Documentation forSolarWinds

SNMP Brute Force Attack tool

The SNMP Brute Force Attack tool in ETS for the Desktop floods an IP address with SNMP queries to attempt to determine the SNMP read-only and read and write community strings. It does this by trying every possible community string. You can specify the character set to build words and the maximum length of the community strings to try.

Open the SNMP Brute Force Attack tool

  • To launch the tool from the Toolset Launch Pad, locate the SNMP Brute Force Attack tool and click Launch.

  • You can add the tool to a tab in the Workspace Studio, and access it from there.

  • To launch the tool from the Windows Start menu:

    1. Click Start > All > SolarWinds Engineer's Toolset.

    2. Right-click SNMP Brute Force Attack, click More, and click Run as administrator.

Launch an attack

  1. Enter the IP address of the device you want to attack, and then click Attack.

  2. To change the attack speed, adjust the Attach Speed slider.

    If you attack too fast, the network or the target device may begin dropping packets. The Packet Drops line can be a good indicator that packets are being dropped, but the Packet Drop line only increments when SNMP Brute Force Attack knows it is definitely dropping packets. Packets may still be discarded without SNMP Brute Force Attack detecting it.

  3. To pause the attack, click Pause.

    After pausing, clicking Attack resumes where SNMP Brute Force Attack was paused.

SNMP Brute Force Attack settings

A number of settings can be adjusted to ensure SNMP Brute Force Attack operates properly on your network.

  1. Click File > Settings.

  2. To stop the attack when a Read/Only community string is found, select Stop searching after Read/Only string is found.

  3. To change the length of community strings attempted by SNMP Brute Force Attack, adjust the Try community strings up to xx characters long slider.

  4. Click the Character Set tab, and then select the character set you want SNMP Brute Force Attack to use to build the community strings, or enter a custom set of characters.

  5. Click the Community Strings tab.

  6. To use a starting community string, enter the string in the Starting Community String field.

  7. To establish the progression the attack engine builds the community strings, select Rotate from right to left or Rotate from left to right.

  8. Click the SNMP tab.

  9. Adjust the Packet Timeout slider to set the number of milliseconds the attack engine should wait for a SNMP reply before assuming the packet is lost.

  10. Adjust the Query Attempts slider to set the number of times the attack engine retries an SNMP query before giving up.

  11. Click OK.

SNMP Brute Force Attack FAQ

How do I attack a device using a predefined list of community strings?

Use the SNMP Dictionary Attack tool instead.