mirror of
https://github.com/carlospolop/hacktricks
synced 2024-12-18 17:16:10 +00:00
4.7 KiB
4.7 KiB
EIGRP Attacks
{% hint style="success" %}
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
This is a summary of the attacks exposed in https://medium.com/@in9uz/cisco-nightmare-pentesting-cisco-networks-like-a-devil-f4032eb437b9. Check it for further information.
Fake EIGRP Neighbors Attack
- Objective: To overload router CPUs by flooding them with EIGRP hello packets, potentially leading to a Denial of Service (DoS) attack.
- Tool: helloflooding.py script.
- Execution: %%%bash ~$ sudo python3 helloflooding.py --interface eth0 --as 1 --subnet 10.10.100.0/24 %%%
- Parameters:
--interface
: Specifies the network interface, e.g.,eth0
.--as
: Defines the EIGRP autonomous system number, e.g.,1
.--subnet
: Sets the subnet location, e.g.,10.10.100.0/24
.
EIGRP Blackhole Attack
- Objective: To disrupt network traffic flow by injecting a false route, leading to a blackhole where the traffic is directed to a non-existent destination.
- Tool: routeinject.py script.
- Execution: %%%bash ~$ sudo python3 routeinject.py --interface eth0 --as 1 --src 10.10.100.50 --dst 172.16.100.140 --prefix 32 %%%
- Parameters:
--interface
: Specifies the attacker’s system interface.--as
: Defines the EIGRP AS number.--src
: Sets the attacker’s IP address.--dst
: Sets the target subnet IP.--prefix
: Defines the mask of the target subnet IP.
Abusing K-Values Attack
- Objective: To create continuous disruptions and reconnections within the EIGRP domain by injecting altered K-values, effectively resulting in a DoS attack.
- Tool: relationshipnightmare.py script.
- Execution: %%%bash ~$ sudo python3 relationshipnightmare.py --interface eth0 --as 1 --src 10.10.100.100 %%%
- Parameters:
--interface
: Specifies the network interface.--as
: Defines the EIGRP AS number.--src
: Sets the IP Address of a legitimate router.
Routing Table Overflow Attack
- Objective: To strain the router's CPU and RAM by flooding the routing table with numerous false routes.
- Tool: routingtableoverflow.py script.
- Execution: %%%bash sudo python3 routingtableoverflow.py --interface eth0 --as 1 --src 10.10.100.50 %%%
- Parameters:
--interface
: Specifies the network interface.--as
: Defines the EIGRP AS number.--src
: Sets the attacker’s IP address.
{% hint style="success" %}
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.