Thc-Ipv6 使用

温馨提示:小心二刺螈

已于 2023-01-01 23:15:29 修改

阅读量1k

点赞数

分类专栏：信息收纳文章标签：网络

于 2023-01-01 22:51:41 首次发布

本文链接：https://blog.csdn.net/qq_42378173/article/details/128514990

版权

信息收纳专栏收录该内容

9 篇文章

订阅专栏

本文介绍了多个用于IPv6网络扫描、探测、安全测试和漏洞利用的工具，如atk6-address6用于转换地址，atk6-alive6检测活跃IPv6地址，atk6-dnsdict6进行DNS枚举等。这些工具主要用于网络安全评估和防御。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

里面东西太多了，我也是慢慢学习使用，不对之处请见谅。这工具有点多所有会有一些长。工具以横排开始依次往下。

atk6-address6

将ipv4 或者 mac地址转变成ipv6地址，如果没有前缀，则链接为本地作为第二个选项给出。

我没有指定前缀所以他用的是本地的。并与是很懂这个命令。

atk6-alive6

应该是探测是探测某个IPV6地址是否活跃。

atk6-alive6 网卡 [ ipv6地址 ]

[ ipv6 ] 中括号可带可不带。

-v 显示详细信息 -o 输出结果

或者是想扫描ipv4地址可以使用 -4 参数

但是此次扫描并没有我物理机的IPv6地址，只有虚拟机的ipv地址。

好像这种方式也能扫描

atk6-connect6

这个好像是判断端口是否打开？如果是连接的话我没有找到连接的方法。

如果连接成功返回0，超时/重置返回1

感觉现在的我只能用于判断是否打开了某个端口

当连接目标不存在端口134时出现报错提示。

当连接目标存在端口135、445时出现代码0

atk6-connsplit6（X）

我还不知道怎么使用这个功能。如果知道以后会补上

root@kali:~# atk6-connsplit6 -h
splitconnect6 3.8 (c) 2020 by van Hauser / THC <vh@thc.org> www.github.com/vanhauser-thc/thc-ipv6

Syntax: [-vd] atk6-connsplit6 INTERFACE client|server

Options:
  -v   verbose mode
  -d   debug mode

Manipulates all incoming (client) or outgoing (server) TCP connections that are
from (server) or to (client) port 64446, and sets a new destinatin (server) or
source (client) address.
The purpose of this is a proof of concept to make connect analysis difficult.
It is recommended to use the splitconnect6.sh script to control this tool.

atk6-covert_send6（X）

我还不知道怎么使用这个功能。如果知道以后会补上

root@kali:~# atk6-covert_send6 -h
atk6-covert_send6 3.8 (c) 2020 by van Hauser / THC <vh@thc.org> www.github.com/vanhauser-thc/thc-ipv6

Syntax: atk6-covert_send6 [-m mtu] [-k key] [-s resend] interface target file [port]

Options:
  -m mtu     specifies the maximum MTU (default: interface MTU, min: 1000)
  -k key     encrypt the content with Blowfish-160
  -s resend  send each packet RESEND number of times, default: 1

Sends the content of FILE covertly to the target, And its POC - don't except
too much sophistication - its just put into the destination header.

atk6-covert_send6d（X）

我还不知道怎么使用这个功能。如果知道以后会补上（感觉是和上面几个指令搭配使用）

root@kali:~# atk6-covert_send6d -h
atk6-covert_send6d 3.8 (c) 2020 by van Hauser / THC <vh@thc.org> www.github.com/vanhauser-thc/thc-ipv6

Syntax: atk6-covert_send6d [-k key] interface file

Options:
  -k key     decrypt the content with Blowfish-160

Writes covertly received content to FILE.

atk6-denial6（X）

我还不知道怎么使用这个功能。如果知道以后会补上

root@kali:~# atk6-denial6 -h
atk6-denial6 3.8 (c) 2020 by van Hauser / THC <vh@thc.org> www.github.com/vanhauser-thc/thc-ipv6

Syntax: atk6-denial6 interface destination test-case-number

Performs various denial of service attacks on a target
If a system is vulnerable, it can crash or be under heavy load, so be careful!
The following test cases are currently implemented:
  1 : large hop-by-hop header with router-alert and filled with unknown options
  2 : large destination header filled with unknown options
  3 : hop-by-hop header with router alert option plus 180 headers
  4 : hop-by-hop header with router alert option plus 178 headers + ping
  5 : AH header + ping
  6 : first fragments of a ping with a hop-by-hop header with router alert
  7 : large hop-by-hop header filled with unknown options (no router alert)

atk6-detect-new-ip6

此工具检测加入本地网络的新IPv6地址。

如果提供了脚本，则首先使用检测到的IPv6地址执行脚本

atk6-detect-new-ip6 interface [script]

监听，当有新的ipv6地址加入本地他会在下面显示出来。

当你带有脚本的时候

atk6-detect_sniffer6

测试本地LAN上的系统是否正在嗅探。

适用于Windows、Linux、OS/X和*BSD

如果没有给定目标，则使用链路本地所有节点地址然而并不总是有效的。

并不是很懂这个工作模式。如果以后知道会补上来。

atk6-dnsdict6

枚举DNS条目的域，如果提供，则使用字典文件或内置列表。该工具基于gnucitizen.org的dnsmap。

-d 显示NS和MX DNS域信息上的IPv6信息

-4 也转储 IPv4 地址

-s   字典大小

        -s(mall=100)

        -m(edium=1419)

        -l(arge=2601),

        -x(treme=5886)

        -u(ber=16724)

-t 线程数      默认8 最多32

-D 显示当前选择字典的内容，只显示出来不对其域名进行扫描

也可以使用自己的字典

atk6-dnsrevenum6（X）

atk6-dnsrevenum6 3.8 (c) 2020 by van Hauser / THC <vh@thc.org> www.github.com/vanhauser-thc/thc-ipv6

Syntax: atk6-dnsrevenum6 [-t] dns-server ipv6address

Performs a fast reverse DNS enumeration and is able to cope with slow servers.
Option -t enables TCP instead of UDP (use this if you get many timeouts)
Examples:
  atk6-dnsrevenum6 dns.test.com 2001:db8:42a8::/48
  atk6-dnsrevenum6 -t dns.test.com 8.a.2.4.8.b.d.0.1.0.0.2.ip6.arpa

atk6-dnssecwalk（X）

root@kali:~# atk6-dnssecwalk -h
atk6-dnssecwalk 3.8 (c) 2020 by Marc Heuse <mh@mh-sec.de> http://www.mh-sec.de

Syntax: atk6-dnssecwalk [-e46t] dns-server domain

Options:
 -e  ensure that the domain is present in found addresses, quit otherwise
 -4  resolve found entries to IPv4 addresses
 -6  resolve found entries to IPv6 addresses
 -t  use TCP instead of UDP

Perform DNSSEC NSEC walking.

Example: atk6-dnssecwalk dns.test.com test.com

atk6-dos-new-ip6（X）

root@kali:~# atk6-dos-new-ip6 -h
atk6-dos-new-ip6 3.8 (c) 2020 by van Hauser / THC <vh@thc.org> www.github.com/vanhauser-thc/thc-ipv6

Syntax: atk6-dos-new-ip6 [-S] interface

This tools prevents new IPv6 interfaces to come up, by sending answers to
duplicate ip6 checks (DAD). This results in a DOS for new IPv6 devices.

Option -S sends conflicting NS query instead of NA reply, but it restricts
source randomization.

atk6-dump_dhcp6（X）

root@kali:~# atk6-dump_dhcp6 -h
atk6-dump_dhcp6 3.8 (c) 2020 by van Hauser / THC <vh@thc.org> www.github.com/vanhauser-thc/thc-ipv6

Syntax: atk6-dump_dhcp6 [-V vendorid] interface [target]

Options:
  -V vendorid  send vendorid number,string (e.g. 11,test)
  -N           use fe80:: as source
  -n           use empty mac as source

DHCPv6 information tool. Dumps the available servers and their setup.
You can specify a specific DHCPv6 server as destination.

atk6-dump_router6（x）

root@kali:~# atk6-dump_router6 -h
atk6-dump_router6 3.8 (c) 2020 by van Hauser / THC <vh@thc.org> www.github.com/vanhauser-thc/thc-ipv6

Syntax: atk6-dump_router6 interface [target]

Dumps all local routers and their information

atk6-exploit6(x)

root@kali:~# atk6-exploit6 -h
atk6-exploit6 3.8 (c) 2020 by van Hauser / THC <vh@thc.org> www.github.com/vanhauser-thc/thc-ipv6

Syntax: atk6-exploit6 interface destination [test-case-number]

Performs exploits of various CVE known IPv6 vulnerabilities on the destination
Note that for exploitable overflows only 'AAA...' strings are used.
If a system is vulnerable, it will crash, so be careful!

atk6-extract_hosts6

打印文件中ipv6主机部分

atk6-extract_networks6

打印文件中找到的网络

atk6-fake_advertise6（X）

root@kali:~# atk6-fake_advertise6 -h
atk6-fake_advertise6 3.8 (c) 2020 by van Hauser / THC <vh@thc.org> www.github.com/vanhauser-thc/thc-ipv6

Syntax: atk6-fake_advertise6 [-DHF] [-Ors] [-n count] [-w seconds] interface ip-address-advertised [target-address [mac-address-advertised [source-ip-address]]]

Advertise IPv6 address on the network (with own mac if not specified),
sending it to the all-nodes multicast address if no target address is set.
Source ip address is the address advertised if not set.

Sending options:
  -n count    send how many packets (default: forever)
  -w seconds  wait time between the packets sent (default: 5)
  -m srcmac   the srcmac address to send from (not what is advertised!
Flag options:
  -O  do NOT set the override flag (default: on)
  -r  DO set the router flag (default: off)
  -s  DO set the solicitate flag (default: off)
ND Security evasion options (can be combined):
  -F  full evasion attack (no other evasion options allowed)
  -H  add a hop-by-hop header
  -f  add a one shot fragment header (can be specified multiple times)
  -D  add a large destination header which fragments the packet.

atk6-fake_dhcps6（x）

root@kali:~# atk6-fake_dhcps6 -h
atk6-fake_dhcps6 3.8 (c) 2020 by van Hauser / THC <vh@thc.org> www.github.com/vanhauser-thc/thc-ipv6

Syntax: atk6-fake_dhcps6 interface network-address/prefix-length dns-server [dhcp-server-ip-address [mac-address]]

Fake DHCPv6 server. Use to configure an address and set a DNS server

！！！我悟了，擅百技，不如专修一计。