You could try forging a DHCP disconnect packet to the server. Have a look at doing it with scapy. I'd just use MiTM arp to deny that particular host anything useful though, inifinitely easier.
DHCP attack
Hi all, i found a tool im preparing to test for a security paper i'll be writting soon. Its called DHCP attack(hence the topic title) You can find it if you google for "Metasploit DNS and DHCP Exhaustion" because i still cant post url'sHowever the theory is of course to request every single DHCP IP from the server/router. My question is what if there were machine already connected to the network, how would i go about forcing them to try and request an DHCP IP? I've thought of several ways, arp mitm, tcpkill, tcpnice and none of those methods would completely disconnect the client to the point that they would be forced to reconnect. So does anyone have any ideas of how i could go about forcing a LAN machine to disconnect and reconnect? Thanx in advance!
You could try forging a DHCP disconnect packet to the server. Have a look at doing it with scapy. I'd just use MiTM arp to deny that particular host anything useful though, inifinitely easier.
Still not underestimating the power...
There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.
I like Gitsnik's idea of forging a DHCP release packet for the machine you want off the network.
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
Hmmm, i just read up on scapy and installed it. One more question though. Do you think it would be logical to send modified dhcp release packets from the attacking machine to the server posing as the targets hosts?Originally Posted by Gitsnik
Ouch, scapy is installed by default in BT.
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
It is not the easiest way to knock a host off the network, but it might be useful.
Soon as I have a moment I'm booting my BT box and having a crack at writing this myself!
Still not underestimating the power...
There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.
I hope this doesnt get me banned or flammed but .......
I dont use BT, or any other LiveCD for that matter. Debian Lenny ftw
Nope it won't but it will allow this thread to be closed. We don't support Debian even if Back Track is based off of Ubuntu, that is based off of Debian.I hope this doesnt get me banned or flammed but .......
I dont use BT, or any other LiveCD for that matter. Debian Lenny ftw
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
Posting Permissions