This is an introduction to DNS poisoning which also includes an example of quite a nifty application of it using the IP Experiment. It’s purely educational, so I’m not responsible for how you use the information in it.To start, you’ll need
• A computer running Linux (Ubuntu in my case)
• A basic understanding of how the Domain Name System (DNS) works.
Note that this is a more advanced topic; don’t try this if you don’t know what you’re doing.
Why DNS?
The DNS provides a way for computers to translate the domain names we see to the physical IPs they represent. When you load a webpage, your browser will ask its DNS server for the IP of the host you requested, and the server will respond. Your browser will then request the webpage from the server with the IP address that the DNS server supplied.
If we can find a way to tell the client the wrong IP address, and give them the IP of a malicious server instead, we can do some damage.
Malicious DNS Server
So if we want to send clients to a malicious web server, first we need to tell them its IP, and so we need to set up a malicious DNS server.
The server I’ve selected is dnsmasq – its lightweight and the only one that works for this purpose (that I’ve found)
To install dnsmasq on Ubuntu, run sudo apt-get install dnsmasq, or on other distributions of Linux, use the appropriate package manager.
Once you’ve installed it you can go and edit the configuration file (/etc/dnsmasq.conf)
sudo gedit /etc/dnsmasq.conf
The values in there should be sufficient for most purposes. What we want to do is hard-code some IPs for certain servers we want to spoof
The format for this is address=/HOST/IP
So for example;
address=/facebook.com/63.63.63.63
where 63.63.63.63 is the IP of your malicious web server
Save the file and restart dnsmasq by running
sudo /etc/init.d/dnsmasq restart
You now have a DNS server running which will redirect requests for facebook.com to 63.63.63.63
Malicious Web Server
You probably already have a web server installed. If not, install apache. This is pretty basic, so I won’t cover it here.
There are a couple of things you can do with the web server. It will be getting all the traffic intended for the orignal website, so the most likely cause of action would be to set up some sort of phishing site
I’ll presume you know how to do that though
Another alternative is to set up some sort of transparent proxy which logs all activity. I might come back to this in the future.
I Can Be Your DNS Server Plz?
An alternative is to, instead of a spoof webserver, set up a Metasploit browser_autopwn module . You can have lots of fun with that
But how do you get a victim? Well this is where my project, the IP Experiment could come in handy
If you don’t know, the IP Experiment basically harvests people’s IPs through websites such as forums and scans them for open ports. A surprising number of these IPs have port 80 open and more often that not, that leads straight to a router configuration mini-site. ‘Admin’ and ‘password’ will get you far in life; its fairly easy to login and change the DNS settings.
Tutorial by doc
Keywords:learn to hack, facebook hacking software download, gmail hacking, twitter hacking , cmd hacks, tips and Securities, youtube downloader, download youtube download,angry birds free download,how to remove this copy windows not genuine, AHSEC previous year question paper for hs 2nd year, AHSEC 2012 question papers for hs 2nd year and final year, Windows Softwares free download AHSEC sample papers for hs final year, free download youtube downloader, youtube downloader free download, learn free hacking, learn hacking free, customize windows, customize windows 7, customize win 7, free hacking softwares, free hacking softwares download, hacking software free download how to hack, learn hacking, learn how to hack, hacking tips, english songs free download, free english songs download, hollywood songs download, become a hacker,Anti Hacking , Hacking , Learn Hacking , Learn Protection from Hackers, warez , Http Proxy , L1/L2/L3 HTTP Proxies , Fresh HTTP High Anonymous / Anonymous / Transparent Proxies ,4/5 socks proxies , keygens , cracks , cracked softwares , cracked programs , keyloggers , bots , RAT , rootkits , shell scripts , free premium accounts , yahoo boters , yahoo programs , yahoo tutorials , yahoo id maker , yahoo room tools , nimbuzz hacking , flooders , programming , pc protection tutorials , security alets , security tutorials , Exploits , Exploit , hacking,hackware,hackers,hack,cracker,crack,patch,serial,software,forum,vulnerability,application,lounge,white hat,graphics,programming,computer,protection,security,alerts,Networking,server,exploits,myspace,warez,downloads,keygen,keylogger,coding,facebook,orkut,flooders elite team,botnets,exploits, reviews, malicious,reverse engineering, analysis, DDOS, Shell, Protect, taskhost, CMD, Net, Bytes, Kilobytes, Megabytes, Gigabytes, Terrabytes, free support, United Kingdom, United States, Alexa, Google, Yahoo, Baidu, Competition, Tabbed head in MYBB,Tab Head plugin, SEO,cpanel, control panel, Proxy, VPN, Webhosting, Webmaster download free hacking tools, free hacking program, hacking software, largest underground hacker convention, hacking security conference, hacking forum, pen-testing, penetration testing, hacker gathering,skywalk3r, lockpicking, hacker community, goons, computer exploits, zero day vulnerabilities, 0day, robotics, hacker attack, defend against hackers hacking, icq, cryptography, hotmail, trojans, cracks, bo2k,aol, firewall, warez, proxy, trojan, subseven, linux, back orifice, serials, flooding, web board, appz, yahoo, passwords, nuke, credit card, irc, netsphere, wingate, gsm,proxies, password, telnet, exploits, bomber, phreaking, spoof,nuker, crack, nukes, serial, virii, cracking, unscambler,jammer, adult check, crackers, crackz, hack, ip, sniffing, wingates, surf,exploit, nukers, anonymous, hackz, antivirus, net bus, satan,smurf attacks, teardrop, security, keyloggers, port scanner,warfare, spoofers, internet, anonymity, cryptology, pgp, mark zuckerburg, Facebook, facebook hack, facebook hacking software, facebook hacking techniques, website hacking, hack website, website hacking software, website deafcing, web deface, web defacing, email hacking, hack email id, hack email, hack ones email, email hacking software, email bomber, hacking, hackingsart, virus!!
No comments:
Post a Comment