In this chapter, we learned to use various tools to assess different layers of the OSI protocol stack. We covered tools that attack layer 2 protocol implementations, namely ARP and other MAC-based authentication schemes.
We also covered simple ARP poisoning attacks using ArpSpoof and saw how to forge MAC addresses. Building on this, we applied these techniques to perform full MITM attacks that allow us to intercept traffic and spoof DNS servers.
The chapter also included sections dedicated to techniques that target SMTP and SNMP services on a local network. These sections detailed the usage of a tool called snmpwalk
as well as the Metasploit modules snmp-enum
and snmp-login
, which were used to brute-force SNMP authentication. The information gathering section closed with a discussion of SMTP enumeration attacks, and we learned to use the smtp-user-enum
tool to pull this off.
Other than abusing the function of network protocols, the chapter also talked about abusing the implementation...