full-disclosure-uk August 2008 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] Hacking OSPF with MD5

Re: [Full-disclosure] Hacking OSPF with MD5 authentication enabled

From: GomoR <fd_at_nospam>
Date: Thu Aug 21 2008 - 11:15:33 GMT
To: full-disclosure@lists.grok.org.uk


Hi,

this is exactly what I have implemented in OSPF Attack Shell tool more than one year ago for IT Underground 2007 conference:

http://www.gomor.org/files/ospf-ash.pl

And for a more information regarding the tool:

http://www.gomor.org/bin/view/OspfAsh  

On Thu, Aug 21, 2008 at 12:46:04PM +0200, Francois Ropert wrote:
> Hi,
>
> I've done succesful attack on OSPF routing protocol when MD5
> authentication is enabled (aka the best workaround out there) on Cisco
> IOS routers.
>
> Here's my blog post : http://snurl.com/3i6gj [blog_packetfault_org]
>
> Francois
> http://twitter.com/pello
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-- ^ ___ ___ http://www.GomoR.org/ <-+ | / __ |__/ Research Engineer | | \__/ | \ ---[ zsh$ alias psed='perl -pe ' ]--- | +--> Net::Frame <=> http://search.cpan.org/~gomor/ <---+ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/