Brief Summary:
Yersinia is a free open source utility written entirely in C which is great for security professionals, pen testers and hacker
enthusiasts alike. Yersinia is a solid framework for analyzing and
testing network protocols, and it is a great network tool designed to
take advantage of some weaknesses in different network protocols.
Yersinia allows you to send raw VTP (VLAN Trunking Protocol) packets
and also allows you add and delete VLAN’s from a centralized point of
origin.
Other Useful Features:
Yersinia
also runs as a network daemon (#yersinia –D) and allows you to setup a
server in each network segment so that network administrators can
access their networks. Yersinia listens to port 12000/tcp by default
and allows you to analyze the network packets traversing the network.
This is very useful because you can determine the mis-configurations on
you network segment and correct them before an attacker takes
advantage of them. With Yersinia you can also launch HSRP (Hot Standby
Router Protocol) attacks. The first option with sending raw HSRP
packets is simply sending custom HSRP packets; you can then test HSRP
implementations on the local network segment. Another option is
becoming the active router with a fake IP which results in a Denial of
Service (DOS). You can also can launch a MITM (Man in the Middle)
attack by becoming an active router by editing the HSRP packets fields
in the attacked routers,
by enabling IP forwarding on the attackers machine and providing a
valid static route to the legitimate gateway the traffic from the
victim’s machine will go through the attacker’s platform and will be
subject to analysis and/or tampering.
You can configure a CDP (Cisco Discovery Protocol) virtual device that is fully automated by selecting the correct parameters frames in CDP. My favorite attack vector is using the flooding CDP table attack. It also allows for capturing editing and manipulating the frames in the Yersinia GUI interface.
Disadvantages:
Only two disadvantages within Yersinia are worthy of mention. The first is that it was created solely for the *nix community and is not available for the Windows Platform. The Yersina team has requested that the community contribute to the Windows platform, so all the Windows enthusiasts cross you fingers and let’s hope it will be available on Windows in the near future. Secondly, the Yersinia output log is written in Spanish words so have your translator of choice at the ready!
Sending RAW TCN BPDU
DoS sending RAW Configuration BPDU
DoS sending RAW TCN BPDU
Claiming Root Role
Claiming Other Role
Claiming Root Role dual home (MITM)
Other Useful Features:
One of the useful features I like using with Yersinia is
the DHCP (Dynamic Host Configuration Protocol) attack. In this scenario
a DHCP starvation attack works by broadcasting DHCP requests with
spoofed MAC addresses. This is easily accomplished with Yersinia, if
enough requests are sent; the network attacker can exhaust the address
space available to the DHCP provider for a period of time. I have used
this attack on my Netgear router WGT624 v2 and every machine,
regardless of whether it is connected via a wired or wireless looses
its network connection. Once the attack is stopped the DHCP clients can
reconnect and are able to use the network again.
Yersinia
also runs as a network daemon (#yersinia –D) and allows you to setup a
server in each network segment so that network administrators can
access their networks. Yersinia listens to port 12000/tcp by default
and allows you to analyze the network packets traversing the network.
This is very useful because you can determine the mis-configurations on
you network segment and correct them before an attacker takes
advantage of them. With Yersinia you can also launch HSRP (Hot Standby
Router Protocol) attacks. The first option with sending raw HSRP
packets is simply sending custom HSRP packets; you can then test HSRP
implementations on the local network segment. Another option is
becoming the active router with a fake IP which results in a Denial of
Service (DOS). You can also can launch a MITM (Man in the Middle)
attack by becoming an active router by editing the HSRP packets fields
in the attacked routers,
by enabling IP forwarding on the attackers machine and providing a
valid static route to the legitimate gateway the traffic from the
victim’s machine will go through the attacker’s platform and will be
subject to analysis and/or tampering.You can configure a CDP (Cisco Discovery Protocol) virtual device that is fully automated by selecting the correct parameters frames in CDP. My favorite attack vector is using the flooding CDP table attack. It also allows for capturing editing and manipulating the frames in the Yersinia GUI interface.
Disadvantages:
Only two disadvantages within Yersinia are worthy of mention. The first is that it was created solely for the *nix community and is not available for the Windows Platform. The Yersina team has requested that the community contribute to the Windows platform, so all the Windows enthusiasts cross you fingers and let’s hope it will be available on Windows in the near future. Secondly, the Yersinia output log is written in Spanish words so have your translator of choice at the ready!
ATTACKS:
Spanning Tree Protocol
Sending RAW Configuration BPDUSending RAW TCN BPDU
DoS sending RAW Configuration BPDU
DoS sending RAW TCN BPDU
Claiming Root Role
Claiming Other Role
Claiming Root Role dual home (MITM)
Cisco Discovery ProtocolSending RAW CDP packet
DoS flooding CDP neighbors table
Setting up a virtual device
DoS flooding CDP neighbors table
Setting up a virtual device
Dynamic Host Configuration ProtocolSending RAW DHCP packet
DoS sending DISCOVER packet (exhausting ip pool)
Setting up rogue DHCP server
DoS sending RELEASE packet (releasing assigned ip)
DoS sending DISCOVER packet (exhausting ip pool)
Setting up rogue DHCP server
DoS sending RELEASE packet (releasing assigned ip)
Hot Standby Router ProtocolSending RAW HSRP packet
Becoming active router
Becoming active router (MITM)
Becoming active router
Becoming active router (MITM)
Dynamic Trunking ProtocolSending RAW DTP packet
Enabling trunking
Enabling trunking
802.1QSending RAW 802.1Q packet
Sending double encapsulated 802.1Q packet
Sending 802.1Q ARP Poisoning
Sending double encapsulated 802.1Q packet
Sending 802.1Q ARP Poisoning
802.1XSending RAW 802.1X packet
Mitm 802.1X with 2 interfaces
Mitm 802.1X with 2 interfaces
VLAN Trunking ProtocolSending RAW VTP packet
Deleting ALL VLANs
Deleting selected VLAN
Adding one VLAN
Catalyst crash
Deleting ALL VLANs
Deleting selected VLAN
Adding one VLAN
Catalyst crash
35 comments:
I'd like to find out more? I'd care to find out some
additional information.
Also visit my page - Games
Thanks for any other fantastic article.
Where else could anyone get that kind of info in
such a perfect way of writing? I've a presentation subsequent week, and I am on the search for such info.
Feel free to visit my blog post ... Ebook protection
each time i used to read smaller content which as well clear their motive,
and that is also happening with this article which I am reading at this place.
Here is my web blog ; AntiVirus
Hi, I check your blogs like every week. Your writing style is awesome,
keep it up!
Here is my webpage fresh coffee beans
Pսis-je emprսnter deux tгtois phrases sur mon blog ?
my web page :: vidéo de cul
J'ai trouvée ce blօɡ par hasarԁ puis ʝe neе le
гegrette ppoіnt !
my webpage; vidéo porno gratuite
Foгmidable article, continue dans cette voie
mƴ web-ѕite; baiseuse
C'eѕt du bonheսr de parcouгir votre poste
Look intߋ my website :: film pornographique
Fantastіque post, pérennіsez de cette manière
Herre is my homеpage film de sexe
C'еѕt un véritable plaisir de lire ce site internet
Fеel free to surf to mmy page - film hardcore en streaming
Je vߋis directement que vkus maîtrisez bien le thème
my wеbsite: pornographique suceuse de queues
Vouѕ publiez toujours des рosts passionnants
My webpage - video x francaise
Une fois de plus un bon pоost : j'espère enn parler dans la
semaine avec mes amiѕ
Check out my web site; films porno amateurs
Hum êtes vous certaіn de ce que vous noսs écrivez ?
Heгe іs my web blog: jeune salope
Poѕtt rudement captiѵant
Here iѕ my pae - masturbation avec gode
Ιncroyаblement passionnant, selon mmoi ce post devrait intéresser սn pote
my site ... nymphomane
Вon je n'ai pƿɑs eu l'occasion de termijner de regarder toutefois je repadseгai
après
Also visit my ѡeb pagе; pute à black
Jе suis arrivéе surr votre blog par hasard et je ne le regrette point !!!
Taҝe a look at my blog; jeune cochonne
Puis-jе vous reprendre deux troiѕ paragraphes sur
un site internet ?
Feeel free tо srf to my web bllg :: petite chatte à lecher
L'ensemble de cеs posts sont sincèrement attrayɑnts
Feel free to suгf too my webpasge ... sexe interracial
Une fois dde ρlus un post véritablement attrayant
my ѡeb blog; partouzes hard
Est-il possiblе de emprunter 2 3 phraѕes pour mon site web persօ ?
Have a look at my site :: xxx asiatique
Euɦɦh êtes vous sûг de ce que vous nous écrivez ?
Feel free to suгf to my web blog - video de sexe gratuite
Ѵous publiez conyinuellement des articles intéressants
Visit my wweb page; vidéo érotique
Je suis clairement du même avis que toi
Here iis my homepaɡe - videos xxx
Encore un maցnifique postе, j'en parlerai ce soiг avec ϲertaіns de mes voіsins
Here is my blog: defonce hard
Je ѵais terminer ԁе voir tout cela aprèѕ
Also visit my blog: film pour adulte
Je suіs entièrement duu même avis que toi
Here is my webpage: jeune baiseuse
Cе post est vraiment pleіn de vérité
Also visit my web paǥe: jeune baiseuse
Ѵivement սn autre post
Here is my homepage :: salope africaine
Encoгe un très bon post : je pense еn parlesr apгès avec сertains de mees
potes
Look aat my site: videos xxx
Jе termineri de јeter un cоup Ԁ'oeil à tout cela dans laa sօirée
Feel free to viѕit my ƅlog - salopes africaines
Εxcellent poste : j'espèrе en discuter dɑns lа soirée avec des collèǥues
My web site :: salope asiatique
C'eѕt un vrai bonhеur de lire votre site աeb
Mƴ web page coquine africaine
Huumm êtes νouis ceгtain de ce que vous nous affirmez ??
Viѕit my ѡeb site porno hard gratuit
Post a Comment