I am trying to debug what a certain piece of software is doing to a
piece of hardware via SNMP packets. I got the packet capture and
tried to modify the SNMP users table using the auth and priv passwords
I set, however I get inconsistent results. At no point did anything
work. Wireshark always tells me the auth failed and the encryptedPDU
always complains about not being in increments of 8. However
sometimes when I change values in the users table Wireshark will
segfault. I have not gotten it to correctly show me the insides of an
SNMP packet once.
I thought it might be my fault, so I tried the sample provided on the
Wiki, http://wiki.wireshark.org/SampleCaptures#SNMP. I get the exact
same results. It never works and sometimes segfaults. The Wireshark
documentation is also lacking as it assumes you know everything about
how Wireshark works.
Has anyone successfully decrypted SNMP packets in Wireshark that could
give me some instructions on how to do it?
Thanks for your time,
Kevin