Yersinia
Yersinia is a framework for performing layer 2 attacks by exploiting weaknesses in various network protocols. It serves as a tool for analyzing and testing deployed networks and systems.
Description
Yersinia is designed to take advantage of weaknesses in different layer 2 network protocols, making it a solid framework for security testing. It implements attacks against protocols such as Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), 802.1q, 802.1x, Inter-Switch Link Protocol (ISL), and VLAN Trunking Protocol (VTP).
Use cases include network vulnerability assessment, protocol weakness exploitation simulation, and testing the resilience of deployed network infrastructure against layer 2 attacks. The tool supports multiple modes including graphical, interactive, and daemon operations for flexible deployment in testing environments.
It emphasizes ethical use with an MOTD warning 'Don't do it!!' while playfully encouraging testing, and directs users to the man page for comprehensive options and examples.
How It Works
Yersinia operates as a layer 2 attack framework that targets vulnerabilities in specific network protocols including STP, CDP, DTP, DHCP, HSRP, 802.1q, 802.1x, ISL, and VTP. It uses techniques like protocol spoofing, flooding, and manipulation to exploit weaknesses, with support for interactive (ncurses), graphical (GTK), and daemon modes. Protocol-specific options are accessed via 'yersinia protocol -h', and configuration is managed through config files and logs.
Installation
sudo apt install yersiniaFlags
Examples
yersinia -hyersinia -Vyersinia -Gyersinia -Iyersinia -Dyersinia -dyersinia -l logfileyersinia -c conffile