SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for thc-ipv6-3.4-7.1.x86_64.rpm :
Thu Jan 4 13:00:00 2018 mardnhAATTgmx.de
- Update to version 3.4

* Added new function to thc-ipv6-lib: thc_send_raguard_bypass6()
bypass attack found by ERNW in one easy function.

* Added RA guard bypass attack (F option) to:
- fake_router26
- flood_router26
- fake_advertise6

* added new tool: flood_unreach6 (black nurse attack)

* fake_pim6:
- added bootstrap and assert support
- added loop mode
- added flood mode
- rewrote help output
- some fixes

* fuzz_ip6: added PIM hello, bootstrap and assert support

* alive6: fix for IPv6 address display for unreachable dst reason

* implementation6: large fragmentation EH test added

* covert_send6d: fixed receiving multiple packets

* better automatic source adress type selection

* added patch to support the horrible openssl-1.1 release

* some minor enhancements and fixes
- Fix URL
- Minor specfile cleanup
- Add patch:

* thc-ipv6-fix-build-with-recent-glibc.diff

Thu Jan 19 13:00:00 2017 mardnhAATTgmx.de
- update to version 3.2

* added toobigsniff6: send ICMPv6 toobig messages for sniffed traffic

* added alive2map.sh script to create a network map (graphviz->jpg)
from a list of alive hosts

* alive6: fixed displaying right source of one packet type

* dump_router6: added -S option to specify an IPv6 source address

* fake_router26: new -f option to specify the sending mac address

* thcsyn6: added -f and -d options

* flood_router26:
- added -m option to force DHCPv6 managed and other configuration
- reduced lifetime for -s option to 1s

* dnssecwalk: added TCP mode (-t)

* dnsrevenum6: added TCP mode (-t)

* fake_advertise6: a second packet always was sent with no flags. fixed.

* flood_rs6 and thcping6: small fixes

* re-enabled raw mode, works now with modern kernels it seems

* small reliability patches by Benjamin Kellermann, thanks!

* added man page auto generator by Benjamin Kellermann, thanks!

* small change to the Makefile to allow installation even if not
everything could be compiled (libraries missing)
- rebased patches

* thc-ipv6-obey-cflags.diff

Fri Apr 15 14:00:00 2016 mardnhAATTgmx.de
- update to version 3.0
- fragrouter6 (NEW TOOL)
- evade IDS easily and use all your favorite IPv6 attack tools
- connsplit6 (NEW TOOL)
- split up a connection so that replies are sent to a different IPv6 address
-
*.sh
- added a lot of shell helper scripted for zone transfers, creating maps, etc.
- 6to4test.sh, create_network_map.sh, extract_hosts6.sh, six2four.sh,
axfr-reverse.sh, axfr.sh, dnsrevenum6.sh, extract_networks6.sh,
thc-ipv6-setup.sh, dnssecwalk.sh, trace62list.sh, dos_mld6.sh, local_discovery6.sh
- alive26:
- -r renew option was accidently always on by default
- added -I /mask random source option
- restructured the -h help output
- fake_router26:
- option -X removes router entry from targets on exit (patch from Dan Luedtke, thanks)
- flood_router26:
- Fix - the source mac was always null bytes without evasion, thank to Christopher Werny for reporting
- ndpexaust26:
- option -m generates maximum size packets
- dump_router6:
- fixed route option parsing
- support for new RA options
- dump_dhcp6
- added vendorid support for request
- thcping6:
- added -O TCP Fast Open cookie request option
- fuzz_dhcps6
- enhancements to the help output
- added -w sec wait between packets option
- added more options to the solicitate request to fuzz
- thcping6:
- added -O TCP Fast Open cookie request option
- thcsyn6
- added -O TCP Fast Open fake cookie sending option
- fixed memory leak
- connect6:
- will now print the known MTU path to the destination upon succesful connect
- Renamed dos_mld.sh to dos_mld6.sh and local_discovery.sh to local_discovery6.sh
- ran spec-cleaner
- add patches:
- thc-ipv6-obey-cflags.diff
- thc-ipv6-use-pkgconfig-for-libnetfilter_queue-cflags.diff
- thc-ipv6-fix-implicit-pointer-declaration.diff

Fri Jan 16 13:00:00 2015 Sven Uebelacker - 2.7
- updated to version 2.7
- changes from 2.3 to 2.7
- All flood_
* tools:
- changed destination so that targets can be remote.
Yes this should not work, but sometimes it does :-)
- New tool: fuzz_dhcpc6 - DHCPv6 client fuzzer, submitted by Darrell Ambro, thanks a lot!
- Added new script: six2four.sh - send an IPv6 packet via a 6to4 gateway
- Added new script: grep6.pl - extracts an IPv6 in all possible notations from a file (from Eric Vyncke)
- alive6:
- setting -C twice increases the common address search space significantly
- fixed from-to definition implementation
- added \"-y step\" option, to define the step range when performing from-to
scans (e.g. 2001:1::0-ff), default step range is of course 1, max is 256
- selects the source IPv6 address for every new target now; waiting, if no
fitting IPv6 address is present on the interface until one is
- if you use -s for alive scanning, the new \"one packet fingerprinting\" functionality
is automatically used, courtesy of warlord AATT nologin from his poison tool
- error message if a packet can not be send for >50ms, and waiting for 60 seconds
- cleaned up help output and add -hh more help/options output
- thcsyn6:
- added -m dstmac option (good for DOSing local, esp. hot standby addresses)
- added -d dst hdr option
- documented -a hbh-ra option
- denial6:
- added five more test cases with HBH-RA and AH headers
- flood_router26
- added -a hopbyhop with router alert option
- changed a default so the attacks do not show up in Snort IDS
- flood_redir6
- added -a hopbyhop with router alert option
- flood_solicitate6
- added query address parameter option
- added -a hopbyhop with router alert option
- fuzz_ip6:
- fixes for HBH and DST EH fuzzing
- thcping6:
- added -x flood option
- added -e ethertype option
- added -V IP version option
- added -L payload length option
- added -N next header option
- now prints fragID of fragmented replies
- implementation6:
- a few more test cases and fixes
- dump_dhcp6
- more option decoding, better solicitate packet
- added sending information request packet
- four2six:
- support for source port and ping ID (required for AFTR)
- trace6:
- support for MTU sizes > 2500 added
- implementation6
- fixed to test cases where the wrong fragment nxt header was set (thanks to Gabriel Bertram for reporting)
- inverse_lookup6
- fixed to display only the IPv6 addresses (and not interpret other data as such)
- thc-ipv6-lib
- global addresses are now prefered over unique local if no destination is set
- fixed a bug in IPv4 CRC calculation function
- cppcheck and Coverity issues checked and fixed
- added spelling fixes by Debian maintainers
- Moved the license from GPLv3 to AGPLv3 (see LICENSE file)
- Support for big endian processors added
- Added new tool: fuzz_dhcps6 - DHCPv6 server fuzzer. Submitted by Brandon
Hutcheson and Graeme Neilson - great job, thanks!
- Added new tool: flood_redir6 - flooding with ICMPv6 redirects
- Added new tool: flood_rs6 - flooding with ICMPv6 Router Soliciations
- Added new tool: four2six - send an IPv4 packet via a 4to6 gateway
- Added new tool: dump_dhcp6 - show all DHCP6 servers and their config
- Added new script: six2four.sh - send an IPv6 packet via a 6to4 gateway
- All flooding tools:
- support now a specific target instead of all local nodes
- printing a dot for each 1000 packets sent (before: 100)
- alive6:
- renamed option -D to -C (common address scan), -D still works too
- added -4 IPv6address/range option
- added -H option to print the hop count value of received packets
- added -L option to only report local alive systems
- added -P option to only print addresses that would be scanned, but no scanning
- added -R option to not consider TCP-RST packets as alive signals
- NDP alives now also get their MAC addresses printed
- reworked help output, simple help screen with no option, full help with -h parameter
- clarified that ranges (from-to) should not be used together with -D -M or -4
- -W option waited for micro not milliseconds, fixed
- flood_router26
- added -S slow start option which makes the flooding a bit more effective
- added -G gigantic packet option (64kb, fragmented)
- increased number of route/prefix entries in normal (non -G option) packets
- rewrote the help screen
- thcsyn6:
- changed to also allow syn flooding on link local
- parasite6:
- added ROUTER flag to all packets to prevent being removed from the routing list
- trace6:
- added -u UDP switch
- fixed bug that showed targets sometimes too far away

Wed Oct 16 14:00:00 2013 Sven Uebelacker 2.3
- updated to version 2.3
- Added new tool: thcsyn5 - a TCP flooding tool
- Added new tool: redirsniff6 - redirects traffic (sniff variant to redir6)
- Added new script: thc-ipv6-setup.sh - configuring Linux for thc-ipv6
- Added new script: 6to4test.sh - check an ipv4 address for dynamic 6to4 tunnel setup
- flood_router26: added -s option for small lifetime which makes the attack even more devasting
- trace6:
- added -B option for sending echo reply packets (will not show the destination)
- added -E option for sending destination headers with invalid option
- thcping6:
- -U/-S port options now also set the source port
- -U/-S options now also send data if given
- -f fragment option can now be used multiple times
- implementation6:
- fixed bug in test case
- added icmp6 type/code printing for error replies
- toobig6: added -u option to allow testing for unrelated ICMPv6 packet firewall bypasses
- firewall6: added more test cases
- thc-ipv6-lib:
- fixed address selection bug if global and ULA addresses are present
- change NDP to use ff02::1:ffxx:xxx limited multicast addresses
- thc_resolve6 ignores now anything after a \"/\" or in before/after \"[]\"

Fri Dec 28 13:00:00 2012 Sven Uebelacker 2.1
- updated to version 2.1
- added new tool: dnssecwalk - performs NSEC walking including IPv6+IPv4
resolving
- added new tool: firewall6 - various TCP/UDP ACL bypass test cases
- added new tool: fake_pim6 - send fake hello and join/prune pim messages
- added new tool: ndpexhaust26 - very performant ndp exhauster based on ICMP
error toobig messages but can send many types of packets
- alive6: ranges are now supported in the input file too
- parasite6: enhancements to make it way more effective
- fake_router26: added overlap RA guard evasion type (-E o, -E O)
- dos-new-ip6: fix that only DAD replies are sent, not full NDP spoofing :-)
(thanks to Johannes Weber for reporting)
- flood_router26: Added local LAN privacy extension prevention attack by
George Kargiotakis
- randicmp6:
- added function which dumps icmp answers received
- added funtionality to send a specific type (and also code)
- dnsdict6: added SRV result address resolving
- trace6: fix for routers which add padding to the packets
- fuzz_ip6: added -X option for not sending a transport layer
- inject_alive6: added -a option to allow selective active alive sending
- fake_advertise6: when no srcmac was specified, it was sent as all zeroes
instead of the real mac (thanks to Jannes Weber for reporting)
- fixed various injection issues (mostly too large packets for MTU on
interface)
- thc-ipv6-lib: added function thc_send_as_overlapping_{first,last}_fragment6
- Added GPL exception clause to license to allow linking to OpenSSL - debian
people need this
- Makefile: added patch from gentoo maintainers

Mon Oct 15 14:00:00 2012 Sven Uebelacker 2.0
- updated to version 2.0
- new tools: alive6, flood_router26
- enhancement of trace6, thcping6, etc.
- patch for Makefile added (thcping6 double definition)

Mon Sep 24 14:00:00 2012 Sven Uebelacker 1.9
- updated to version 1.9
- new tools: detect_sniffer6, fake_router26, dnsrevenum6,
inverse_lookup6, fake_solicitate6, address6, passive_discovery6
- updated tools
- code cleanup
- detailed Changelog here: /usr/share/doc/packages/thc-ipv6/CHANGES

Mon Aug 22 14:00:00 2011 Sven Uebelacker 1.8
- updated to version 1.8: new tools, manpages, and options
- detailed Changelog here: /usr/share/doc/packages/thc-ipv6/CHANGES

Thu May 19 14:00:00 2011 Sven Uebelacker 1.6
- initial openSUSE port


 
ICM