Penetration Testing mailing list archives
Re: VLAN Issue
From: Damieon Stark <visigoth () covertdata net>
Date: Mon, 11 Jun 2001 22:05:30 +0600
As was once said by the wise hellNbak, on Sun, Jun 10, 2001 at 12:59:09AM -0400:
Hi everyone. I am looking for an actual exploit to verify the VLAN hopping issue that was reported back in 1999. I have found a bunch of docs and a few email threads on it but it seems that no one has generated a working exploit.
Just to double check, the network you are working with is using vlan trunking on multiple switches correct? I have commonly met the misconception about that being an issue for VLAN's on just one switch... I do recall writing a small utility (which I can't find now of course ;) which did confirm in our lab that it was possible to inject vlan hopping frames. I couldn't seem to find any code online either, but just wanted to pipe up and let you know it HAD for SURE been done...
I am in the unfortunate situation where I have a client who is refusing to believe the documentation and actually wants a live demo. Why isn't reading an RFC and pointing out flaws enough for people anymore??
Once again the old axiom: "This job would be perfect if it weren't for the damn customers." ;) Damieon Stark, CCSE Unix/Network security specialist <plug> currently seeking employment </plug>
Attachment:
_bin
Description:
Current thread:
- VLAN Issue hellNbak (Jun 10)
- Re: VLAN Issue Damieon Stark (Jun 11)
- Re: VLAN Issue Ryan Russell (Jun 12)
- Re: VLAN Issue Damieon Stark (Jun 12)
- Re: VLAN Issue Ryan Russell (Jun 12)
- <Possible follow-ups>
- RE: VLAN Issue Brewis, Mark (Jun 12)
- RE: VLAN Issue Osborne-1, Brett (Jun 12)
- RE: VLAN Issue John . Curran (Jun 13)
- Re: VLAN Issue Damieon Stark (Jun 11)