IPv6

Attacking IPv6

While a majority of companies do not utilize IPv6, little know that it is actually enabled by default. By using a tool such as mitm6, we can act as a malicious DNS server and redirect traffic to our attack host. This attack can be performed by using the tool mitm6.

The following command demonstrates basic usage of IPv6:

sudo mitm6 -d $domain

Additionally, the following command demonstrates running mitm6 with the --ignore-nofqnd flag which will ignore DHCPv6 queries that do not contain the Fully Qualfiied Domain Name:

sudo mitm6 -d $domain --ignore-nofqnd

If the testing machine was provisioned in ESXi, the following setting needs to be modified via the web console: Networking -> VM Network -> Edit Settings -> Promiscuous Mode: Accept MITM6 can then be run from the attack machine with the --no-ra flag.

References

Taking Over IPv6 NetworksVonahi Security's Blog

How to Pwn things over IPv6ZeroSec - Adventures In Information Security

PreviousNetworks NextLLMNR/NBT-NS Poisoning

Last updated 1 year ago