Hachetetepé dos puntos SLAAC SLAAC
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Hachetetepé dos puntos SLAAC SLAAC

on

  • 12,650 views

Diapositivas utilizadas durante la última RootedCON 2012 para presentar ataques SLAAC en esquemas de man in the middle

Diapositivas utilizadas durante la última RootedCON 2012 para presentar ataques SLAAC en esquemas de man in the middle

Statistics

Views

Total Views
12,650
Views on SlideShare
1,385
Embed Views
11,265

Actions

Likes
1
Downloads
53
Comments
0

21 Embeds 11,265

http://www.elladodelmal.com 10109
http://buhosec.com 609
http://feeds.feedburner.com 326
https://twitter.com 49
http://leoguillen.com 38
http://21555208_db17a766d9b93fd65a53b0e84de16ae00b1e8c0b.blogspot.com 25
http://127.0.0.1 25
http://www.leoguillen.com 24
http://www.newsblur.com 12
http://translate.googleusercontent.com 10
http://localhost 9
http://dev.newsblur.com 7
http://rssreader.bilbokoak.com 7
http://feedproxy.google.com 4
http://www.printwhatyoulike.com 3
http://webcache.googleusercontent.com 2
http://reader.mjimenez.net 2
http://newsblur.com 1
http://www.mybestcv.co.il 1
http://snapcrackerzteam.ning.com 1
http://pikesville19.rssing.com 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Hachetetepé dos puntos SLAAC SLAAC Presentation Transcript

  • 1. Hachetetepé dos puntos SLAAC SLACC Chema Alonso chema@informatica64.com
  • 2. IPv6 Basics & Attacks• Watch NCN’12 video – http://www.elladodelmal.com/2012/11/fc 001-algunos-ataques-en-ipv6.html
  • 3. IPv6 is on your box!
  • 4. And it works!: ipconfig
  • 5. And it works!: route print
  • 6. And it works!: ping
  • 7. And it works!: ping
  • 8. LLMNR
  • 9. And it works!: Neightbors
  • 10. ICMPv6• No ARP – No ARP Spoofing – Tools anti-ARP Spoofing are useless• Neighbor Discover uses ICPMv6 – NS: Neighbor Solicitation – NA: Neighbor Advertisement
  • 11. NS/NA
  • 12. NA Spoofing
  • 13. NA Spoofing
  • 14. Demo 1: Mitm using NA Spoofing
  • 15. ICMPv6: SLAAC• Stateless Address Auto Configuration• Devices ask for routers• Routers public their IPv6 Address• Devices auto-configure IPv6 and Gateway – RS: Router Solicitation – RA: Router Advertisement
  • 16. DNS Autodiscovery
  • 17. And it works!: Web Browser
  • 18. Windows Behavior• IPv4 & IPv6 – DNSv4 queries A & AAAA• IPv6 Only – DNSv6 queries A• IPv6 & IPv4 Local Link – DNSv6 queries AAAA
  • 19. DNS64 & NAT64
  • 20. HTTP-s Connections• SSL Strip – Remove “S” from HTTP-s links• SSL Sniff – Use a Fake CA to create dynamicly Fake CA• Evil FOCA does SSL Strip (so far)
  • 21. Demo 2: hachetetepé dos puntos SLAAC SLAAC
  • 22. SLAAC D.O.S.
  • 23. Conclusions• IPv6 is on your box – Configure it or kill it (if possible)• IPv6 is on your network – IPv4 security controls are not enough – Topera
  • 24. ConclusionsFEAR (the EVIL) FOCA!
  • 25. Thanks to• THC (The Hacking Choice) – Included in Back Track – Parasite6 – Redir6 – Flood_router6 – …..• Scappy
  • 26. …and some last words