From: Gregory Duchemin (c3rb3rsympatico.ca)
Date: Sat Jul 10 2004 - 01:43:21 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,
DHCPing 0.90 (Unix) is available at http://dhcping.openwall.net.
It should be of a great help during your dhcp(d) security audits
providing a lot of options to create custom (in)valid dhcp/bootp traffic
a la Hping.
Also it features several exploits for the latest Isc Infoblox and Dlink
vulnerabilities i have recently reported to Bugtraq.
Some other implementation bugs along with some generic attacks have been
added.
Note all these flaws were discovered using DHCPing, most of them during
its very first development stage
so i expect several other problems to show up soon.
I would particularly appreciate feedback for unexplored implementations
like linksys, netgear, ...
so if you have such routers/fw, please share your findings that i can
keep the vulnerability table, available on the website, up to date.
DHCPing has been written in Perl, look at the downloads section on the
website for more informations before installing it.
I take this opportunity to thank Solar Designer who has kindly provided
DHCPing with a host.
Peace,
Gregory

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]