fragrouter6 - Man Page

Synopsis

fragrouter6 [-dv -f len -e count -t count] INTERFACE EVASION-METHOD

Options

  -f len    size of mini fragments (option 64, default 8)
  -e count  hop count to the IDS for evading (option 256 & 512)
  -t count  hop count to the target that reaches it
  -v        verbose mode, print all packets processed for evasion

Evasion Methods

 0     no manipulation
 1-31  the number of atomic fragmentation headers to insert
 32    use destination headers for 1-31 instead of fragmentation headers
 64    fragment each packet to 8 byte length pieces (or change with -f)
 128   a large destination header that fragments the packet
 256   insert fake TCP data with a hop count just for the IDS (-e)
 512   insert TCP connection reset packet with a hop count just to the IDS (-e)
1024   insert fake fragmentation data with a hop count just for the IDS (-e)
2048   insert faked seq/ack data TCP packet

Performs NIDS/NIPS evasion to all defined packets that originate from your system or pass through it. All evasion methods can be combined (add together) with the exception that only either one of 64 or 128 can be used at once. Option 1024 can be used with 1..31 and 64. The evasion methods are processed in the following order: 256, 512, 2048, 1..31/33..63 then either 64 or 128 then 1024. Requires to set up ip6table rules that jump to NFQUEUE, use fragrouter6.sh which is a wrapper for ip6tables and fragrouter6!

Author

thc-ipv6 was written by van Hauser <vh@thc.org> / THC

The homepage for this toolkit is: https://github.com/vanhauser-thc/thc-ipv6

Info

2024-07-21 THC IPv6