mailing list archives
Ideas for NSE IPv6
From: Djalal Harouni <tixxdz () opendz org>
Date: Sun, 27 Mar 2011 10:46:17 +0100
I just got a link to this tool: http://www.thc.org/thc-ipv6/ by THC.
To quote THC: "A complete tool set to attack the inherent protocol
weaknesses of IPV6 and ICMP6 ..." , the tool is under GPL v3.
Actually there is a simple tool (file: flood_router6.c) that will cause
a DoS on multiple plateforms by using IPv6 Neighbor Discovery Router
Advertisement packets  (I didn't test it).
There are some good ideas out there which I think can be implemented as
Speaking about NSE IPv6, there are some scripts which assume that they
are running in the IPv4 mode even if the '-6' option was specified. This
is buggy code.
Scripts that are using protocols which are available _only_ in one mode
IPv4 or IPv6, can call the nmap.address_family() function, check the
returned string 'inet' or 'inet6' and fail silently with a debug
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/
- Ideas for NSE IPv6 Djalal Harouni (Mar 27)