Yersinia - A Network Exploitation Tool

Yersinia - A Network Exploitation Tool

Yersinia is an open source network tool designed to take advantage of some weaknesses in different network protocols. It is capable of many diverse attacks over multiple protocols, such as becoming the root role in the Spanning Tree (Spanning Tree Protocol), creating virtual CDP (Cisco Discovery Protocol) neighbors, becoming the active router in a HSRP (Hot Standby Router Protocol) scenario, faking DHCP replies, and other low-level attacks.

Features:

  • 100% written in C. 
  • It uses libpcap, libnet and ncurses.
  • Runs on Linux, BSD and Solaris, Mac OSX
  • Multithreaded: it supports multiple users and multiple attacks per user.
  • Examine, analyze and watch your packets
  • Edit each protocol's fields
  • Capture your network data in pcap format.
  • Customize your preferences in a configuration file.
  • Monitor and capture packets from the network and replay them with your modifications.
  • Three main modes: command line, network client and ncurses GUI

Attacks for the following protocols are implemented in the latest release:
  • Spanning Tree Protocol (STP)
  • Cisco Discovery Protocol (CDP)
  • Dynamic Trunking Protocol (DTP)
  • Dynamic Host Configuration Protocol (DHCP)
  • Hot Standby Router Protocol (HSRP)
  • 802.1q
  • 802.1x
  • Inter-Switch Link Protocol (ISL)
  • VLAN Trunking Protocol (VTP)

Attacks

Spanning Tree Protocol:
  • Sending RAW Configuration BPDU
  • Sending RAW TCN BPDU
  • DoS sending RAW Configuration BPDU
  • DoS sending RAW TCN BPDU
  • Claiming Root Role
  • Claiming Other Role
  • Claiming Root Role dual home (MITM)


Cisco Discovery Protocol:
  • Sending RAW CDP packet
  • DoS flooding CDP neighbors table
  • Setting up a virtual device


Dynamic Host Configuration Protocol:
  • Sending RAW DHCP packet
  • DoS sending DISCOVER packet (exhausting ip pool)
  • Setting up rogue DHCP server
  • DoS sending RELEASE packet (releasing assigned ip)


Hot Standby Router Protocol:
  • Sending RAW HSRP packet
  • Becoming active router
  • Becoming active router (MITM)

Dynamic Trunking Protocol:
  • Sending RAW DTP packet
  • Enabling trunking
  • 802.1Q
  • Sending RAW 802.1Q packet
  • Sending double encapsulated 802.1Q packet
  • Sending 802.1Q ARP Poisoning
  • 802.1X
  • Sending RAW 802.1X packet
  • Mitm 802.1X with 2 interfaces

VLAN Trunking Protocol:
  • Sending RAW VTP packet
  • Deleting ALL VLANs
  • Deleting selected VLAN
  • Adding one VLAN
  • Catalyst crash

Usage:

  yersinia [-hVGIDd] [-l logfile] [-c conffile] protocol [protocol_options]  

-V   Program version.
-h   This help screen.
-G   Graphical mode (GTK).
-I   Interactive mode (ncurses).
-D   Daemon mode.
-d   Debug.
-l    logfile   Select logfile.
-c   conf-file  Select config file.

Yersinia GUI Image







from Effect Hacking full article here