Exploiting Cisco Switches ( DHCP Attack)

In this chapter I’m demonstrating you to attack a DHCP Server in a weak network…this can be also known as a DoS attack (Denial of Service Attack). In order to stop these attacks we should configure DHCP Snooping in the Switch to stop these kind of attacks. In this attack we will be mainly looking at,

  • Setting up a rouge DHCP Server
  • Redirect all the traffic to kali Linux (MITM)
  • Capture Username and Passwords using Wireshark

In this Attack you can simulate the attack using GNS, EVEng, Cisco Viral etc.

Step !!!

  1. Configure a DHCP Pool in the L3 Switch using any IP range
  2. Start the Tool “Yersinia” (We installed in the earlier chap) and select DHCP and Launch Attack and select Discover Packets.

DHCP Attack

  1. Then you can lot of DHCP messages are been sent to the switch

Then In the cisco Switch type “ Show DHCP Bindings” You will see many Ip addresses are being allocated.

Now lets setup a DHCP Rouge Server (go to DHCP, Launch attack and select DHCP rouge server)

Then enter the IP Address range, Deafult gateway etc.. on the DHCP Rouge Server

Add Pool Details

  • Then Check the Host, they will receive IP addresses from your DHCP Rouge Server.
  • Then type this code in the Linux terminal to direct taffic
  • Then lets Capture Packets Using Wireshark
  • Open the Switch using Putty enabling your password on the cisco switch
  • Then in Wireshark select Telnet Packets and find for the Data as below
  • Then for Better view, select the packet and right click > Follow > TCP Stream.. Then you will view the Password

--

--

--

Security Researcher | Web App & Network Penetration Tester

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Meet DisBalancer: decentralized system to ensure DDoS resistance

Mimecast at the OWASP Open Security Summit (OSS) 2019

(Archive) Hacking millions of dollars for fun and charity

SMS Replacement is Risking Users to Text, Call Interception Thanks to Sloppy Telecos

SMS Replacement is Risking Users to Text, Call Interception Thanks to Sloppy Telecos

CyberFi V2 Soft Launch and Large Biz&Dev Update

{UPDATE} Asylum Night Shift 3 - Haunted Hospital Hack Free Resources Generator

Cisco Anyconnect For Mac High Sierra

Tokenization and Governance components of IC DAPP, introducing how SNS system

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Supun Halangoda (Suppa)

Supun Halangoda (Suppa)

Security Researcher | Web App & Network Penetration Tester

More from Medium

3 approaches to speed up the For Loop and While loop in Python

THM Writeup— BLUE: Deploy and hack into a Windows machine, leveraging common misconfiguration…

Limit User’s Access [ Linux Syst

If you’re a sysadmin who spends a lot of time staring at that black and white screen having opened…