DHCP Starvation: DoS Attacks to the DHCP Server

April 23, 2019 Comments Off

Yersinia is a network tool designed to take advantage of some weaknesses in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems.

Attacks for the following network protocols are implemented: Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1Q, IEEE 802.1X, Inter-Switch Link Protocol (ISL), VLAN Trunking Protocol (VTP).

Attacks using DHCP Starvation, which exhausts all IP Pool DHCP server.The operating principle of this attack is very simple:

Asking yourself IP -address at the DHCP server and a receives it;
Change the MAC addresses and ask for the next one, a different IP -address, masquerading as a new client;
Such action is repeated until the entire pool of IP address on the DHCP server is reached.

To automate this type of attack there is a tool called Yersinia

Features:

100% written in C.
It uses libpcap, libnet and ncurses.
Runs on Linux, BSD and Solaris, Mac OSX
Multithreaded: it supports multiple users and multiple attacks per user.
Examine, analyze and watch your packets
Edit each protocol’s fields
Capture your network data in pcap format.
Customize your preferences in a configuration file.
Monitor and capture packets from the network and replay them with your modifications.
Three main modes: command line, network client and ncurses GUI

Usage:

yersinia [-hVGIDd] [-l logfile] [-c conffile] protocol [protocol_options]

-V Program version.
-h This help screen.
-G Graphical mode (GTK).
-I Interactive mode (ncurses).
-D Daemon mode.
-d Debug.
-l logfile Select logfile.
-c conf-file Select config file.