Passive_discovery6 passivly sniffs the network and dump all client’s IPv6 addresses detected. Passive_discovery6 simply sniffs for the neighbor-advertisement packet in IPv6 networks. You have to understand the basics of IPv6 networks first. Assuming that you know about IPv4 and what an ARP is, neighbor-advertisement & neighbor-solicitation packets replace the ARP(IPv4) in IPv6. A neighbor-solicitation is the packet sent from a host to a multicast in-order to get information from neighbors just like an ARP request(“Who is at 192.168.0.1 tell 192.168.0.2”) to broadcast in IPv4. The neighbouring hosts reply with neighbor-advertisement which contains all info including the link-layer address(MAC). Unlike arp, this happens in an asynchronous/irregular pattern in an IPv6 network. Unlike arp, these packets are continuously transmitted through out the network.
So what passive_discovery6 does is simply grab the neighbor-solicitation packet and display the information on the terminal. This is very simple to use & provides excellent results when combined with parasite6. It also sniffs for the advertisement of neighbour packet in IPv6 networks it discover the rest unaltered IPv6.
passive_discovery6 interface options
-D do also dump destination addresses (does not work with -m) -s do only print the addresses, no other output -m maxhop the maximum number of hops a target which is dumped may be away. 0 means local only, the maximum amount to make sense is usually 5 -R prefix exchange the defined prefix with the link local prefix
cyborg@cyborg:~$ passive_discovery6 eth0<replace with yours>