Published on July 5th, 2012 | by NJ Ouchn0
The complete toolkit to analyze IPv6 weaknesses THC-ipv6 v1.9 is released
A complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an easy to use packet factory library.
News and Changelog Please note that public versions do not include all tools available! Only those who send in comprehensive patches and new tools for thc-ipv6 get the private versions which are released more often, include unreleased tools and more! If you want to participate, here is a list of tools that would be interesting: * Adding raw mode (sending into a sit 6to4 tunnel) to the library (the current implemetation doesnt work) * Enhancing the library so it works on FreeBSD and OSX too * Create a tool which tests an ipv6 address if it is an endpoint for various tunnel protocols * Adding more exploit tests to exploit6 (I can supply a long list of exploit files) * Adding more denial of service tests to denial6 * Add a dhcp6 client fuzzer * Add a dhcp6 server fuzzer If you want to work on a topic on the list, email me, so not multiple people are working on the same tool. Contact: vh(at)thc(dot)org and put "antispam" in the subject line. CHANGELOG: ########## * added new tool: detect_sniffer6 (Windows, Linux, *BSD, OS X, ...) * added new tool: fake_router26 which gives more control on options * added new tool: dnsrevenum6 which reverse enumerates the DNS * added new tool: inverse_lookup6 which gets the IPv6 addresses of a mac address * added new tool: fake_solicitate6 which lets you fake neighbor solicate packets * added new tool: address6 converts between ipv6 <=> ipv4 and mac addresses * added new tool: passive_discovery6 which detects all sending systems and includes DAD detection * dnsdic6: - added full SRV service scan support (-S option) - fix for x64 systems, thanks to alphacc(at)altern(dot)org - some more minor fixes * thcping6: - added -U udp option - return code -1 no reply, 0 reply, 1 error reply * fuzz_ip6: - added TCP (-0 port) to the fuzzer with tstamp, mss + wscale options - return code 0 on tests done and target alive, 1 on target crashed * detect-new-ip6: now the interface is passed as 2nd cmdline option to the script * implementation6: - added more tests (AH + ESP ping tests, 8k exthdr, 2k exthdr size) - fixes for some tests - returns -1 on errors, 0 if at least one reply, 1 if no or only error replies * parasite6: - fixed a crash when -F and -R were used together - parasite6 now terminates as it should, also ending childrens when using -l - fixed the mac command line parameter that was not working * trace6: - fixed a crash - made it a bit faster - fix for targets further away than 18 hops - enhanced error messages * kill_router6: fixed '*' target option * dos-new-ip6: also DOSes non-link-local addresses now * toobig6: fixed crash when mtu size specified was < 47 * send errors dont result in program exits for flood_*, fuzz_ip6 and ndpexhaust6 tools anymore * thc-ipv6-lib: - changed the thc_pcap_function to * have a an addition parameter, promisc (before it was not promiscous) * reduce CPU load, which affects detect-new-ip6, dos-new-ip6 and parasite6 - changed some function defines from/to signed/unsigned * cleaned up the code Download