Results 1 to 3 of 3

Thread: Attacking the Spanning tree protocol (STP)

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Jun 2006
    Posts
    7

    Default Attacking the Spanning tree protocol (STP)

    I'm studying the attacks against the Spanning tree protocol. The idea of the attack I'm studying is to become the MITM. In my research I found two programs in Backtrack 4 capable of doing this attack:

    Ettercap using the stp_mangler plugin
    #ettercap -TqP stp_mangler

    Yersinia
    #yersinia -I

    Setup:
    I use two Cisco switches, both using the default factory settings. Two hosts running windows xp each connected to a switch. I generate some traffic to sniff between the hosts. I run Backtrack 4 on a third computer with two network adapters. Each network adapter is connected to a switch.

    H------S------S------H
    \ /
    B

    Man page yersinia yersinia(8): FrameWork for layer 2 attacks - Linux man page

    When I start the attack with Yersinia STP attack 6, yersinia terminates. (this attack needs two network adapters)

    When I start the attack with Yersinia STP attack 4, I see with wireshark that STP packets are send. But I don't get to see traffic of the hosts.

    When I start the attack with ettercap stp_mangler plugin, I see with wireshark that STP packets are send. But I don't get to see traffic of the hosts.

    Searching google and this forum I couldn't find any examples or informations about this attack.

    Dose some one have experience with this kind of attack and information about it?

    Thanks

    By searching some more I found this tread:

    http://www.backtrack-linux.org/forum...sion/18471.htm

    Thorin suggests here some papers about STP claiming root attack. Thanks Thorin.

    In the blackhat paper they add a "Hub" to the setup. By doing this both programs worked like a charm. The hub comes between both switches and the attacker.
    Last edited by Archangel-Amael; 05-26-2010 at 07:29 PM.

  2. #2
    Good friend of the forums gunrunr's Avatar
    Join Date
    Jan 2010
    Location
    shining my spoon
    Posts
    265

    Default Re: Attacking the Spanning tree protocol (STP)

    this really kinda goes in the beginnner section upstairs, but check this informative layer 2 presentation from defcon 16
    https://media.defcon.org/dc-16/video...r2_Attacks.m4v
    Wielder of the spoon of doom
    Summercon, Toorcon, Defcon, Bsides, Derbycon, Shmoocon oh my
    Come hang out with hackers on twitter @gunrunr556

  3. #3
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default Re: Attacking the Spanning tree protocol (STP)

    You might find something of value in here:
    SAFE LAYER 2 SECURITY IN-DEPTH— VERSION 2
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

Similar Threads

  1. Routing protocol - RIP
    By theos_cro in forum Beginners Forum
    Replies: 1
    Last Post: 01-30-2010, 04:47 PM
  2. Stuck on aufs 2-standalone.tree-29-20090518
    By Datenshi in forum OLD BackTrack 4 General Support
    Replies: 4
    Last Post: 11-22-2009, 02:18 AM
  3. BT3 and pyrit sittin in a tree....
    By zotzot in forum OLD BackTrack3 Howtos
    Replies: 1
    Last Post: 05-06-2009, 11:43 PM
  4. Magnolia tree
    By onlythe lonely in forum OLD General IT Discussion
    Replies: 13
    Last Post: 11-12-2008, 07:56 AM
  5. pointer need BT3Beta > bt3 final changes tree
    By robertltux in forum OLD BT3final Support
    Replies: 1
    Last Post: 06-20-2008, 12:04 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •