Documentation forSolarWinds

SNMP Dictionary Attack tool

The SNMP Dictionary Attack tool in ETS for the Desktop attacks a set of IP addresses with SNMP queries to attempt to determine the SNMP community strings using a dictionary of community strings. You can use one of the dictionaries provided by SolarWinds, or import your own. You can also mutate a dictionary. For more information, see the Edit Dictionaries tool.

Open the SNMP Dictionary Attack tool

  • To launch the tool from the Toolset Launch Pad, locate the SNMP Dictionary Attack tool and click Launch.

  • You can add the tool to a tab in the Workspace Studio, and access it from there.

  • To launch the tool from the Windows Start menu:

    1. Click Start > All > SolarWinds Engineer's Toolset.

    2. Right-click SNMP Dictionary Attack, click More, and click Run as administrator.

Launch an attack

  1. Click File > New Database.

  2. Select a path and enter a name for your new database, and then click Save.

  3. To add IP addresses manually, complete the following task.

    1. Click Edit > Add IP Addresses.

    2. Enter the IP address and click Add for each device you want to add.

    3. Click OK.

  4. To import a list of IP addresses, complete the following procedure.

    1. Click File > Import IP Addresses, and then select the file enter you want to import.

      You can use SolarWinds Ping Sweep or SolarWinds Network Sonar to generate a list of IP addresses. See Discover all of the devices on a network.

    2. Browse to the file you want to import, and then click Open.

    3. Follow the onscreen instructions to complete the import process.

  5. Click Edit > Dictionary.

  6. Select the dictionary to use during the attack, and then click OK.

    You can also edit, mutate, or create new dictionaries using the Edit Dictionaries tool.

  7. Click Run > Start SNMP Attack.

SNMP Dictionary Attack settings

A number of settings can be adjusted to ensure SNMP Dictionary Attack operates properly on your network.

  1. Click File > Settings.

  2. Adjust the Scanner Performance slider to adjust the speed of the attack.

  3. Click the SNMP tab.

  4. Adjust the Packet Timeout slider to set the number of milliseconds the attack engine should wait for an SNMP reply before assuming the packet was lost and trying again.

  5. Adjust the Query Attempts to set the number of times the attack engine retries an SNMP query before stopping.

  6. Click OK.

Export from an SNMP Dictionary Attack

SNMP Dictionary Attack can export the list of IP addresses into a variety of file formats. When you export from SNMP Dictionary Attack, you can select the information to include in the exported file.

Click File > Export, and then select the format:

Comma Delimited File This format is suitable for importing into other programs, spreadsheets, or databases. Each field is separated by a comma. Comment lines begin with a pound (#) character. Fields with spaces or special characters are enclosed in quotation marks.
Text File When you export to a Plain Text File, SNMP Dictionary Attack simply writes the output to a text file without any special formatting. Each field is separated by a tab.
HTML File The HTML export method creates an HTML file in the same format as the SNMP Dictionary Attack table.
MHTML File The MHTML export method creates an MHTML file in the same format as the SNMP Dictionary Attack table.
Excel Spreadsheet This export method creates a Microsoft Excel spreadsheet and exports the results to it. Microsoft Excel must be installed on your machine in order for this export method to work.
Direct to Microsoft Excel This export method creates a Microsoft Excel spreadsheet, exports the results to it, and then opens the spreadsheet within Excel. Microsoft Excel must be installed on your machine in order for this export method to work.
Adobe PDF File This export method creates an Adobe PDF file containing the results.
Image file This export method creates an image file of the results in the format of your choice.

Publish the results to the web

Choose File > Publish to Web to publish a static HTML page of all DNS Audit results.

Discover all of the devices on a network

The Network Sonar tool builds a database of all devices on a network. You can import the list of IP addresses into SNMP Dictionary Force Attack directly from the Sonar database.

You can also use the Ping Sweep tool to build a list of IP addresses. After scanning an IP address range with Ping Sweep, export the IP addresses to a comma-delimited file. You can then import the file into SNMP Dictionary Attack.