infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

added auxiliary/scanner/discovery/ipv6_neighbor.md

MS-2855/keylogger-mettle-extension
Vishal Gupta 2017-12-11 11:58:49 -05:00
parent 36f5ccad3d
commit 499f2dd55d
1 changed files with 69 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
documentation/modules/auxiliary/scanner/discovery/ipv6_neighbor.md Normal file
View File

@ -0,0 +1,69 @@
## Description
This auxiliary module probes the local network for IPv6 hosts that respond to Neighbor Solicitations with a link-local address. This module, like the arp_sweep one, will generally only work within the attacking machines broadcast domain.
## Verification Steps
1. Do: ```use auxiliary/scanner/discovery/ipv6_neighbor```
2. Do: ```set RHOSTS [IP]```
3. Do: ```set SHOST [IP]```
4. Do: ```set SMAC [MAC]```
5. Do: ```set THREADS [number of threads]```
6. Do: ```run```
In addition to setting our RHOSTS value, we also need to set our source MAC address(SMAC) and source host(SHOST) IP address. We then set our RHOSTS and THREADS values and let the scanner run.
## Scenarios
**Running the scanner**
```
msf > use auxiliary/scanner/discovery/ipv6_neighbor
msf auxiliary(ipv6_neighbor) > show options
Module options:
Name Current Setting Required Description
---- --------------- -------- -----------
INTERFACE no The name of the interface
PCAPFILE no The name of the PCAP capture file to process
RHOSTS yes The target address range or CIDR identifier
SHOST yes Source IP Address
SMAC yes Source MAC Address
THREADS 1 yes The number of concurrent threads
TIMEOUT 500 yes The number of seconds to wait for new data
msf auxiliary(ipv6_neighbor) > set RHOSTS 192.168.1.2-254
RHOSTS => 192.168.1.200-254
msf auxiliary(ipv6_neighbor) > set SHOST 192.168.1.101
SHOST => 192.168.1.101
msf auxiliary(ipv6_neighbor) > set SMAC d6:46:a7:38:15:65
SMAC => d6:46:a7:38:15:65
msf auxiliary(ipv6_neighbor) > set THREADS 55
THREADS => 55
msf auxiliary(ipv6_neighbor) > run
[*] IPv4 Hosts Discovery
[*] 192.168.1.10 is alive.
[*] 192.168.1.11 is alive.
[*] 192.168.1.2 is alive.
[*] 192.168.1.69 is alive.
[*] 192.168.1.109 is alive.
[*] 192.168.1.150 is alive.
[*] 192.168.1.61 is alive.
[*] 192.168.1.201 is alive.
[*] 192.168.1.203 is alive.
[*] 192.168.1.205 is alive.
[*] 192.168.1.206 is alive.
[*] 192.168.1.99 is alive.
[*] 192.168.1.97 is alive.
[*] 192.168.1.250 is alive.
[*] IPv6 Neighbor Discovery
[*] 192.168.1.69 maps to IPv6 link local address fe80::5a55:caff:fe14:1e61
[*] 192.168.1.99 maps to IPv6 link local address fe80::5ab0:35ff:fe6a:4ecc
[*] 192.168.1.97 maps to IPv6 link local address fe80::7ec5:37ff:fef9:a96a
[*] Scanned 253 of 253 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(ipv6_neighbor) >
```
Looking at the module output, you can see that this scanner serves the dual-purpose of showing what hosts are online similar to arp_sweep and then performs the IPv6 Neighbor Discovery.