Blog is back & Yersinia
Ok, well I have been super lazy about this blog in the last 6 months, and now it is time to get back into it. I'll try to keep the posts shorter, this will allow me to post more often.
One really kick ass program that has been in heavy use by a lot of pen testers out there, but has not really been picked up by general security pros is Yersinia. Yersinia allows you to play with all sorts of layer 2 protocols that you would otherwise have to do with netdude or a heck of a lot of scripting. The most useful attacks in a pen testing situation where network gear is in scope, are for VLAN hacking and VLAN hopping. The other DoS attacks for CDP and STP are useful, but DoSing your local broadcast domain isn't that big of a deal. Check out some network hacking output from Yersinia here.
- Jack
One really kick ass program that has been in heavy use by a lot of pen testers out there, but has not really been picked up by general security pros is Yersinia. Yersinia allows you to play with all sorts of layer 2 protocols that you would otherwise have to do with netdude or a heck of a lot of scripting. The most useful attacks in a pen testing situation where network gear is in scope, are for VLAN hacking and VLAN hopping. The other DoS attacks for CDP and STP are useful, but DoSing your local broadcast domain isn't that big of a deal. Check out some network hacking output from Yersinia here.
- Jack
1 Comments:
At 4:26 AM, Johnny Foo said…
Glad to know that you find Yersinia useful. Of course the best attacks are the VLANS addition/removal if no VTP password is set, and the ARP Spoofing over VLAN hopping (having set up the trunk with DTP before), it is always a succeded pen-test if the customer switches are poorly configured :) Anyway, the DoS attacks can cause an internal network to be chaotic, according to our experience. It is not good if it is your network, but sometimes it is needed when demostrating the risks to a customer (warning him firsr :P)
Post a Comment
<< Home