Sunday, February 12, 2012

IPv6 pentesting 5. - fake_router6

The fake_router6 tool sends RA (router advertisement) packets to the network with highest priority, thus claiming itself a router. It can achieve two things this way:
1. Set the machine as the default gateway, potentially allowing us to be MitM
2. If we give a non-existent link-local address, then it will be a DoS attack, as hosts will send the packets to a black hole
3. If we don't forward anything, only receive the packets as a DG, that is also a DoS

Simple usage:

fake_router6 interface address-prefix/prefix-length

eg.:

fake_router6 eth0 3003::1/64


After we start to advertise ourselves, the host receive it, and generates an address for itself:

No comments: