Offensive Security Tool: VLANPWN
Reading Time: 2 Minutes
VLANPWN
VLANPWN is a tool written by in9uz, it is divided into 2 python scripts.
DoubleTagging.py – It is designed to carry out a VLAN Hopping attack as a result of the injection of a frame with two 802.1Q tags.
DTPHijacking.py – A script for conducting a DTP Switch Spoofing/Hijacking attack. It sends a malicious DTP-Desirable frame, as a result of which the attacker’s machine becomes a trunk channel. The impact of this attack is that you can bypass the segmentation of VLAN networks and see all the traffic of VLAN networks.
A great tool to test for the Red Team and Pentesters when performing Internal pentesting and post-exploitation techniques.
See Also: So you want to be a hacker?
Complete Offensive Security and Ethical Hacking Course
Example:
python3 DoubleTagging.py --interface eth0 --nativevlan 1 --targetvlan 20 --victim 10.10.20.24 --attacker 10.10.10.54
Trending: Recon Tool: ReconSpider
Trending: Offensive Security Tool: Arjun
Example:
python3 DTPHijacking.py --interface eth0
Disclaimer
This tool is provided for educational and research purpose only. The author of this project are no way responsible for any misuse of this tool. We use it to test under NDA agreements with clients and their consents for Pentesting purposes and we never encourage to misuse or take responsibility for any damage caused!
Clone the repo from here: GitHub Link