Your SlideShare is downloading. ×
Hachetetepé dos puntos SLAAC SLAAC
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Hachetetepé dos puntos SLAAC SLAAC

13,170
views

Published on

Diapositivas utilizadas durante la última RootedCON 2012 para presentar ataques SLAAC en esquemas de man in the middle

Diapositivas utilizadas durante la última RootedCON 2012 para presentar ataques SLAAC en esquemas de man in the middle


0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
13,170
On Slideshare
0
From Embeds
0
Number of Embeds
11
Actions
Shares
0
Downloads
58
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Hachetetepé dos puntos SLAAC SLACC Chema Alonso chema@informatica64.com
  • 2. IPv6 Basics & Attacks• Watch NCN’12 video – http://www.elladodelmal.com/2012/11/fc 001-algunos-ataques-en-ipv6.html
  • 3. IPv6 is on your box!
  • 4. And it works!: ipconfig
  • 5. And it works!: route print
  • 6. And it works!: ping
  • 7. And it works!: ping
  • 8. LLMNR
  • 9. And it works!: Neightbors
  • 10. ICMPv6• No ARP – No ARP Spoofing – Tools anti-ARP Spoofing are useless• Neighbor Discover uses ICPMv6 – NS: Neighbor Solicitation – NA: Neighbor Advertisement
  • 11. NS/NA
  • 12. NA Spoofing
  • 13. NA Spoofing
  • 14. Demo 1: Mitm using NA Spoofing
  • 15. ICMPv6: SLAAC• Stateless Address Auto Configuration• Devices ask for routers• Routers public their IPv6 Address• Devices auto-configure IPv6 and Gateway – RS: Router Solicitation – RA: Router Advertisement
  • 16. DNS Autodiscovery
  • 17. And it works!: Web Browser
  • 18. Windows Behavior• IPv4 & IPv6 – DNSv4 queries A & AAAA• IPv6 Only – DNSv6 queries A• IPv6 & IPv4 Local Link – DNSv6 queries AAAA
  • 19. DNS64 & NAT64
  • 20. HTTP-s Connections• SSL Strip – Remove “S” from HTTP-s links• SSL Sniff – Use a Fake CA to create dynamicly Fake CA• Evil FOCA does SSL Strip (so far)
  • 21. Demo 2: hachetetepé dos puntos SLAAC SLAAC
  • 22. SLAAC D.O.S.
  • 23. Conclusions• IPv6 is on your box – Configure it or kill it (if possible)• IPv6 is on your network – IPv4 security controls are not enough – Topera
  • 24. ConclusionsFEAR (the EVIL) FOCA!
  • 25. Thanks to• THC (The Hacking Choice) – Included in Back Track – Parasite6 – Redir6 – Flood_router6 – …..• Scappy
  • 26. …and some last words