Passive_discovery6 passivly sniffs the network and dump all client’s IPv6 addresses detected. Passive_discovery6 simply sniffs for the neighbor-advertisement packet in IPv6 networks. You have to understand the basics of IPv6 networks first. Assuming that you know about IPv4 and what an ARP is, neighbor-advertisement & neighbor-solicitation packets replace the ARP(IPv4) in IPv6. A    neighbor-solicitation is the packet sent from a host to a multicast in-order to get information from neighbors just like an ARP request(“Who is at tell”) to broadcast in IPv4. The neighbouring hosts reply with neighbor-advertisement which contains all info including the link-layer address(MAC). Unlike arp, this happens in an asynchronous/irregular pattern in an IPv6 network. Unlike arp, these packets are continuously transmitted through out the network.

So what passive_discovery6 does is simply grab the neighbor-solicitation packet and display the information on the terminal. This is very simple to use & provides excellent results when combined with parasite6.  It also sniffs for the advertisement  of neighbour packet in IPv6 networks it discover the rest unaltered IPv6.



passive_discovery6 interface options


-D do also dump destination addresses (does not work with -m)
-s do only print the addresses, no other output
-m maxhop the maximum number of hops a target which is dumped may be away.
0 means local only, the maximum amount to make sense is usually 5
-R prefix exchange the defined prefix with the link local prefix


cyborg@cyborg:~$ passive_discovery6 eth0<replace with yours>

Leave a reply


We're are building as a community and a team. Be a part of it.


©2018 Ztrela Knowledge Solutions Pvt. Ltd

Log in with your credentials

Forgot your details?