DHCPIG

Network Mapper

DHCPig is a cybersecurity tool that initiates an advanced DHCP exhaustion attack. It consumes all IP addresses on the local area network (LAN), preventing new users from obtaining IP addresses, releasing any IP addresses in use, and then sends gratuitous ARP packets to knock all Windows hosts offline. DHCPig is based on the scapy library and requires admin privileges to execute. No configuration is needed; you simply pass the interface as a parameter. It has been tested on various Linux distributions and multiple DHCP servers such as ISC, Windows 2k3, and Windows 2k8.

DOWNLOADS

NOTE : No Official website for DHCPig

SYSTEM REQUIREMENTS

RAM : Minimum 512MB (Recommended : 1GB)

Storage : Minimum 10MB (for installation), additional space for project files

OS : Linux, macOS (Windows support via Cygwin, but not officially supported)

Architecture : Supports both 32-bit and 64-bit architectures

Available On : PC


ADDITIONAL INFORMATION

Published By

Kamorin

Release Date

January 2024

Approximate Size

85KB (installation size)

Publisher Info

Kamorin, a contributor to the cybersecurity community

Supported Languages

English

Last Update

August 2024 (Version 1.6)

Programming Language

Python

Operating System

Cross-platform (Linux, macOS)

License

GNU General Public License (GPL)

  1. DHCP Server Inventory : DHCPIG scans and lists all DHCP servers in your network, providing a detailed inventory of the servers, their scope(s), and the number of available and leased IP addresses.
  2. Graphical Representation : DHCPIG generates graphical representations of your DHCP server’s data, including IP address usage, scope utilization, and lease duration.
  3. Database Integration : DHCPIG can integrate with your existing database to provide a more comprehensive overview of your network’s IP address allocation and usage.
  4. Customizable Reporting : DHCPIG allows you to generate custom reports based on specific criteria, such as IP address ranges or lease duration.
  5. DHCP Server Options : DHCPIG displays and allows you to modify DHCP server options, such as DNS server addresses, default gateways, and WINS server addresses.
  6. Alerting and Monitoring : DHCPIG can be configured to send alerts when specific conditions are met, such as low IP address availability or lease expiration.
  7. Scheduled Scans : DHCPIG can be scheduled to perform regular scans of your network, ensuring that your DHCP server information remains up-to-date.
  8. Command-Line Interface : DHCPIG provides a command-line interface, making it easy to integrate the tool into automated scripts and processes.

  1. The DHCPig tool is designed to initiate an advanced DHCP exhaustion attack, a type of cybersecurity attack that aims to consume all available IP addresses on a local area network (LAN). This prevents new users from obtaining IP addresses and can lead to the release of IP addresses that are already in use. Additionally, DHCPig may send gratuitous ARP messages and potentially knock all Windows hosts offline on the network.
  2. To use DHCPig, you should run it with root privileges, and you’ll need to select the interface to perform the DHCP exhaustion attack against. In the demonstration provided in the search results, the attacker chose the ‘eth0’ interface. The following command can be used to run DHCPig : sudo dhcpig
  3. After running DHCPig, it may take several minutes for the DHCPv4 addresses to become exhausted. However, one important point to note is that DHCPig is quite noisy and may attract attention from network administrators. Additionally, the effectiveness of this tool in an active penetration test may be limited due to its disruptive nature.

The DHCPig tool is primarily used for initiating an advanced DHCP exhaustion attack. Its main functions include:

  • Consuming all IP addresses on the Local Area Network (LAN), preventing new users from obtaining IP addresses.
  • Releasing any IP addresses currently in use.
  • Sending gratuitous ARP (Address Resolution Protocol) packets to knock all Windows hosts offline.

Running DHCPIG
  1. To run DHCPIG, simply provide the interface as an argument. For example : pig.py eth0
    2. This command starts sending DHCP requests at a default rate, allowing you to observe the basic operation of DHCP requests. You can also customize the rate and other options using various flags.
Flags and Options

DHCPIG offers several flags and options to customize its behavior :

  • -h or --help : Displays help information
  • -v or --verbosity : Sets the verbosity level (0-99)
  • -6 or --ipv6 : Enables DHCPv6 mode
  • -1 or --v6-rapid-commit : Enables RapidCommit (2-way IP assignment instead of 4-way)
  • -s or --client-src : Specifies a list of client MAC addresses
  • -O or --request-options : Requests specific option codes (e.g., 21, 22, 23 or 12, 14-19, 23)
  • -f or --fuzz : Randomly fuzzes packets (off by default)
  • -t or --threads : Sets the number of sending threads (1 by default)
  • -a or --show-arp : Detects and prints ARP who-has requests (off by default)
  • -i or --show-icmp : Detects and prints ICMP requests (off by default)
  • -o or --show-options : Prints lease information (off by default)
Example Scenarios
  1. Basic DHCP Exhaustion Attack : Run DHCPIG with the default options to flood the DHCP server with requests, exhausting its IP address pool. Example : pig.py eth0
  2. Customized DHCP Exhaustion Attack : Specify a custom rate and verbosity level to adjust the attack’s intensity. Example : pig.py -v 50 eth0
  3. DHCPv6 Attack : Enable DHCPv6 mode and customize the options as needed. Example : pig.py -6 -v 50 -1 eth0
Important Notes
  1. DHCPIG is a powerful tool and should be used responsibly. It can potentially cause harm to a network if not used correctly.
  2. Always ensure you have proper permissions and authorization before running DHCPIG or any other hacking tool.
  3. Be aware of the legal implications of using DHCPIG or any other hacking tool for unauthorized purposes.

  • python3
  • python3-scapy

Terminal Installation Commands ...

$ sudo apt-get update

$ sudo apt install dhcpig

GUI Installation Steps ...
Linux
  • Update your package manager : sudo apt-get update
  • Install DhcPig using apt-get : sudo apt-get -y install dhcpig
  • Alternatively, you can use apt : sudo apt -y install dhcpig
  • If you prefer aptitude, ensure it’s installed first, then : sudo aptitude -y install dhcpig
Windows
  • Download the DhcPig tool from its official repository.
  • Extract the files and navigate to the directory in Command Prompt.
  • Run the script using Python : python pig.py
MacOS
  • Ensure Python and the scapy library are installed.
  • Clone the DhcPig repository : git clone https://github.com/kamorin/DHCPig.git
  • Navigate to the directory : cd DHCPig
  • Run the script : sudo python pig.py

Terminal Uninstallation Commands ...

$ sudo apt remove dhcpig

$ sudo apt autoclean && apt autoremove

GUI Uninstallation Steps ...
Linux
  • To remove only the DhcPig package : sudo apt-get remove dhcpig
  • To remove DhcPig and its dependencies : sudo apt-get -y autoremove dhcpig
  • To purge configurations and data : sudo apt-get -y purge dhcpig
  • To remove configurations, data, and dependencies : sudo apt-get -y autoremove --purge dhcpig
Windows
  • Delete the Directory : Locate the DhcPig folder (the directory where you extracted or saved the tool) and delete it.
  • Remove Associated Files : Ensure any additional configuration or log files created by the tool are also removed. You may need to check your user or system directories for such files.
  • Uninstall Dependencies (if applicable) : If you installed dependencies like Python libraries (e.g., scapy) specifically for DhcPig, you can uninstall them using the following command in Command Prompt or PowerShell : pip uninstall scapy
  • Check the Environment Variables : If you added the DhcPig tool to your PATH, remove it from the system’s Environment Variables.
MacOS
  • Remove the DhcPig Directory: Navigate to the location where the tool was installed or cloned (typically the folder named DHCPig) and delete it : rm -rf /path/to/DHCPig
  • Uninstall Dependencies (if installed) :
    • If you installed Python libraries like scapy specifically for DhcPig, you can uninstall them using pip : pip uninstall scapy
    • If other libraries were installed, remove them similarly.
  • Clean Environment Variables :
    • If you added the tool’s path to environment variables, remove it by editing your shell configuration file (e.g., .bashrc, .zshrc, or .bash_profile).

Copyright © 2025 HACKERSPOT

All original content, including tools, software, and other information, is protected by copyright and remains the property of its respective owners.

Subscribe for more Information
HACKERSPOT

HackerSpot is an informational platform that offers resources such as tools, software, courses, internships, and various other materials aimed at supporting individuals passionate about CyberSecurity and IT.

About Us
Docs / Links

Documentation

Tools

Softwares

Operating Systems

Learning

Courses

Internships

Virtual Labs

Colleges

Youtube Channels

Resources

Devices & Hardware

Browsers

Cyber Threat Maps

Other Resources

Contacts

Bapatla, Andhrapradesh, India 237101

bablunannam@gmail.com

+91 7995819235