/deadnet

A dos (denial of service) attack for local networks using dead router attack (IPv6) and ARP attack (IPv4) simultaneously

Primary LanguagePythonGNU General Public License v3.0GPL-3.0

image



Make a wireless network unresponsive

  • Tested on Kali Nethunter
  • Works for both IPv6 and IPv4

How it works

IPv6

In IPv6, the ARP mechanism was ditched due to several reasons, one of them being lack of security.
Instead there is Neighbor/Router Discovery Protocol, which will be exploited in this attack.
For more info about how IPV6 router discovery mechanism works

Dead router attack - this attack periodically sends a spoofed RA (router discovery) packet with the gateway's lladdr to the multicast address on the local link, which signals that the router is dead. This would prevent the hosts from forwarding traffic to the gateway. Furthermore, a scapy method is running on a separate thread in the background, sniffing traffic. It immediately invalidates all incoming RA packets from routers by sending spoofed ones that indicate the router is not operational (routerlifetime=0).

IPv4

ARP attack - continuously sends spoofed ARP packets (using scapy) to every host on the network, poisoning its ARP table.
The gateway is mapped to an incorrect MAC address and therefore the traffic never reaches its true destination, making the network unresponsive.
Furthermore, the gateway also receives an ARP packet from each host that contains a spoofed MAC address.

Wifi-Deauth

There's another way to make a perform a DoS attack on wireless networks and that is by sending de-auth packets.
There's a separate project for that here and it requires a network adapter that supports packet injection.

Requirements

Works on every OS.
The only difference would be in the output, which in LINUX OS would refresh the same line to log updates rather than printing new lines in other operating systems.

3rd party libraries can be installed by running the following command: pip3 install -r requirements.txt as they are listed inside the requirements file:

scapy~=2.4.5

Usage

Poisoning ARP Cache (IPv4)

The network interface is a mandatory param and should always be passed, for example (eth0 is the most commonly used in kali):

./deadnet.py -i eth0
  • Setting cidr length The default cidr length is 24 since it is the one most commonly used, but can be set by defining the -m, --set-cidrlen argument.

  • Setting custom gateway In case something goes wrong and the gateway ip cannot be automatically set, a custom one can be set by defining the -g, --set-gateway argument.

Spoofing Router Advertisement Packets (IPv6)

As mentioned before, it is possible to spoof RA packets in case the network supports IPv6.
This attack is enabled automatically, and can be disabled by passing -6, --disable-ipv6, for example:

./deadnet.py -i eth0 --disable-ipv6
  • Setting preflen The default (and most commonly used) IPv6 preflen is 64, in order to set a different one passing -pl, --set-preflen should do the trick.

Notes

  • No buffer space available exception
    If the following exception occurs: Errno 105 No Buffer Space Available simply increase the buffer size by running this command -> sudo ifconfig <net_interface> txqueuelen 100000 where net_interface is the network interface name.

Disclaimer

This tool is only for testing and can only be used where strict consent has been given. Do not use it for illegal purposes! It is the end user’s responsibility to obey all applicable local, state and federal laws. I assume no liability and am not responsible for any misuse or damage caused by this tool and software.

Distributed under the GNU License.