Hacker Timesnew | past | comments | ask | show | jobs | submitlogin

I realize there are a million ways to leak addresses, but in theory is a private ipv6 space brute forceable? ie: I have every service listen on a port on some IP, they all discover each other through some specific channel (like dns). Assuming the attacker doesn't have access to that channel, they would have to start scanning every ip to try to discover services, yeah?


There are ways to optimize an attack but pure brute force like IPv4 is impossible.


On a local link, if you know the ipv6 address of one machine you can guess others by getting their device ID (MAC address) and then modifying the known address. So you can use neighbor discovery to find the other MAC addresses to craft the IP addresses.

I think you can also take advantage of router advertisement or client solicitations somehow but I’m not familiar with the details (i.e. passive listening on multicast vis a vis broadcast)


Thanks. I'll have to do some googling on that.


There's neighbor discovery.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: