PDA

View Full Version : yersinia vs. VLANs (VTP): doesn't work?



akibako
05-24-2011, 03:38 PM
I've read one (!) report on the web that yersinia's attacks against VTP, for adding/deleting VLANs does not work. My experiences so far have lead to exactly the same result.

Yersinia can craft the VTP packets with the appropriate info to add/delete, and can send them on the wire, but the only reaction I've been able to get is the following:


Cisco 3550: crashes switch, causes reload/reboot with core dump

Cisco 2950: no effect

Lots of sources blindly say that "yes, yersinia can do such-and-such", but it seems that no one has actually tested it. Can anyone verify that yersinia's VTP attacks do (not) work? Did the attacks used to work against older IOS (gasp! Cat-OS) versions?

I don't know what the hell I was doing wrong before, but I can now verify that (most of) the VTP attacks DO work...at least, against a 2950 switch. Adding a VLAN, deleting a VLAN, and deleting all VLANs are all successful.

The "Catalyst zero day" attack (which I assume is the same as this code (http://packetstormsecurity.org/files/view/54034/s21sec-034-en.txt) that can be found at PacketStorm), however, does not work against the c2950-i6k2l2q4-mz.121-22.EA13.bin IOS image that I'm testing on.