This repository has been archived by the owner. It is now read-only.

[WIP] Ipv6 support #374

Merged
merged 17 commits into from Feb 2, 2017

Conversation

3 participants
@dimriou
Copy link
Contributor

dimriou commented Feb 2, 2017

Depends on PR [ https://github.com/packetfu/packetfu/pull/160 ] on PacketFu. This patch supports MitM attacks on IPv6 endpoints with Javascript Injection ( possibly all modules, not tested for others yet ). However not all user options are implemented, as in the initial IPv4 version.
It is executed with the command: sudo bettercap -t VICITIM_IPV6 --proxy --proxy-module injectjs --js-file PATH_TO_JS_FILE --no-ssltrip .
The PacketFu Library with the Neighbor Discovery PR is also required.

@evilsocket

This comment has been minimized.

Copy link
Owner

evilsocket commented Feb 2, 2017

just ... WOW ___ can u make a PoC video in order for me to see that everything's working on IPv6? I can't test it right now .... great job dude, really.

@dimriou

This comment has been minimized.

Copy link
Contributor

dimriou commented Feb 2, 2017

It's already uploaded here [ https://www.youtube.com/watch?v=Bzwa53Qr6jc ] :)

@evilsocket

This comment has been minimized.

Copy link
Owner

evilsocket commented Feb 2, 2017

OMFG that's great! and kudos for the Tidus wallpaper :D

@evilsocket evilsocket merged commit 87e19d7 into evilsocket:master Feb 2, 2017

@picatz

This comment has been minimized.

Copy link
Contributor

picatz commented Feb 3, 2017

this PR

@evilsocket

This comment has been minimized.

Copy link
Owner

evilsocket commented Feb 4, 2017

Hey @dimriou, why don't you add your packetfu PR as a monkey patch in the meantime? We can remove it after it's merged in the main repo.

@dimriou

This comment has been minimized.

Copy link
Contributor

dimriou commented Feb 4, 2017

Sounds good. I'll fix it as soon as I can.

@evilsocket

This comment has been minimized.

Copy link
Owner

evilsocket commented Feb 27, 2017

Hey @dimriou I did a few fixes to make the IPv6 support work even if no target is specified ( full network spoofing ), but I don't have a way to test it at the moment. Could you please give it a try and see if everything looks ok after my modifications?

@dimriou

This comment has been minimized.

Copy link
Contributor

dimriou commented Feb 28, 2017

NDP spoofing for the whole subnet doesn't work, but I think it needs more changes since IPv4 and IPv6 "subnet" addresses are not the same.
I checked for single target spoofing with the command I described above and it seems to crash at some point without even getting MAC address from victim. I believe there must be an error somewhere.
The first issue needs more work and I don't think I have much free time for that. However I can try to debug the second one if you want as soon as I can.

@evilsocket

This comment has been minimized.

Copy link
Owner

evilsocket commented Mar 1, 2017

Mmmm I guess I'll have to setup an IPv6 network then :) Any ipv6 cabaple router you would suggest? ^^

@dimriou

This comment has been minimized.

Copy link
Contributor

dimriou commented Mar 1, 2017

None that I can think of. But as a workaround, you can use a router that supports both IPv4 and IPv6 ( your home router maybe? ) and make sure that only you and your "victim" machine are connected. After that if the victim's browser visits only IPv6 endpoints, I think you can get the results you want (that works for me). :)

@dimriou

This comment has been minimized.

Copy link
Contributor

dimriou commented Mar 7, 2017

@evilsocket I managed to isolate the error that occurred with the latest update and fixed it locally/ I also left a comment for that. I'm gonna try some more improvements on IPv6 and make a new PR for everything.

@evilsocket

This comment has been minimized.

Copy link
Owner

evilsocket commented Mar 7, 2017

👍

@dimriou dimriou deleted the dimriou:ipv6 branch Mar 22, 2017

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.