How to perform a DDOS Attack on a DHCP Server

This DDOS attack will send DHCP discover messages until all available DHCP IP addresses within its scope are saturated. Once this attack is completed you could launch a rouge DHCP server and start poisoning DHCP clients with your router or DNS server information.

A tool which allows you to perform this attack is called  Yersinia. This program is included in the well-known Linux penetration tool distribution BackTrack which is available for download on the following site:

Steps to perform:

  • Download BackTrack & Start your distribution
  • Check that the DHCP Server has not leased all available addresses yet

  • Login BackTrack and open a terminal window
  • Type yersinia –G to start the graphic interface of  Yersinia

  • Click on the DHCP tab
  • Click on the Attack tab and select the Sending DHCP Discover Packets option

  • Click OK and watch the amount of requests send

  • Click on the List Attacks tab
  • Click on Cancel all Attacks

  • Go back to you DHCP server and check if the amount of leased IP addresses has increased


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s