Thursday, October 3, 2013

IPv6 - Security Assessment Tool

THC-IPv6: 

               complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an easy to use packet factory library.

 

 

THC_IPV6 ATTACK TOOLKIT comes already with lots of effective attacking tools

 - parasite6: icmp neighbor solitication/advertisement spoofer, puts you
   as man-in-the-middle, same as ARP mitm (and parasite)
 - alive6: an effective alive scanng, which will detect all systems
   listening to this address
 - dnsdict6: parallized dns ipv6 dictionary bruteforcer
 - fake_router6: announce yourself as a router on the network, with the
   highest priority
 - redir6: redirect traffic to you intelligently (man-in-the-middle) with
   a clever icmp6 redirect spoofer
 - toobig6: mtu decreaser with the same intelligence as redir6
 - detect-new-ip6: detect new ip6 devices which join the network, you can
   run a script to automatically scan these systems etc.
 - dos-new-ip6: detect new ip6 devices and tell them that their chosen IP
   collides on the network (DOS).
 - trace6: very fast traceroute6 with supports ICMP6 echo request and TCP-SYN
 - flood_router6: flood a target with random router advertisements
 - flood_advertise6: flood a target with random neighbor advertisements
 - fuzz_ip6: fuzzer for ipv6
 - implementation6: performs various implementation checks on ipv6
 - implementation6d: listen daemon for implementation6 to check behind a FW
 - fake_mld6: announce yourself in a multicast group of your choice on the net
 - fake_mld26: same but for MLDv2
 - fake_mldrouter6: fake MLD router messages
 - fake_mipv6: steal a mobile IP to yours if IPSEC is not needed for authentication
 - fake_advertiser6: announce yourself on the network
 - smurf6: local smurfer
 - rsmurf6: remote smurfer, known to work only against linux at the moment
 - exploit6: known ipv6 vulnerabilities to test against a target
 - denial6: a collection of denial-of-service tests againsts a target
 - thcping6: sends a hand crafted ping6 packet

Download Link : http://www.thc.org/releases/thc-ipv6-2.3.tar.gz

Or                        
https://github.com/gebi/thc-ipv6

Topera: invisible IPv6 scanner 

                     is that it is capable to do IPv6 scanning that are not detected by Snort, or systems based on their IDS engine (Checkpoint or Juniper, for example).

 

 Video :

Download Link : http://code.google.com/p/topera/downloads/list

Nmap 6 ( Network Mapper )

         Nmap has a similar but separate OS detection engine specialized for IPv6. At a high level, the technique is the same: send probes, collect responses, and match the set of responses against a database. The differences are in the specific probes used, and in the way they are matched.

IPv6 OS detection is used just like IPv4. Just use the -6 and -O options together. For example, nmap -6 -O <target>.

 

./nmap -6 -sF -f -P0 ::1
Available scans:
-sT : tcp connect scan
-sS : SYN scan
-sA : ACK scan (needs more testing)
-sW : Window scan (needs more testing)
-sF : FIN scan
-sX : Xmas tree scan
-sN : Null scan
-sU : UDP scan

Document Link : http://nmap6.sourceforge.net/files/tfe_nmap_ipv6.pdf

Download Link : http://nmap.org/download.html

IPv6 Toolkit v1.5 :

                       SI6 Networks' IPv6 toolkit is a set of IPv6 security/trouble-shooting tools, that can send arbitrary IPv6-based packets.

 

List of Tools

  • addr6: An IPv6 address analysis and manipulation tool.
  • flow6: A tool to perform a security asseessment of the IPv6 Flow Label.
  • frag6: A tool to perform IPv6 fragmentation-based attacks and to perform a security assessment of a number of fragmentation-related aspects.
  • icmp6: A tool to perform attacks based on ICMPv6 error messages.
  • jumbo6: A tool to assess potential flaws in the handling of IPv6 Jumbograms.
  • na6: A tool to send arbitrary Neighbor Advertisement messages.
  • ni6: A tool to send arbitrary ICMPv6 Node Information messages, and assess possible flaws in the processing of such packets.
  • ns6: A tool to send arbitrary Neighbor Solicitation messages.
  • ra6: A tool to send arbitrary Router Advertisement messages.
  • rd6: A tool to send arbitrary ICMPv6 Redirect messages.
  • rs6: A tool to send arbitrary Router Solicitation messages.
  • scan6: An IPv6 address scanning tool.
  • tcp6: A tool to send arbitrary TCP segments and perform a variety of TCP-based attacks.

  Download Link : https://github.com/fgont/ipv6toolkit

Or http://www.si6networks.com/tools/ipv6toolkit/ipv6toolkit-v1.4.1.tar.gz

Halfscan6 :

               An IPv6 tcp port scanner 

Download Link : http://www.habets.pp.se/synscan/files/halfscan6-0.2.tar.gz

NGrep (Network Grep)  :

                            is a network packet analyzer. It runs under the command line, and relies upon the pcap library and the GNU regex library.

                            NGrep is an open source application, and the source code is available to download from the ngrep site at SourceForge. It can be compiled and ported to multiple platforms, it works in many UNIX-like operating systems: Linux, Solaris, BSD, AIX, and also works on Microsoft Windows.

 

 Download Link : http://ngrep.sourceforge.net/download.html

IP6sic - IPv6 Stack Integrity Checker

                       ip6sic is a tool for stress testing an IPv6 stack implementation. It works in a way much similar to isic which lives over here. It was developed mainly on FreeBSD and is known to work on OpenBSD and Linux. Theoretically, it should work wherever libdnet works.

Download Link : http://prdownloads.sourceforge.net/ip6sic/ip6sic-0.1.tar.gz?download



    



1 comment: