loading
loading
Network
A fast SNMP scanner that tries community strings against many hosts.
overview
onesixtyone scans for SNMP services by sending requests to many IP addresses with different community strings and waiting for replies. SNMP runs over UDP and is stateless, and servers stay silent on an invalid community string, so the scanner sprays candidate strings across a host list and records every host that answers.
Built for speed, it reads targets and community strings from files and paces sending with a configurable wait between packets, which keeps a wide UDP sweep from outrunning the network. A host that replies exposes readable SNMP, often a quick path to device details and interface data.
On Trickest, onesixtyone takes a file of hosts and a file of community names and writes a file and a folder of results. Use it after host discovery to flag devices with weak or default SNMP strings before deeper enumeration.
use cases
Spray a list of community strings across a host file to flag every device that answers, exposing SNMP that is open to read.
Test common strings such as public and private to surface devices left on defaults across a network range.
Set the inter-packet wait so a large scan stays within the limits of a UDP path that drops packets under pressure.
Run onesixtyone after host discovery to map which devices in an estate expose SNMP before any deeper polling.
reference
| Name | Type | Flag | Description |
|---|---|---|---|
| hosts | FILE | -i | File with target hosts to scan. |
| community-names | FILE | -c | File with community names to try. |
| port | STRING | -p | Alternate destination SNMP port. |
| wait-miliseconds | STRING | -w | Wait N milliseconds between sending packets (default 10). |
| quiet-mode | BOOLEAN | -q | Quiet mode, do not print log to stdout. |
| debug | BOOLEAN | -d | Enable debug mode. |
Showing key inputs. onesixtyone exposes 6 inputs in total.
example
# try common communities against a host list, paced for UDPonesixtyone -c communities.txt -i hosts.txt -w 20 -p 161Scanning 12 hosts, 6 communities198.51.100.10 [public] Cisco IOS Software, C2960 Software198.51.100.14 [private] Linux net-snmp 5.7.3203.0.113.22 [public] HP JetDirect203.0.113.40 [public] APC Web/SNMP Management Card198.51.100.55 [private] VMware ESXidone: 5 hosts answeredguidance
Reach for onesixtyone when you need to find SNMP services across many hosts fast. It detects readable SNMP and weak community strings, but it does not poll the data; follow it with an SNMP enumeration tool. For broader service discovery, use a port scanner first.
Has SNMP NSE scripts plus full port scanning. onesixtyone is the focused, fast community-string sprayer.
Finds open UDP and TCP ports. Run it first, then onesixtyone against hosts with SNMP open.
Multi-protocol enumeration including SNMP. onesixtyone is lighter and built only for the community-string sweep.
faq
related
Quickly map an organization's network ranges using ASN information.
Maximize your resolver count by combining the target's DNS servers with public resolvers.
Expand CIDR ranges into a list of IP addresses easily.
Expand CIDR ranges into a list of IP addresses easily, from a file.
Maintain a list of IPv4 DNS servers verified against baseline servers for accurate responses.
Patched dnsvalidator that keeps only IPv4 resolvers verified against baseline servers.
A host file and a community-string list feed onesixtyone, which sprays SNMP requests and writes the hosts that answered as a queryable output.
Facts on this page come from the live Trickest tool library.