When we speak of layer 3, the Network Layer, a very few tools have the power or the capability to support all the support protocols for packet generation and attack. To name a few, we have tools like Cain & Abel, Scapy, Yersinia and HPING. Yersinia and Scapy being our favourites, they need a bit of knowledge before being set up. Enter Loki, a Python based GUI framework implementing many packet generation and attack modules for Layer 3 protocols!
Loki was released by security researchers for the Germany based ERNW GmbH at BlackHat USA 2010. It includes a GUI that has been programmed in GTK/GLADE and lots of protocols that none of the other tools have implemented yet! To be precise, the following protocols are supported:
ARP
HSRP, HSRPv2
RIP
BGP
OSPF
EIGRP [not-yet-to-be-released due to legal blur]
WLCCP [not-yet-to-be-released due to legal blur]
VRRP, VRRPv3
BFD
LDP
MPLS (re-labeling, tunnel interface)
Based on the above mentioned protocols, it supports the following attacks:
ARP:
Arp spoofing
Arp scanning
Arp flooding
BFD:
DoS of existing BFD session
BGP:
NLRI injection
EIGRP:
EIGRP TLV injection
Authenticated / Unauthenticated DoS
HSRP, HSRPv2:
IP address take-over
LDP:
Injection of label mapping messages
MPLS:
Rewrite of MPLS labels
MPLS-VPN enabled network stack
OSPF:
Injection of LSAs
MD5 authentication cracking
RIP:
Route injection
TCP-MD5:
RFC2385 authentication cracking
VRRP, VRRPv3:
IP Address take-over
WLCCP:
Winning the WDS master election
Sniffing and cracking of infrastructure authentication (asleap)
Sniffing and generating of CTK nonce and key
Sniffing and decryption of client PMK
It replicates some of the functionality of Yersinia and Scapy, but does so in a much more useful package while adding support for lots of new protocols commonly found in enterprise networks. It allows you to manipulate network protocols for man-in-the-middle attacks. Actually, it is a GUI for a lot many tools such as mplstun.
Loki requires that you have the following versions of softwares installed:
python v2.6.5
pygobject v2.20.0
pygtk v2.16.0
libglade v2.6.4
dnet v1.11
pylibpcap v0.5.1
dpkt v1.6
ipy v0.70, 0.64
Download Loki v0.2.4 (loki.py) here.
No comments:
Post a Comment