Neworld Posted October 6, 2012 Share Posted October 6, 2012 Has anyone looked into RA packet flooding and maybe an implementation with the pineapple?? If you don't know what an RA flood is... It pretty much makes any client connected to the network have their computer completely lag out. (from what I believe) Any thoughts on the matter? Demonstration: and at Defcon (skip to 21:30) Quote Link to comment Share on other sites More sharing options...
Neworld Posted October 6, 2012 Author Share Posted October 6, 2012 Anyone have any experience with this?... I would like to replicate it somehow. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted October 6, 2012 Share Posted October 6, 2012 Read references from the Defcon talk. http://samsclass.inf...RA-evasion.html It kind of defeats the purpose of the pineapple to MITM if you just DoS or freeze the clients. Quote Link to comment Share on other sites More sharing options...
Neworld Posted October 6, 2012 Author Share Posted October 6, 2012 (edited) I was hoping you could do it to specific clients on your network... I think it would be a interesting feature don't you think?? Any tutorials anywhere?? Windows still hasn't fixed it... even with windows 7 and windows 8. (along with other os machines of course). Edited October 7, 2012 by Neworld Quote Link to comment Share on other sites More sharing options...
Neworld Posted October 9, 2012 Author Share Posted October 9, 2012 Does anyone have experience with this?? Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted October 9, 2012 Share Posted October 9, 2012 <spoon> http://www.securityfocus.com/bid/45760/info http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4669 http://seclists.org/nmap-dev/2012/q3/900 https://bitbucket.org/xenol/nse-scripts/raw/4fc0e15e8013/ipv6-ra-flood.nse http://www.thc.org/thc-ipv6/ </spoon> Google man. Took me 5 minutes. Quote Link to comment Share on other sites More sharing options...
Neworld Posted October 9, 2012 Author Share Posted October 9, 2012 <spoon> http://www.securityf.../bid/45760/info http://web.nvd.nist....d=CVE-2010-4669 http://seclists.org/...dev/2012/q3/900 https://bitbucket.or...v6-ra-flood.nse http://www.thc.org/thc-ipv6/ </spoon> Google man. Took me 5 minutes. I'd rather nag for several days than take the 5 minutes.... It's only logical. XD Thanks though. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted October 9, 2012 Share Posted October 9, 2012 I won't put up with nagging from users who could easily Google for the answer. Quote Link to comment Share on other sites More sharing options...
Neworld Posted October 9, 2012 Author Share Posted October 9, 2012 I won't put up with nagging from users who could easily Google for the answer. My intentions were to find someone who had experience in doing this before... I didn't know if this was something worth pursuing or not. I'm under the impression that this will freeze up anyone's computer connected to your network by assigning hundreds of IP addresses to someone to connect through. (am I correct?) This could be something worth pursuing for the Pineapple. Any thoughts? Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted October 9, 2012 Share Posted October 9, 2012 Read the security notices. It has to do with router broadcast on ipv6. Quote Link to comment Share on other sites More sharing options...
Neworld Posted October 9, 2012 Author Share Posted October 9, 2012 Hmmm.... How would I get this on the Pineapple? or will it only work with backtrack? I found the .tar but I'm not sure what to do from here to put it on the Pineapple. http://www.thc.org/download.php?t=r&f=thc-ipv6-1.9.tar.gz Will there be compatibility issues? Quote Link to comment Share on other sites More sharing options...
telot Posted October 9, 2012 Share Posted October 9, 2012 (edited) Hey Neworld - thank you for the DC19 link, I hadn't seen this (FREAKIN AMAZING) trick before. It seems theres some dependencies, aside from gcc...I found these on samsclass.info (which has great tuts on thc RA attacks): libnet-pcap-perl libpcap0.8-dev libssl-dev Edited October 9, 2012 by telot Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted October 9, 2012 Share Posted October 9, 2012 Keep in mind, there is also an nmap script per the links I posted earlier. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.