DHCP Poisoning (Man-in-the-Middle)

Similar to ARP Poisoning, DHCP Poisoning can be used to perform a Man-in-the Middle attack.

A spurious DHCP server replies to clients' DHCP Discover messages and assigns them IP addresses, but makes the clients use the spurius server's IP as the default gateway.

Clients usually accept the first Offer message they receive.

This will cause the client to send traffic to the attacker instead of the legitimate default gateway.

The attacker can then examine/modify the traffic before forwarding it to the legitimate default gateway.

PreviousDHCP Starvation NextDHCP Messages

Last updated 1 year ago