I am working on a python script for IPv6 malicious packet handling. The script requires Scapy which can be downloaded from http://www.secdev.org/projects/scapy/
Be sure you are running at least Scapy (2.2.0-dev) The script was tested on Backtrack 5 R2
Currently the script performs the following tests:
1. Send HbH Header Flood
Test handling of a large number of HbH headers directed at a L3 device. Could DOS a router if there isn't proper policing of packets to the CPU.
2. Send RH0 Packets
Test for the filtering and/or handling of RH0 packets. RH0 packets have been deprecated and shouldn't be accepted.
3. Send Packets with two RH0 Headers
Tests the corner case of two RH0 headers; one after the other.
4. RA deamon killer
Some RA daemons will crash if you send RAs towards them with a spoofed source of themselves with a lifetime of zero
5. RA Flood
Send a flood of RAs with random prefixs. Will DOS Windows and possible other devices.
6. Hide Layer 4 Info for ACL Bypass
Test the handling of ACL and firewall rules with the layer 4 information "hidden" in the second fragment. Some firewalls will pass this since it doesn't find the layer 4 information in the first fragment.
You can download the current version of the script from github: ipv6-test.py
nmap --spoof-mac Apple --traceroute --data-length 9 \
-f -D 192.168.200.200,RND:5,ME -v \
-n -O -sS -sV -oA /home/pentest/192.168.1.1 \
--log-errors -append-output \
-p T:1-1024,1433,2222,2249,7778,8080,9999 \
--randomize-hosts 192.168.1.1 192.168.1.2 <target>
Append random data to sent packets for IDS evasion
fragment packets into 8 byte segments for IDS evasion
Stealth SYN Scan
Decoy IP Address. Uses these addresses to scan the target
Chooses 5 other random ip addresses and also generates scans from these
Place my scan at the 6 position after the 5 random which increases
the probability that I won't be logged
No DNS resolution
Change MAC address for scans
TCP scan only
-p ports :T
randomize the targets if there are more than 1
The above will output 3 files. One of the files will be an XML file.
Copyright © 2015, Keith O'Brien. All rights reserved.