Abusing ICMPv6 to manipulate network traffic
In this blog I will explain the mechanics of the attack that uses ICMPv6 protocol, more particularly, two of its message types to redirect the network traffic over an arbitrary device. ICMPv6 shares a lot of common functionality with its v4 equivalent. Even the two attacks I will describe in more details have been proven in the ICMPv4. It seems the reason that ICMPv6 remains vulnerable to them is vendors view that the desired behavior of the operating systems is such by design. The foundation of the attacks are two message types - Router Advertisement and ICMP Redirect. As one may infer, Router Advertisement is essentially telling the network devices that a new (attacker's) device is a router for a designated route. ICMP Redirect missuses the capability of ICMP protocol to redirect traffic over an alternative IP address if the network gets congested, for example, and the default gateway is no longer the best route. Let us start with an example of Router Advertisement where an att