Giter Club home page Giter Club logo

sylkie's Introduction

sylkie

Travis Build Status

A command line tool and library for testing networks for common address spoofing security vulnerabilities in IPv6 networks using the Neighbor Discovery Protocol.

Getting Started

Note: This project is still in the early phases of development. If you run into any problems, please consider submitting an issue. It currently only runs on Linux.

Dependencies

  • libseccomp (Optional, but highly recommended)
  • json-c (Optional, but recommended)

See The Wiki for more details.

Build

Get the code and compile it!

# Get the code
git clone https://github.com/dlrobertson/sylkie
cd ./sylkie

# Compile the code
mkdir -p ./build
cd ./build
cmake -DCMAKE_BUILD_TYPE=Release ..
make
make install

Basic usage

The following describes the basic usage of sylkie. Run sylkie -h or sylkie <subcommand> -h for more details or check out Advanced Usage for more examples.

Note: sylkie uses raw sockets to send the forged advertisements. As a result, the executable must either have the setuid bit set, or it must be run as root.

DoS (Router Advert)

The basic usage of the router-advert command is listed below. This command will send a Router Advertisement message to the given ip or the all nodes multicast addres causing the targeted nodes to remove <router-ip>/<prefix> from their list of default routes.

sylkie ra -i <interface> \
    --target-mac <mac of router> \
    --router-ip <ip of router> \
    --prefix <router prefix> \
    --timeout <time between adverts> \
    --repeat <number of times to send the request>

Router Advert Examples

A basic example.

sylkie ra -i ens3 \
    --target-mac 52:54:00:e3:f4:06 \
    --router-ip fe80::b95b:ee1:cafe:9720 \
    --prefix 64 \
    --repeat -1 \
    --timeout 10

This would send a "forged" Router Advertisement to the link local scope all-nodes address ff02::1 causing all of the nodes to remove fe80::b95b:ee1:cafe:9720/64 (link-layer address 52:54:00:e3:f4:06) from their list of default routes.

Address spoofing (Neighbor Advert)

The basic usage of the sylkie neighbor advert command is listed below. This command will send a forged Neighbor Advertisement message to the given ip.

sylkie na -i <interface> \
    --dst-mac <dest hw addr> \
    --src-ip <source ip> \
    --dst-ip <dest ip address> \
    --target-ip <target ip address> \
    --target-mac <target mac address> \
    --timeout <time betweeen adverts> \
    --repeat <number of times to send the request>

Neighbor Advert examples

A basic example

sylkie na -i ens3 \
    --dst-mac 52:54:00:e3:f4:06 \
    --src-ip fe80::61ad:fda3:3032:f6f4 \
    --dst-ip fe80::b95b:ee1:cafe:9720 \
    --target-ip fe80::61ad:fda3:3032:f6f4 \
    --target-mac 52:54:00:c2:a7:7c \
    --repeat -1 \
    --timeout 3

This would send a "forged" Neighbor Advertisement message to dst-ip (fe80::b95b:ee1:cafe:9720), causing the hardware address in the neighbor cache for the target-ip (fe80::61ad:fda3:3032:f6f4) to be updated to the target-mac (52:54:00:c2:a7:7c).

Saving your work

The commands above require quite a bit of info. To make life easier sylkie also accepts json and plaintext files containing the necessary info to start sending the forged advertisments.

JSON

The subcommand (router-advert, neighbor-advert) is a key whos value is an array of objects with the keys and values being the corresponding option and value. To run the command, pass the path to the json file as the argument to the -j option.

Example

To run the router-advert example provided above from json, first create a file with the following.

{
    "router-advert": [
        {
            "interface": "ens3",
            "target-mac": "52:54:00:e3:f4:06",
            "router-ip": "fe80::b95b:ee1:cafe:9720",
            "prefix": 64,
            "repeat": -1,
            "timeout": 10
        }
    ]
}

After creating the file, start sending adverts with the following.

sylkie -j /path/to/json

Plaintext

Each line of the file must be exactly what you would provide via the command line minus the sylkie command.

Example

To run the neighbor-advert example provided above from json, first create a file with the following.

na -i ens3 --dst-mac 52:54:00:e3:f4:06 --src-ip fe80::61ad:fda3:3032:f6f4 --dst-ip fe80::b95b:ee1:cafe:9720 --target-ip fe80::61ad:fda3:3032:f6f4 --target-mac 52:54:00:c2:a7:7c --repeat -1 --timeout 3

After creating the file, start sending the adverts with

sylkie -x /path/to/file

sylkie's People

Contributors

dlrobertson avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.