I'm working on an exercise that attacks BGP configurations on a HTB machine to track traffic to a specific machine.
I have root access to the original computer and am now trying to configure the relevant routes to direct the traffic to me.
I understand BGP hijacking so that I need to create a new AS with a simpler route so traffic will be routed to me.
Based on this assumption I tried to add my machine as
AS4 As well as my IP address for the local route table, I set up Wireshark on my attacker and listened to the traffic.
In the following, I changed that
AS300 AS is what I aim for.
! ! Zebra configuration saved before vty ! 2018/07/02 02:14:27 ! route-map to-as200 allows 10 route-map to-as300 allow 10 Approach sketch to-as400 allow 10 ! Router BGP 100 bgp router-id 10.255.255.1 Network 10.101.8.0/21 Network 10.101.16.0/21 Network my_machines_ip Redistribution connected Neighbor 10.78.10.2 Remote as 200 Neighbor 10.78.11.2 Remote as 300 Neighbor 10.78.10.2 Directions to-as200 out Neighbor 10.78.11.2 Approach to-as300 off Neighbor my_ip remote-as 300 neighbor my_ip route-map to-as300 ! Line vty !
Route added on footboard …
root @ victim: ~ # ip route add my_ip dev eth2 proto zebra ip route add my_ipdev eth2 proto zebra
I can see that I will be added when I check in
vtysh but there seems to be no activity there or in my Wireshark.
Did I either misunderstand what to do or is my process just wrong?
r1 # show ip bg summary show ip bg summary BGP router ID 10.255.255.1, local AS number 100 RIB entries 54 using 6048 bytes of memory Peers 3 with 13 KB memory Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up / Down Status / PfxRcd my_ip 4 300 0 0 0 0 0 never active 10.78.10.2 4 200 7 11 0 0 0 00:02:27 22 10.78.11.2 4 300 6 10 0 0 0 00:02:30 22 Total number of neighbors 3