SlideShare a Scribd company logo

IPv6 for Pentester

A
Amish Patadiya

- Basics of IPv6 - How to use IPv6 for network penetration test. - How to configure network security with respect to IPv6 - Tools of the trade for IPv6

Technology
1 of 45
Download to read offline
IPv6 for Pentester
Introduction Amish Patadiya: Designation & Company: ● Senior Security Consultant, NotSoSecure India Pvt. Ltd. Relevant Experience in Infosec: ● More than 7 years Contact: ● Email: amish.patadiya@gmail.com ● Twitter: @AmishPatadiya ● LinkedIn: https://in.linkedin.com/in/amish-patadiya
Topics covered ● What is IPv6? ● Text Representation of Address ● Address Types ● Pentester Scenario-1 ● Pentester Scenario-2 ● Pentester Scenario-3 ● Securing Network ● Tools of the trade
What is IPv6?
What is IPv6? ● Internet Protocol version 6 developed by the Internet Engineering Task Force (IETF) ● 128 bit address, theoretically allowing 2^128, or approximately 3.4×10^38 addresses ● Divided into 8 groups of 4 hexadecimal digits with group being separated by colons ○ For e.g. 2001:0db8:0000:0042:0000:8a2e:0370:7334 ● The IPv6 subnet size is standardized by fixing the size of the host identifier portion of an address to 64 bits.
Example of IPv6
Text Representation of Address
Text Representation of Address ● There are three conventional forms for representing IPv6 addresses as text strings:
Text Representation of Address 1) The preferred form is x:x:x:x:x:x:x:x, where the 'x's are one to four hexadecimal digits of the eight 16-bit pieces of the address. Examples: a) ABCD:EF01:2345:6789:ABCD:EF01:2345:6789 b) 2001:DB8:0:0:8:800:200C:417A
Text Representation of Address 2) The use of "::" indicates one or more groups of 16 bits of zeros. The "::" can only appear once in an address. The "::" can also be used to compress leading or trailing zeros in an address. a) For example, the following addresses i) 2001:DB8:0:0:8:800:200C:417A ii) FF01:0:0:0:0:0:0:101 iii) 0:0:0:0:0:0:0:1 iv) 0:0:0:0:0:0:0:0 b) may be represented as i) 2001:DB8::8:800:200C:417A ii) FF01::101 iii) ::1 iv) ::
Text Representation of Address 3) An alternative form that is sometimes more convenient when dealing with a mixed environment of IPv4 and IPv6 nodes is x:x:x:x:x:x:d.d.d.d, where the 'x's are the hexadecimal values of the six high-order 16-bit pieces of the address, and the 'd's are 8-bit pieces of the address (standard IPv4 representation). a) Examples: i) 0:0:0:0:0:0:13.1.68.3 ii) 0:0:0:0:0:FFFF:129.144.52.38 b) or in compressed form: i) ::13.1.68.3 ii) ::FFFF:129.144.52.38
Text Representation of Address Prefix ● Similar to the way IPv4 address prefixes are written in Classless Inter-Domain Routing (CIDR) notation [CIDR]. ipv6-address/prefix-length Where, ○ Ipv6-address - is an IPv6 address ○ Prefix-length - is a decimal value specifying how many of the leftmost contiguous bits of the address comprise the prefix.
Text Representation of Address Prefix ● For example, the following are legal representations of the 60-bit prefix 20010DB80000CD3 (hexadecimal): ○ 2001:0DB8:0000:CD30:0000:0000:0000:0000/60 ○ 2001:0DB8::CD30:0:0:0:0/60 ○ 2001:0DB8:0:CD30::/60
Address Types
Address Types Address type Binary prefix IPv6 notation Unspecified 00...0 (128 bits) ::/128 Loopback 00...1 (128 bits) ::1/128 Multicast 11111111 FF00::/8 Link-Local unicast 1111111010 FE80::/10 Unique-Local unicast 11111110 FC00::/7 Global Unicast (everything else) e.g. 00100000 [block for current assignment] 2000::/3
Address Types ● Link Local Unicast ○ Starts with FE80::/10 ○ Non Routable ○ Auto Assigned ○ Required ○ It is the first address ● Global Unicast ○ Starts with 2000::/3 ○ Globally Routable ○ Assigned by Internet Service Provider (ISP) / Regional Internet Registry (RIR) ● Unique Local Unicast ○ Starts with FC00::/7 ○ Internally Routable ○ Typically starts with FD00::/8
Pentester Scenario - 1
Pentester Scenario - 1 ● Services running on the server
Pentester Scenario - 1 ● Attacker machine
Pentester Scenario - 1 ● Services are accessible from attacker machine ○ SSH: ○ SNMP
Pentester Scenario - 1 ● Blocking attacker’s IP ‘192.168.1.117’
Pentester Scenario - 1 ● Services are no more accessible from attacker’s IP ‘192.168.1.117’
Pentester Scenario - 1
Pentester Scenario - 1 ● Services are accessible from attacker’s IPv6
Pentester Scenario - 2
Pentester Scenario - 2 ● What if a service running over IPv4 only?
Pentester Scenario - 2 ● Use socat to make it available over IPv6
Pentester Scenario - 2 ● Blocking attacker for IPv4 only service
Pentester Scenario - 2 ● IPv4 only service was still accessible using IPv6
Pentester Scenario - 3
Pentester Scenario - 3 ● Not many tools which supports IPv6 ● What to do if service is running on IPv6? ○ SNMP service running over IPv6
Pentester Scenario - 3 ● Think of scenario 2 in reverse.
Pentester Scenario - 3 ● Run IPv4 tools on ‘127.0.0.1’ address
Securing Network
Securing Network ● For Ubuntu (Linux):
Securing Network ● For Windows:
Tools of the trade
Tools of the trade ● Ping: ○ ping6 -I <interface> <IPv6 address>
Tools of the trade ● SSH: ○ ssh <user>@<IPv6 address>
Tools of the trade ● Telnet: ○ telnet <IPv6 address> <port number>
Tools of the trade ● Assigning an IPv6 address to an interface: ○ ip -6 addr add <IPv6 address/prefix> dev <interface>
Tools of the trade ● Assigning an IPv6 address to an interface: ○ ifconfig <interface> inet6 add <IPv6 address/prefix>
References ● IPv6 RFCs ● https://www.youtube.com/watch?v=DJSuLcw7zB0 ● http://www.infosec.gov.hk/english/technical/files/ipv6s.pdf ● http://www.dest-unreach.org/socat/doc/socat.html ● https://www.youtube.com/watch?v=O0mniyVioJk
IPv6 for Pentester

Recommended

Chat server nitish nagar
Chat server nitish nagarChat server nitish nagar
Chat server nitish nagarNitish Nagar
 
web service technologies
web service technologiesweb service technologies
web service technologiesYash Darak
 
Chat Application
Chat ApplicationChat Application
Chat Applicationkuldip kumar
 
SRS FOR CHAT APPLICATION
SRS FOR CHAT APPLICATIONSRS FOR CHAT APPLICATION
SRS FOR CHAT APPLICATIONAtul Kushwaha
 
Protocol Buffers
Protocol BuffersProtocol Buffers
Protocol BuffersKnoldus Inc.
 
Attacking REST API
Attacking REST APIAttacking REST API
Attacking REST APISiddharth Bezalwar
 
AVRO to JSON Conversion
AVRO to JSON ConversionAVRO to JSON Conversion
AVRO to JSON ConversionManjuKumara GH
 
Android Project Presentation
Android Project PresentationAndroid Project Presentation
Android Project PresentationLaxmi Kant Yadav
 

Recommended

Chat server nitish nagar
Chat server nitish nagarChat server nitish nagar
Chat server nitish nagarNitish Nagar
 
web service technologies
web service technologiesweb service technologies
web service technologiesYash Darak
 
Chat Application
Chat ApplicationChat Application
Chat Applicationkuldip kumar
 
SRS FOR CHAT APPLICATION
SRS FOR CHAT APPLICATIONSRS FOR CHAT APPLICATION
SRS FOR CHAT APPLICATIONAtul Kushwaha
 
Protocol Buffers
Protocol BuffersProtocol Buffers
Protocol BuffersKnoldus Inc.
 
Attacking REST API
Attacking REST APIAttacking REST API
Attacking REST APISiddharth Bezalwar
 
AVRO to JSON Conversion
AVRO to JSON ConversionAVRO to JSON Conversion
AVRO to JSON ConversionManjuKumara GH
 
Android Project Presentation
Android Project PresentationAndroid Project Presentation
Android Project PresentationLaxmi Kant Yadav
 
Why rust?
Why rust?Why rust?
Why rust?Mats Kindahl
 
An Introduction to Hashing and Salting
An Introduction to Hashing and SaltingAn Introduction to Hashing and Salting
An Introduction to Hashing and SaltingRahul Singh
 
Introduction to Rust language programming
Introduction to Rust language programmingIntroduction to Rust language programming
Introduction to Rust language programmingRodolfo Finochietti
 
Python for the Network Nerd
Python for the Network NerdPython for the Network Nerd
Python for the Network NerdMatt Bynum
 
Configuración del servidor smtp centos
Configuración del servidor smtp centosConfiguración del servidor smtp centos
Configuración del servidor smtp centosHumano Terricola
 
Lessons Learned from Building 100+ C++/Qt/QML Devices
Lessons Learned from Building 100+ C++/Qt/QML DevicesLessons Learned from Building 100+ C++/Qt/QML Devices
Lessons Learned from Building 100+ C++/Qt/QML DevicesICS
 
Chat application android app ppt
Chat application android app pptChat application android app ppt
Chat application android app pptZreena
 
Go lang
Go langGo lang
Go langSuelen Carvalho
 
Web security uploadv1
Web security uploadv1Web security uploadv1
Web security uploadv1Setia Juli Irzal Ismail
 
Chat Application | RSD
Chat Application | RSDChat Application | RSD
Chat Application | RSDRajon
 
Asterisk: the future is at REST
Asterisk: the future is at RESTAsterisk: the future is at REST
Asterisk: the future is at RESTPaloSanto Solutions
 
Rest API Security
Rest API SecurityRest API Security
Rest API SecurityStormpath
 
Swift Tutorial For Beginners | Swift Programming Tutorial | IOS App Developme...
Swift Tutorial For Beginners | Swift Programming Tutorial | IOS App Developme...Swift Tutorial For Beginners | Swift Programming Tutorial | IOS App Developme...
Swift Tutorial For Beginners | Swift Programming Tutorial | IOS App Developme...Edureka!
 
Keycloak SSO basics
Keycloak SSO basicsKeycloak SSO basics
Keycloak SSO basicsJuan Vicente Herrera Ruiz de Alejo
 
Expanding Asterisk with Kamailio
Expanding Asterisk with KamailioExpanding Asterisk with Kamailio
Expanding Asterisk with KamailioFred Posner
 
Introduction to Angularjs
Introduction to AngularjsIntroduction to Angularjs
Introduction to AngularjsManish Shekhawat
 
SQL Injection
SQL Injection SQL Injection
SQL Injection Adhoura Academy
 
Neat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protectionNeat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protectionMikhail Egorov
 
Reverse proxies & Inconsistency
Reverse proxies & InconsistencyReverse proxies & Inconsistency
Reverse proxies & InconsistencyGreenD0g
 
Sql Injection
Sql InjectionSql Injection
Sql InjectionAju Thomas
 
4 ipv6
4 ipv64 ipv6
4 ipv6Jadavsejal
 
CN 5151(15) Module II part 2 13082020.pdf
CN 5151(15) Module II part 2 13082020.pdfCN 5151(15) Module II part 2 13082020.pdf
CN 5151(15) Module II part 2 13082020.pdfADARSHN40
 

More Related Content

What's hot

An Introduction to Hashing and Salting
An Introduction to Hashing and SaltingAn Introduction to Hashing and Salting
An Introduction to Hashing and SaltingRahul Singh
 
Introduction to Rust language programming
Introduction to Rust language programmingIntroduction to Rust language programming
Introduction to Rust language programmingRodolfo Finochietti
 
Python for the Network Nerd
Python for the Network NerdPython for the Network Nerd
Python for the Network NerdMatt Bynum
 
Configuración del servidor smtp centos
Configuración del servidor smtp centosConfiguración del servidor smtp centos
Configuración del servidor smtp centosHumano Terricola
 
Lessons Learned from Building 100+ C++/Qt/QML Devices
Lessons Learned from Building 100+ C++/Qt/QML DevicesLessons Learned from Building 100+ C++/Qt/QML Devices
Lessons Learned from Building 100+ C++/Qt/QML DevicesICS
 
Chat application android app ppt
Chat application android app pptChat application android app ppt
Chat application android app pptZreena
 
Chat Application | RSD
Chat Application | RSDChat Application | RSD
Chat Application | RSDRajon
 
Rest API Security
Rest API SecurityRest API Security
Rest API SecurityStormpath
 
Swift Tutorial For Beginners | Swift Programming Tutorial | IOS App Developme...
Swift Tutorial For Beginners | Swift Programming Tutorial | IOS App Developme...Swift Tutorial For Beginners | Swift Programming Tutorial | IOS App Developme...
Swift Tutorial For Beginners | Swift Programming Tutorial | IOS App Developme...Edureka!
 
Expanding Asterisk with Kamailio
Expanding Asterisk with KamailioExpanding Asterisk with Kamailio
Expanding Asterisk with KamailioFred Posner
 
Neat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protectionNeat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protectionMikhail Egorov
 
Reverse proxies & Inconsistency
Reverse proxies & InconsistencyReverse proxies & Inconsistency
Reverse proxies & InconsistencyGreenD0g
 

What's hot (20)

Why rust?
Why rust?Why rust?
Why rust?
 
An Introduction to Hashing and Salting
An Introduction to Hashing and SaltingAn Introduction to Hashing and Salting
An Introduction to Hashing and Salting
 
Introduction to Rust language programming
Introduction to Rust language programmingIntroduction to Rust language programming
Introduction to Rust language programming
 
Python for the Network Nerd
Python for the Network NerdPython for the Network Nerd
Python for the Network Nerd
 
Configuración del servidor smtp centos
Configuración del servidor smtp centosConfiguración del servidor smtp centos
Configuración del servidor smtp centos
 
Lessons Learned from Building 100+ C++/Qt/QML Devices
Lessons Learned from Building 100+ C++/Qt/QML DevicesLessons Learned from Building 100+ C++/Qt/QML Devices
Lessons Learned from Building 100+ C++/Qt/QML Devices
 
Chat application android app ppt
Chat application android app pptChat application android app ppt
Chat application android app ppt
 
Go lang
Go langGo lang
Go lang
 
Web security uploadv1
Web security uploadv1Web security uploadv1
Web security uploadv1
 
Chat Application | RSD
Chat Application | RSDChat Application | RSD
Chat Application | RSD
 
Asterisk: the future is at REST
Asterisk: the future is at RESTAsterisk: the future is at REST
Asterisk: the future is at REST
 
Rest API Security
Rest API SecurityRest API Security
Rest API Security
 
Swift Tutorial For Beginners | Swift Programming Tutorial | IOS App Developme...
Swift Tutorial For Beginners | Swift Programming Tutorial | IOS App Developme...Swift Tutorial For Beginners | Swift Programming Tutorial | IOS App Developme...
Swift Tutorial For Beginners | Swift Programming Tutorial | IOS App Developme...
 
Keycloak SSO basics
Keycloak SSO basicsKeycloak SSO basics
Keycloak SSO basics
 
Expanding Asterisk with Kamailio
Expanding Asterisk with KamailioExpanding Asterisk with Kamailio
Expanding Asterisk with Kamailio
 
Introduction to Angularjs
Introduction to AngularjsIntroduction to Angularjs
Introduction to Angularjs
 
SQL Injection
SQL Injection SQL Injection
SQL Injection
 
Neat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protectionNeat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protection
 
Reverse proxies & Inconsistency
Reverse proxies & InconsistencyReverse proxies & Inconsistency
Reverse proxies & Inconsistency
 
Sql Injection
Sql InjectionSql Injection
Sql Injection
 

Similar to IPv6 for Pentester

CN 5151(15) Module II part 2 13082020.pdf
CN 5151(15) Module II part 2 13082020.pdfCN 5151(15) Module II part 2 13082020.pdf
CN 5151(15) Module II part 2 13082020.pdfADARSHN40
 
Ppt fnr arbitrary length small domain block cipher proposal
Ppt fnr arbitrary length small domain block cipher proposalPpt fnr arbitrary length small domain block cipher proposal
Ppt fnr arbitrary length small domain block cipher proposalKarunakar Saroj
 
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...Design and Implementation of Ipv6 Address Using Cryptographically Generated A...
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...IJERA Editor
 
IP Address
IP AddressIP Address
IP AddressRahul P
 
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...Alexandre Moneger
 
ipv6 presentation by Rahul uit BU
ipv6 presentation by Rahul uit BUipv6 presentation by Rahul uit BU
ipv6 presentation by Rahul uit BURahul Singh
 
Network Test Automation - Net Ops Coding 2015
Network Test Automation - Net Ops Coding 2015Network Test Automation - Net Ops Coding 2015
Network Test Automation - Net Ops Coding 2015Hiroshi Ota
 
File 10 - CSX 334 _VRA NBO.ppsx
File 10 - CSX 334 _VRA NBO.ppsxFile 10 - CSX 334 _VRA NBO.ppsx
File 10 - CSX 334 _VRA NBO.ppsxgaurav201196
 
IPv4 & IPv6 .pptx
IPv4 & IPv6 .pptxIPv4 & IPv6 .pptx
IPv4 & IPv6 .pptxhakxcore
 
Why We Need IPv6
Why We Need IPv6Why We Need IPv6
Why We Need IPv6Netwax Lab
 
[CB19] New threats are already around you, the IPV6 attack must be understood...
[CB19] New threats are already around you, the IPV6 attack must be understood...[CB19] New threats are already around you, the IPV6 attack must be understood...
[CB19] New threats are already around you, the IPV6 attack must be understood...CODE BLUE
 
Networking essentials lect2
Networking essentials lect2Networking essentials lect2
Networking essentials lect2Roman Brovko
 
IPv6 - The Next next generation protocol
IPv6 - The Next next generation protocolIPv6 - The Next next generation protocol
IPv6 - The Next next generation protocolMohit Sharma
 

Similar to IPv6 for Pentester (20)

4 ipv6
4 ipv64 ipv6
4 ipv6
 
CN 5151(15) Module II part 2 13082020.pdf
CN 5151(15) Module II part 2 13082020.pdfCN 5151(15) Module II part 2 13082020.pdf
CN 5151(15) Module II part 2 13082020.pdf
 
Ppt fnr arbitrary length small domain block cipher proposal
Ppt fnr arbitrary length small domain block cipher proposalPpt fnr arbitrary length small domain block cipher proposal
Ppt fnr arbitrary length small domain block cipher proposal
 
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...Design and Implementation of Ipv6 Address Using Cryptographically Generated A...
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...
 
IPv4 and IPv6
IPv4 and IPv6IPv4 and IPv6
IPv4 and IPv6
 
Ipv6
Ipv6Ipv6
Ipv6
 
I pv4 and ipv6
I pv4 and ipv6I pv4 and ipv6
I pv4 and ipv6
 
Introduction to IPv6
Introduction to IPv6Introduction to IPv6
Introduction to IPv6
 
IP Address
IP AddressIP Address
IP Address
 
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...
 
ipv6 presentation by Rahul uit BU
ipv6 presentation by Rahul uit BUipv6 presentation by Rahul uit BU
ipv6 presentation by Rahul uit BU
 
Network.pptx
Network.pptxNetwork.pptx
Network.pptx
 
Network Layer And I Pv6
Network Layer And I Pv6Network Layer And I Pv6
Network Layer And I Pv6
 
Network Test Automation - Net Ops Coding 2015
Network Test Automation - Net Ops Coding 2015Network Test Automation - Net Ops Coding 2015
Network Test Automation - Net Ops Coding 2015
 
File 10 - CSX 334 _VRA NBO.ppsx
File 10 - CSX 334 _VRA NBO.ppsxFile 10 - CSX 334 _VRA NBO.ppsx
File 10 - CSX 334 _VRA NBO.ppsx
 
IPv4 & IPv6 .pptx
IPv4 & IPv6 .pptxIPv4 & IPv6 .pptx
IPv4 & IPv6 .pptx
 
Why We Need IPv6
Why We Need IPv6Why We Need IPv6
Why We Need IPv6
 
[CB19] New threats are already around you, the IPV6 attack must be understood...
[CB19] New threats are already around you, the IPV6 attack must be understood...[CB19] New threats are already around you, the IPV6 attack must be understood...
[CB19] New threats are already around you, the IPV6 attack must be understood...
 
Networking essentials lect2
Networking essentials lect2Networking essentials lect2
Networking essentials lect2
 
IPv6 - The Next next generation protocol
IPv6 - The Next next generation protocolIPv6 - The Next next generation protocol
IPv6 - The Next next generation protocol
 

Recently uploaded

Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 

Recently uploaded (20)

Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 

IPv6 for Pentester

  • 2. Introduction Amish Patadiya: Designation & Company: ● Senior Security Consultant, NotSoSecure India Pvt. Ltd. Relevant Experience in Infosec: ● More than 7 years Contact: ● Email: amish.patadiya@gmail.com ● Twitter: @AmishPatadiya ● LinkedIn: https://in.linkedin.com/in/amish-patadiya
  • 3. Topics covered ● What is IPv6? ● Text Representation of Address ● Address Types ● Pentester Scenario-1 ● Pentester Scenario-2 ● Pentester Scenario-3 ● Securing Network ● Tools of the trade
  • 5. What is IPv6? ● Internet Protocol version 6 developed by the Internet Engineering Task Force (IETF) ● 128 bit address, theoretically allowing 2^128, or approximately 3.4×10^38 addresses ● Divided into 8 groups of 4 hexadecimal digits with group being separated by colons ○ For e.g. 2001:0db8:0000:0042:0000:8a2e:0370:7334 ● The IPv6 subnet size is standardized by fixing the size of the host identifier portion of an address to 64 bits.
  • 8. Text Representation of Address ● There are three conventional forms for representing IPv6 addresses as text strings:
  • 9. Text Representation of Address 1) The preferred form is x:x:x:x:x:x:x:x, where the 'x's are one to four hexadecimal digits of the eight 16-bit pieces of the address. Examples: a) ABCD:EF01:2345:6789:ABCD:EF01:2345:6789 b) 2001:DB8:0:0:8:800:200C:417A
  • 10. Text Representation of Address 2) The use of "::" indicates one or more groups of 16 bits of zeros. The "::" can only appear once in an address. The "::" can also be used to compress leading or trailing zeros in an address. a) For example, the following addresses i) 2001:DB8:0:0:8:800:200C:417A ii) FF01:0:0:0:0:0:0:101 iii) 0:0:0:0:0:0:0:1 iv) 0:0:0:0:0:0:0:0 b) may be represented as i) 2001:DB8::8:800:200C:417A ii) FF01::101 iii) ::1 iv) ::
  • 11. Text Representation of Address 3) An alternative form that is sometimes more convenient when dealing with a mixed environment of IPv4 and IPv6 nodes is x:x:x:x:x:x:d.d.d.d, where the 'x's are the hexadecimal values of the six high-order 16-bit pieces of the address, and the 'd's are 8-bit pieces of the address (standard IPv4 representation). a) Examples: i) 0:0:0:0:0:0:13.1.68.3 ii) 0:0:0:0:0:FFFF:129.144.52.38 b) or in compressed form: i) ::13.1.68.3 ii) ::FFFF:129.144.52.38
  • 12. Text Representation of Address Prefix ● Similar to the way IPv4 address prefixes are written in Classless Inter-Domain Routing (CIDR) notation [CIDR]. ipv6-address/prefix-length Where, ○ Ipv6-address - is an IPv6 address ○ Prefix-length - is a decimal value specifying how many of the leftmost contiguous bits of the address comprise the prefix.
  • 13. Text Representation of Address Prefix ● For example, the following are legal representations of the 60-bit prefix 20010DB80000CD3 (hexadecimal): ○ 2001:0DB8:0000:CD30:0000:0000:0000:0000/60 ○ 2001:0DB8::CD30:0:0:0:0/60 ○ 2001:0DB8:0:CD30::/60
  • 15. Address Types Address type Binary prefix IPv6 notation Unspecified 00...0 (128 bits) ::/128 Loopback 00...1 (128 bits) ::1/128 Multicast 11111111 FF00::/8 Link-Local unicast 1111111010 FE80::/10 Unique-Local unicast 11111110 FC00::/7 Global Unicast (everything else) e.g. 00100000 [block for current assignment] 2000::/3
  • 16. Address Types ● Link Local Unicast ○ Starts with FE80::/10 ○ Non Routable ○ Auto Assigned ○ Required ○ It is the first address ● Global Unicast ○ Starts with 2000::/3 ○ Globally Routable ○ Assigned by Internet Service Provider (ISP) / Regional Internet Registry (RIR) ● Unique Local Unicast ○ Starts with FC00::/7 ○ Internally Routable ○ Typically starts with FD00::/8
  • 18. Pentester Scenario - 1 ● Services running on the server
  • 19. Pentester Scenario - 1 ● Attacker machine
  • 20. Pentester Scenario - 1 ● Services are accessible from attacker machine ○ SSH: ○ SNMP
  • 21. Pentester Scenario - 1 ● Blocking attacker’s IP ‘192.168.1.117’
  • 22. Pentester Scenario - 1 ● Services are no more accessible from attacker’s IP ‘192.168.1.117’
  • 24. Pentester Scenario - 1 ● Services are accessible from attacker’s IPv6
  • 26. Pentester Scenario - 2 ● What if a service running over IPv4 only?
  • 27. Pentester Scenario - 2 ● Use socat to make it available over IPv6
  • 28. Pentester Scenario - 2 ● Blocking attacker for IPv4 only service
  • 29. Pentester Scenario - 2 ● IPv4 only service was still accessible using IPv6
  • 31. Pentester Scenario - 3 ● Not many tools which supports IPv6 ● What to do if service is running on IPv6? ○ SNMP service running over IPv6
  • 32. Pentester Scenario - 3 ● Think of scenario 2 in reverse.
  • 33. Pentester Scenario - 3 ● Run IPv4 tools on ‘127.0.0.1’ address
  • 35. Securing Network ● For Ubuntu (Linux):
  • 37. Tools of the trade
  • 38. Tools of the trade ● Ping: ○ ping6 -I <interface> <IPv6 address>
  • 39. Tools of the trade ● SSH: ○ ssh <user>@<IPv6 address>
  • 40. Tools of the trade ● Telnet: ○ telnet <IPv6 address> <port number>
  • 41. Tools of the trade ● Assigning an IPv6 address to an interface: ○ ip -6 addr add <IPv6 address/prefix> dev <interface>
  • 42. Tools of the trade ● Assigning an IPv6 address to an interface: ○ ifconfig <interface> inet6 add <IPv6 address/prefix>
  • 43.
  • 44. References ● IPv6 RFCs ● https://www.youtube.com/watch?v=DJSuLcw7zB0 ● http://www.infosec.gov.hk/english/technical/files/ipv6s.pdf ● http://www.dest-unreach.org/socat/doc/socat.html ● https://www.youtube.com/watch?v=O0mniyVioJk