Tutorials

parasite6 – Redirect all IPv6 traffic through your attacker machine

Redirect all IPv6 traffic through your attacker machine with parasite6

Parasite6 is the arpspoof in IPv6 networks and also a part of the THC-IPv6 tools suite. As always they have made it very simple & effective. Parasite6 just spoofs the neighbor advertisement & solicitation packets. Specifically, it advertises that the attacker machine is the router for every neighbor solicitation packet. So virtually all traffic in the IPv6 network gets the false advertisement from the attacker machine & sends all packets to the attacker machine thinking that it is the router. We can either specify a mac address or run without specifying it. Either way, this works very good just like arpspoof tool.

Options

Syntax: parasite6 [-lRFHD] interface [fake-mac]
-l       loops and resends the packets per target every 5 seconds.
-R       try to inject the destination of the solicitation

NS security bypass:

-F       fragment, 
-H       hop-by-hop and 
-D       large destination header

Homepage: https://www.thc.org/thc-ipv6/

Reference: Cisco

Note: This tutorial was written when Kali 1.0.9 was the latest. In newer versions (Kali Sana & Kali Rolling) the command has changed to atk6-tool. For example, you are using parasite6, in the newer version becomes atk6-parasite6.

Lab: Spoof the network and Route all packets through your system.

Scenario: I have an IPv6 network & some IPv6 hosts

IPv6 network : fc00::01/64

Attacker : Kali Linux VM

This is simple as it is. First turn on IPv6 forwarding and run parasite.

Command: echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
Command: parasite6 eth0<replace with your interface> -l
Packets Being Spoofed

Try different options yourself including giving a fake mac address in square brackets after options.

To evaluate if it’ s working correctly, test with Passive Discovery6. Click here to view tutorial on it. You can also do it with urlsnarf or driftnet or just any other sniffer.

Don’t forget to comment & Subscribe. It’s what keeps us alive.

Ravi Sankar

Recent Posts

ROADTools: The Modern Azure AD Exploration Framework

ROADTools is a powerful framework designed for exploring and interacting with Microsoft Azure Active Directory…

8 hours ago

How to Enumerate Microsoft 365 Groups Using PowerShell and Python

Microsoft 365 Groups (also known as M365 Groups or Unified Groups) are at the heart…

9 hours ago

SeamlessPass: Using Kerberos Tickets to Access Microsoft 365

SeamlessPass is a specialized tool designed to leverage on-premises Active Directory Kerberos tickets to obtain…

1 day ago

PPLBlade: Advanced Memory Dumping and Obfuscation Tool

PPLBlade is a powerful Protected Process Dumper designed to capture memory from target processes, hide…

1 day ago

HikPwn : Simple Scanner For Hikvision Devices With Basic Vulnerability Scanning

HikPwn: Comprehensive Guide to Scanning Hikvision Devices for Vulnerabilities If you’re searching for an efficient…

2 days ago

Comments in Bash Scripts

What Are Bash Comments? Comments in Bash scripts, are notes in your code that the…

1 week ago