You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I write this as an issue, but it could be a feature / improvement.
During a couple of penetration tests I observed that most Windows clients have ipv6 enabled but they do not have an ipv6 address assigned. In addition it seems that windows OS gives highest priority to the next received lease, does not matter if it's ipv4 or ipv6.
The result: ipv6 dhcp takes over already assigned ipv4 address.
Just presenting yourself as ipv6 dhcp server and serving ipv6 dhcp client requests is a very simple way to poisoning windows clients in the local network both dns and ip and get your "wpad" offered easily, as well as any other exploit.
The text was updated successfully, but these errors were encountered:
I write this as an issue, but it could be a feature / improvement.
During a couple of penetration tests I observed that most Windows clients have ipv6 enabled but they do not have an ipv6 address assigned. In addition it seems that windows OS gives highest priority to the next received lease, does not matter if it's ipv4 or ipv6.
The result: ipv6 dhcp takes over already assigned ipv4 address.
Just presenting yourself as ipv6 dhcp server and serving ipv6 dhcp client requests is a very simple way to poisoning windows clients in the local network both dns and ip and get your "wpad" offered easily, as well as any other exploit.
The text was updated successfully, but these errors were encountered: