Nmap ipv6-ra-flood NSE Script
This page contains detailed information about how to use the ipv6-ra-flood NSE script. For list of all NSE scripts, visit the Nmap NSE Library.
Script Overview
Script source code: https://github.com/nmap/nmap/tree/master/scripts/ipv6-ra-flood.nse
Script categories: dos, intrusive
Target service / protocol: -
Target network port(s): -
List of CVEs: -
Script Description
The ipv6-ra-flood.nse script generates a flood of Router Advertisements (RA) with random source MAC addresses and IPv6 prefixes. Computers, which have stateless autoconfiguration enabled by default (every major OS), will start to compute IPv6 suffix and update their routing table to reflect the accepted announcement. This will cause 100% CPU usage on Windows and platforms, preventing to process other application requests.
Vulnerable platforms:
- All Cisco IOS ASA with firmware < November 2010
- All Netscreen versions supporting IPv6
- Windows 2000/XP/2003/Vista/7/2008/8/2012
- All FreeBSD versions
- All NetBSD versions
- All Solaris/Illumos versions
Security advisory: http://www.mh-sec.de/downloads/mh-RA_flooding_CVE-2010-multiple.txt
WARNING: This script is dangerous and is very likely to bring down a server or network appliance. It should not be run in a production environment unless you (and, more importantly, the business) understand the risks!
Additional documents: https://tools.ietf.org/rfc/rfc6104.txt
Ipv6-ra-flood NSE Script Arguments
This is a full list of arguments supported by the ipv6-ra-flood.nse script:
ipv6-ra-flood.interfaceDefines interface we should broadcast on
ipv6-ra-flood.timeoutRuns the script until the timeout is reached (default: 30s). If timeout is zero, the script will run forever.
- - -
To use these script arguments, add them to the Nmap command line using the --script-args arg1=value,[arg2=value,..]
syntax. For example:
nmap --script=ipv6-ra-flood --script-args ipv6-ra-flood.interface=value,ipv6-ra-flood.timeout=value <target>
Ipv6-ra-flood NSE Script Example Usage
Here's an example of how to use the ipv6-ra-flood.nse script:
nmap -6 --script ipv6-ra-flood.nse
nmap -6 --script ipv6-ra-flood.nse --script-args 'interface=<interface>'
nmap -6 --script ipv6-ra-flood.nse --script-args 'interface=<interface>,timeout=10s'
Ipv6-ra-flood NSE Script Example Output
There is no sample output for this module.
Ipv6-ra-flood NSE Script Example XML Output
There is no sample XML output for this module. However, by providing the -oX <file>
option, Nmap will produce a XML output and save it in the file.xml
file.
Author
- Adam tevko
References
- https://nmap.org/nsedoc/scripts/ipv6-ra-flood.html
- https://github.com/nmap/nmap/tree/master/scripts/ipv6-ra-flood.nse
- http://www.mh-sec.de/downloads/mh-RA_flooding_CVE-2010-multiple.txt
- https://tools.ietf.org/rfc/rfc6104.txt
See Also
Related NSE scripts to the ipv6-ra-flood.nse script:
Visit Nmap NSE Library for more scripts.
Version
This page has been created based on Nmap version 7.92.