Security researchers last week have released a tool that cuts down from hours to just minutes that time it takes to launch an attack using IPv6 SLAAC.
Stateless Address Auto Configuration (SLAAC) is a mechanism that allows a host to generate their own IPv6 address even if the routable addresses are assigned or pre-configured. SLAAC is required on all IPv6 stack implementations.
The concept of a SLAAC attack was introduced back in 2011.It is typically in wireless environments but is also used in wired networks. SLAAC attacks work Windows Vista and Windows 7.Windows 8 was not yet available when the SLAAC attack was introduced. Because of its lack of IPv6 support Windows XP is immune from the attack.
Using the tool, attackers can pretend to be an IPv6 router on a network and view all the Web traffic on that network including data being sent to and from the machine.
The tool allows attackers to modify Web pages to launch client-side attacks. This means attackers can create bogus Web sites to look like sites a user is trying to access. The fake site will send back to the attacker any user data that the site gets.
In order for the ruse to work, the attack, however, has to be conducted from inside the target network.