How To Hack a DHCP Server Full Tutrial

How to Hack a DHCP Server

Note :- This Tutorial is for Education Purpose only.How To

Hack a DHCP Server ?What is DHCP?Dynamic Host Configuration Protocol ( DHCP ) is anetwork protocol that enables a server to automaticallyassign an IP address to a computer from a definedrange of numbers (i.e., a scope) configured for a givennetwork.DHCP work on DORA concept.1. Client makes a UDP Broadcast to the server with aDHCPDiscover, or Discover packet.2. DHCP offers to the client. The server sends aDHCPOffer including other configuration parameters(DHCP Options) for the client per the serversconfiguration file3. In response to the offer Client requests the server.The client replies DHCPRequest, unicast to the server,requesting the offered address.4.The server sends DHCP Ack acknowledging therequest which is the clients final permission to take theaddress as offered. Before sending the ack the serverdouble checks that the offered address is still available,that the parameters match the clients request and (ifso) marks the address taken.Attack on DHCP Server :-Open the Kali Linux terminal and type the commandroot@kali:~‪#‎yersinia‬ -G to open the GUI interface ofyersinia.now click on the Launch Attack option and select theDHCP option.now select the Sending DISCOVER packet option foryour attack.and click on the OK.now it will start the attack on DHCP server , it will sendton of packets on your DHCP server within second.With Yersinia , you are able to attack on CDP , DHCP ,802.1Q , 802.1X ,DTP , HSRP, ISL , STP and VTPprotocols.Countermeasures or Mitigation :-You need to be enable DHCP Snooping on the CiscoSwitches:-DHCP snooping allows the configuration of ports astrusted or untrustedUntrusted ports cannot process DHCP repliesConfigure DHCP snooping on uplinks to a DHCPserverDo not configure DHCP snooping on client ports.Configuring DHCP Snooping