Hacking Routers with Python // Fake route injection to BLACK HOLE networks

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

i'm really excited to let you know that i'm going to be uploading a number of routing hacking videos i'm going to show you how you can use simple python scripts with scapy to hack writing protocols in this first video i'm going to show you how to hack eijrp which is a routing protocol used by cisco routers if you're interested i'll show you how to hack writing protocols such as ospf and hopefully bgp routing protocols are really important in networks you need to secure them otherwise it's very very easy to hack them now it's taken me a long time to put these videos together but hopefully the scripts that i've created will make it much easier for you now if you enjoy these types of hacking videos if you enjoy watching me create simple python scripts teach you how to use python teach you how to hack networks then please consider subscribing to my youtube channel please like this video and click on the bell to get notifications [Music] i'm actually going to create fake rats send fake packets to an eigrp router and get that router to add the rods to its routing table for this demonstration i'm using a real physical cisco router it's actually the router that i use in my home network to connect me to the internet so i'm going to create fake routes on a kali virtual machine use python to send those packets into the network and get that router to add those routes to its writing table and i'm going to run a denial of service attack so basically i'm going to tell the router that to get to various websites and you could decide which websites you want to inject rights for but in my example it's going to be cisco.com and facebook.com the router needs to send the traffic to a neighboring eigrp router that router doesn't know how to get to the internet so it's going to basically drop the packets i'm going to run a denial of service attack by creating a black hole by sending fake rats to an eigrp router there have been incidents in the past where certain isps have injected more specific routes into the global internet riding table and caused certain websites to be taken offline basically dos youtube as an example now as always don't use the information that i'm sharing here for non-ethical purposes only use what i'm sharing here for ethical purposes don't go out there and get into trouble make sure that you secure your networks make sure that you use authentication and passwords on your writing protocols because otherwise people can do things such as what i'm demonstrating in this video okay so here's my python script it's a very simple script i'm basically importing time i'm going to import escapee escapee is installed by default on kali linux so you don't have to install it i've put commands below this video if you want to know how to install scapy on an ubuntu machine as an example i'm loading eijorp i've created a loop i'm going to send a whole bunch of packets into the network now this allows me to inject a fake route into the network you need to create these fake packets correctly or forge these fake packets correctly so you need to understand a bit about writing protocols to be able to do this but notice the source ip address is the ip address of the router that's going to send the fake route that needs to be a router that already exists in the network here's my physical router that gives me internet access show version shows you that this is a cisco router it's a cisco 1941 router show ipeijrp neighbors we have one neighbor relationship that's a switch in my network we're going to leverage that neighbor relationship and inject routes as if they came from that neighbor so therefore in the script the source ip address is that ip address now if you don't know what those are in a network you can use wireshark to capture multicast packets eigrp uses this multicast destination address so that's the destination that we're going to send packets to you could use wireshark once again to capture packets see which devices are sending advertisements in a network now we're going to send an update message we're basically going to update the router with new routes so we're sending an update for autonomous system 100 this router is configured in autonomous system 100 once again you could see that information by running a wireshark captcha sequence number zero that's the neighbor relationship here that needs to be correct so that's the entry or identifier of the neighbor relationship which is zero in this example now if you don't know what that is you could specify a range of sequence numbers so you could say try sequence number 0 to 30 as an example to try and guess what the sequence number is so rather than knowing what the sequence number is you're just guessing a whole range of sequence numbers so you could do that but in my example i know what the sequence number is so i'm going to set it to zero acknowledgement is zero and what we're going to do is we're going to insert an internal eigrp route with this destination 192.168.100.0 this router currently doesn't have any eigrp rot in its routing table we've got a static route we've got some directly connected rods there are no eigrp routes in the routing table at the moment as you can see there show ip route eigrp no rots but i'm going to inject that rod into the routing table next top we're going to set to that neighbor now i've done something similar here i've just injected another rot the only difference here is it's 101 rather than 100. now here is where it gets interesting rather than just injecting any random fake routes we're actually going to inject a real route into the writing table and let me go back to windows so here we're going to dos cisco.com and facebook.com if you're not sure what those addresses are you can just do an ns lookup so i can see that cisco is using that address in my case so i'm going to dos 72 163 4.0 and then in my case facebook is using 157 240 214 something you'll need to use nslookup or just ping one of those addresses to see what it resolves to you so that you can attack that network here i'm pinging cisco.com notice 7261634.something in some cases you might need to inject multiple rots into the writing table to block those networks so on my mac as an example nslookup cisco.com because this is the device that i want to block and facebook.com it resolves to the same ip addresses so i'm going to inject fake routes that'll basically dos my network i won't be able to connect to those networks once i run my script so at the moment on my mac i can ping cisco.com and i can ping facebook.com so i can connect to those networks without a problem but that's because my router simply has a default route to the internet and some of you may have picked this up already so i'll just explain this here i actually have a router in front of my cisco router that was provided by my isp that is my adsl router so i've got an ethernet connection from my cisco rider to the service provider route in this case it's british telecom or bt that has adsl to the internet but i am running nat on my cisco rider so it's as if it's connected to the internet change default route i could inject a default route here now in this example i'm using an external eigrp rot so previously i was injecting internal eigrp routes here i'm injecting an external eigrp route with the autonomous system number 100 again destination is a default route and notice i've specified other options such as the origin router prefix length and various flags such as setting this as a candidate default route now in this example that route won't show in the routing table because a static route has a better preference but if i type show ipeijrp topology table you'll see the default route appear in the topology table at the moment it only has this route in the topology table and then i'll make the script sleep for two seconds and then start the loop again okay but that's enough talking so let's copy that script into kali kali in my example is running within vmware workstation player i have bridged the kali virtual machine to my wireless network card so that's the built-in wireless network card on my laptop i'm bridging kelly to that wireless network card i don't need an external adapter i'm using the internal built-in adapter and i'm going to be able to run these attacks okay so nano let's say eigrp route inject one dot py i'll paste that script in save the file python three eigrp rod injection before i press enter notice i can ping facebook.com from my mac i can ping cisco.com from my mac i'll leave cisco.com pinging press enter on my script okay i forgot to use sudo i need to use sudo here so i'll put sudo in front so sudo python i'll run that ping again put in my password and notice straight away i can't ping cisco.com it says time to live exceeded so basically i've blackholed cisco what about facebook.com also blackholed notice time to live exceeded and if i open up a web browser and try and go to cisco.com notice the website is unreachable and if i try and go to facebook.com notice website is unreachable i'm not able to get to cisco and i'm not able to get to facebook i have dusted my network by sending forged packets into the network if i look at my router previously it looked like that now notice a whole bunch of routes are added to the writing table including rats for facebook and cisco i've also got a default route that's in the topology table in the writing table show iprout shows me that i have multiple eigrp routes notice those two as well as these two i have essentially dosed my network by creating forged packets sending them into the network and updating the routing table of a real cisco router and i've created a black hole essentially stopping hosts on my network from accessing websites on the internet you need to enable authentication on your routers make sure that your routers running protocols such as eigrp ospf or bgp as an example have authentication enabled on them otherwise it's very easy for an attacker to create forged routes and add them to the routing tables of routers to create black holes or reroute traffic and run men in the middle attacks i could forge packets send them into the network and get your routers to send the traffic to me so that i can see the traffic in your network be very careful how you configure networks okay i hope you enjoyed this video if you did please consider subscribing to my youtube channel please like this video and click on the bell to get notifications i'm david bomble and i want to wish you all the very best [Music] [Music]

Info

Channel: David Bombal

Views: 60,548

Rating: undefined out of 5

Keywords: scapy, python scapy, eigrp, hacking cisco, hack cisco, hack cisco router, scapy python tutorial, scapy python, scapy python 3 tutorial, scapy python 3 example, scapy python pcap, python, scapy kali linux, python scapy projects, scapy tutorial, scapy python 3, hacking, scapy packet crafting, scapy tool, python projects, python hacking, ethical hacking, packets, networking, scapy python 2.7, scapy in python, kali linux, scapy python3, kali linux python, scapy sniffing

Id: 4ZWQrjijcZ4

Channel Id: undefined

Length: 12min 37sec (757 seconds)

Published: Mon Aug 16 2021