?utf8=%E2%9C%93&query=snmp

Thanks.