dhcpig

Exhaust all of the available DHCP addresses using the specified interface

$ sudo ./pig.py [eth0]

$ sudo ./pig.py [[-6|--ipv6]] [eth1]

$ sudo ./pig.py [[-f|--fuzz]] [eth1]

$ sudo ./pig.py [[-c|--color]] [eth1]

$ sudo ./pig.py [[-c|--color]] [[-v|--verbosity]] 1 [eth1]

$ sudo ./pig.py [[-c|--color]] [[-v|--verbosity]] 100 [[-n|--neighbors-scan-arp]] [eth1]

$ sudo ./pig.py [[-n|--neighbors-scan-arp]] [[-r|--neighbors-attack-release]] [[-o|--show-options]] [eth1]

dhcpig [options]

-i
    Specify the network interface to use for sending DHCP requests (e.g., eth0, wlan0).

-t
    Set the number of concurrent threads to use for sending requests, improving attack speed.

-r
    Define the rate of DHCP DISCOVER requests per second.

-s
    Specify a source IP address for the DHCP packets. Can be spoofed to conceal origin.

-d
    Set a delay (in seconds) between sending each DHCP DISCOVER request.

-p
    Specify the source UDP port to use for the DHCP requests (default is 68).

-x
    Exit immediately when the DHCP IP pool is exhausted (server stops offering IPs).

-v
    Enable verbose output to display more detailed information about the attack's progress.

-h
    Display the help message and exit, showing available options and usage.

dhcpig is a Python-based command-line utility designed to perform DHCP starvation attacks. Its primary function is to flood a DHCP server with a large number of DHCP DISCOVER requests, each typically spoofing a unique MAC address. This continuous stream of requests aims to exhaust the DHCP server's available IP address pool, preventing legitimate clients from obtaining IP addresses and effectively causing a Denial of Service (DoS) condition on the network. While primarily used by security professionals for penetration testing and assessing network resilience against such attacks, its misuse can severely disrupt network operations. The tool operates by crafting and sending raw DHCP packets, often leveraging Python's Scapy library, and can be configured with various options like the number of threads, request rate, and source IP spoofing.

dhcpig is a powerful tool with the potential to cause significant network disruption. Its use without explicit authorization on any network is illegal and unethical, and can lead to a complete Denial of Service (DoS) for all legitimate clients attempting to obtain network connectivity. It should only be used in controlled environments, such as dedicated penetration testing labs, or on networks where you have received explicit permission to perform such testing. Always ensure you understand the legal and ethical implications before deploying this command.

dhcpig emerged as a specialized tool within the cybersecurity community, particularly among penetration testers, to assess the resilience of DHCP services. While it does not have a long, well-documented development history like some foundational Linux commands, its creation is rooted in the need for a simple, scriptable method to demonstrate and test against DHCP starvation attacks. It leverages libraries like Scapy, which provides the underlying packet crafting capabilities, making it a common type of network attack script found in modern ethical hacking and security testing toolkits.

scapy(7), nmap(1), wireshark(1), dhclient(8)