Loki - Python Based Infrastructure Pentesting Tool (ARP, HSRP, OSPF, etc)

Loki is a python based infrastructure pentesting tool focussing on layer 3 protocols, dealing with protocols such as:

  • ARP
  • HSRP
  • RIP
  • BGP
  • OSPF
  • EIGRP
  • WLCCP
  • VRRP
  • BFD
  • LDP
  • MPLS

In the words of the author

At the beginning LOKI was made to combine some stand-alone command line tools, like the bgpcli, the ospfcli or the ldp_cli and to give them a user friendly, graphical interface. In the meantime LOKI is more than just the combination of the single tools, it gave its modules the opportunity to base upon each other (like combining ARP-spoofing from the ARP module with some man-in-the-middle actions, rewriting MPLS-labels for example) and even inter operate with each other.

Getting Loki

Loki is available for a number of different platforms including:

  • Kali
  • Backtrack 4 R2
  • OSX
  • Win32
  • Debian-7.1
  • Fedora-15
  • Gentoo
  • Sabayon-10
  • Ubuntu-10.04
  • Ubuntu-11.04

Installing Loki in Kali (Rebuilding the deb package)

When I went to install the v0.2.7-1 version of Loki in Kali, I ran into a problem with the package pylibpcap not existing in the repos. It seems that at some stage this changed it's name to python-libpcap.

To fix this up, we can just edit the dependency in the deb package, then install it as we normally would. So without further delay…

Download the Loki deb package to your Kali box:

wget http://c0decafe.de/svn/codename_loki/packages/kali-1/loki_0.2.7-1_amd64.deb

Extract the contents of the deb package into a new folder:

mkdir lokidevalias
dpkg-deb -x loki_0.2.7-1_amd64.deb ./lokidevalias
dpkg-deb -e loki_0.2.7-1_amd64.deb ./lokidevalias/DEBIAN

Edit the control file with your favourite editor, change pylibpcap to python-libpcap, then save the file.

vi ./lokidevalias/DEBIAN/control

Build the new debian package with the changes we just made:

cd lokidevalias
dpkg-deb -b . ../loki_0.2.7-1-devalias_amd64.deb

Start the install with dpkg, then finish it off with the dependencies using apt-get:

cd ..
dpkg -i loki_0.2.7-1-devalias_amd64.deb
apt-get install -f

Using Loki

Given the vast array of options available, I will delegate to a rather good article over at Packetstan (a little outdated, but mostly good)

Conclusion

Hopefully the above worked for you and makes your life a bit easier. Happy pentesting!

Appendix A - libssl.so.0.9.8

Depending which particular loki package you're trying to use, you may run into an issue where the libssl.so.0.9.8 package isn't available in the repos for your system (as was the case on my Kali box). In this instance, you should try downloading the latest package for your platform

(NB: Even if the version number is the same, it might not be exactly the same. I found the 0.2.7-1 package I was using was different to the same versioned Kali package)