Vulnerability Development mailing list archives

Re: Hijack IP Address using cable modem

From: Nick Summy <playboy () NETINS NET>
Date: Wed, 28 Mar 2001 08:09:01 -0600

Now I hardly know anything about this subject, so correct me If im wrong,
but I have a few questions.

From what it looks like, your computer is able to see all requests for IP

addresses on some cable networks.  Now lets say you got an IP address that
was orignaly supposed to be going to someone else.  A. Wouldnt the cable
network realize that the IP Address didnt go to the correct person
(verification by MAC Address?) and B. Where does this leave person who the
IP address was originally supposed to go to?  Do they just request another
one and get it?  And if so would the cable network allow a person to grab 2
IP addresses?

I may be totally off based by this,  and if so let me know,  but these seem
like common sense questions.

Nick Summy



-----Original Message-----
From: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]On Behalf Of
Patrick Maartense
Sent: Wednesday, March 28, 2001 2:14 AM
To: VULN-DEV () SECURITYFOCUS COM
Subject: Hijack IP Address using cable modem


DISCLAIMER
A large cablenetwork company has been informed of this MISBEHAVIOUR and
threatened to disconnect me. they would not think of a proper sollution :

Purpose: A Hackers dream, work from your won PC with IP Addresses someone
else owns:

In short, Occupy IP Addresses someone else normally owns.
Normal Broadband Cable networks either give out DHCP Addresses or a Fix
Address or Address range.

When doing a SNIF on the outbound iface a proper designed network should
not broadcast ARP request not meant for the network on that end of the
CableModem.

Some Networks However are Weak Configurred and broadcast ARP for the
entire shared medium through all Cable Modems attached to that Network.

A smart hacker would setup the outbound iface to reply to all ARP requests
it gets, therefor being able to take any IP Address that is broadcasted
for.

This makes folliwng possible:

Dos.
Hacking using Outhers  Addresses
Not to mention all other fun...


any Comments on this ?

--
---
Kind Regards
Patrick Maartense (using Pine on a Text Console)

Current thread:

Hijack IP Address using cable modem Patrick Maartense (Mar 28)
- Re: Hijack IP Address using cable modem Nick Summy (Mar 28)
  - Re: Hijack IP Address using cable modem Patrick Patterson (Mar 28)
    - Re: Hijack IP Address using cable modem cdowns (Mar 28)
    - Re: Hijack IP Address using cable modem Larry W. Cashdollar (Mar 28)
    - Re: Hijack IP Address using cable modem Bill Munger (Mar 29)
    - Re: Hijack IP Address using cable modem Mathias Wegner (Mar 28)
    - Re: Hijack IP Address using cable modem Dick Visser (Mar 28)
    - Re: Hijack IP Address using cable modem Reb (Mar 29)
    - Re: Hijack IP Address using cable modem Patrick Maartense (Mar 28)
    - Re: Hijack IP Address using cable modem Patrick Maartense (Mar 28)
    - Re: Hijack IP Address using cable modem Nick Summy (Mar 29)

(Thread continues...)