EtherOops: Exploring Practical Methods to Exploit Ethernet Packet-in-Packet Attacks
The concept of physical layer conditions in which a packet is re-evaluated in transit leading to a packet-in-packet attack has been shown in multiple protocols in the past. However, applying this logic to the Ethernet protocol was only considered a theoretical capability. In this talk, we explore various ways in which this attack can become both practical and powerful. Using this attack, we show how an attacker can bypass Firewall and NAT solutions, even when targeting networks directly from the Internet. Combining this attack with fringe use-cases we discovered in the IPv6 implementations in Windows and Linux, we show how an attacker can use this attack to establish a man-in-the-middle position on the Internet traffic of a certain organization, through which he can eavesdrop on corporate communications, or carry out additional attacks.
By Ben Seri and Armis Gregory Vishnepolsky
Full Abstract & Presentation Materials: Ben Seri & Gregory Vishnepolsky
by Black Hat
linux dns server
