Loading...

Blackhat 2012 EUROPE - Attacking IPv6 Implementation Using Fragmentation

2,089 views

Loading...

Loading...

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on May 24, 2012

This video is part of the Infosec Video Collection at SecurityTube.net: http://www.securitytube.net

Blackhat 2012 EUROPE - Attacking IPv6 Implementation Using Fragmentation

https://media.blackhat.com/bh-eu-12/A... https://media.blackhat.com/bh-eu-12/A... https://media.blackhat.com/bh-eu-12/A... IP fragmentation attacks is not a new issue. There are many publications regarding their exploitation for various purposes, including, but not limited to, OS fingerprinting, IDS/IPS insertion/evasion, firewall evasion and even remote code execution. The adoption of the new IP version, IPv6, has opened new potential exploitation fields to the attackers and pen testers. In this paper, it will be examined whether fragmentation issues still remain in IPv6 implementation of some of the most popular Operating Systems and whether they can also be used for the aforementioned purposes. To this end, several fragmentation attacks will be presented and their impact will be examined. As it will be shown, most of the popular OS, such as Windows, Linux and OpenBSD are susceptible to such attacks. In each case, the corresponding proof of concept code is provided. As it will be explained, such attacks, under specific circumstances can lead to OS fingerprinting, IDS insertion/evasion and firewalls evasions. Finally, these tests will also show which OS appears to be the most immune to IPv6 fragmentation attacks.

Loading...

When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...