Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

'KeyError: 2' when starting on an interface that has no IPv4 address #32

Open
DidierA opened this issue Oct 20, 2022 · 2 comments
Open

Comments

@DidierA
Copy link

DidierA commented Oct 20, 2022

If I start mitm6 with -i to assign it to a specific interface, it chokes and stops with KeyError: 2 if this interface only has an IPv6 address, and no IPv4:

# ip -6 address add fe80::800:27ff:fe00:0000/64 dev vboxnet0
# ip link set vboxnet0 up
# ip --brief a show
lo               UNKNOWN        127.0.0.1/8 ::1/128 
enp0s31f6        DOWN
wlp0s20f3        UP             192.168.0.49/24 
tun0             UNKNOWN        [removed]
vboxnet0         UP             fe80::800:27ff:fe00:0/64 
# mitm6 -i vboxnet0 -v --debug
Traceback (most recent call last):
  File "/usr/local/bin/mitm6", line 8, in <module>
    sys.exit(main())
  File "/usr/local/pipx/venvs/mitm6/lib/python3.10/site-packages/mitm6/mitm6.py", line 369, in main
    config = Config(args)
  File "/usr/local/pipx/venvs/mitm6/lib/python3.10/site-packages/mitm6/mitm6.py", line 39, in __init__
    self.v4addr = netifaces.ifaddresses(self.default_if)[netifaces.AF_INET][0]['addr']
KeyError: 2
FAIL: 1

If I assign an IPV4 address, it works fine and the virtual machine on vboxnet0 get spoofed:

# ip address add 192.168.56.1/24 dev vboxnet0
# mitm6 -i vboxnet0 -v --debug
Starting mitm6 using the following configuration:
Primary adapter: vboxnet0 [0a:00:27:00:00:00]
IPv4 address: 192.168.56.1
IPv6 address: fe80::800:27ff:fe00:0
Warning: Not filtering on any domain, mitm6 will reply to all DNS queries.
Unless this is what you want, specify at least one domain with -d
WARNING: The conf.iface interface (tun0) does not support IPv6! Using vboxnet0 instead for routing!
WARNING: The conf.iface interface (tun0) does not support IPv6! Using vboxnet0 instead for routing!
WARNING: more The conf.iface interface (tun0) does not support IPv6! Using vboxnet0 instead for routing!
IPv6 address fe80::192:168:56:3 is now assigned to mac=08:00:27:c6:9b:11 host= ipv4=192.168.56.3
IPv6 address fe80::192:168:56:3 is now assigned to mac=08:00:27:c6:9b:11 host= ipv4=192.168.56.3
Sent spoofed reply for time.windows.com. to fe80::97d:a5c7:a91b:f5f7
@dirkjanm
Copy link
Owner

mitm6 replies to both A and AAAA queries. for that it will need an IPv4 address to put in the response, that you can either specify on the commandline or it will get autodetected.
If there is no IPv4 address on the interface the autodetection will throw an error, which is expected. the error may be a bit prettier, but the behavior is expected. what is the exact issue here?

@DidierA
Copy link
Author

DidierA commented Oct 20, 2022

Well, yes the fact that the error is not obvious: I did a google search and could not find anything relevant, so I opened this issue so at least this could be found if someone has the same problem.
Is there absolutely no scenario in which using mitm6 in an IPv6-only environment would be effective? in this case it would just answer to AAAA queries when there is no IPv4 and still be able to catch machines that make DHCPv6 requests, I guess?
I understand the use case is limited, and probably not worth spending the time to implement it, since even in this scenario, adding an IPv4 to the attacker's machine would be enough to have mitm6 run.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants