Spoof the DNS of a target machine by using Ettercap

-

 Requirements:-

OS – Linux

Target – Windows

Machine – Virtual Box

Tools – Ettercap

How DNS poisoning works?

- User searches ‘abc.com’ in browser. When your browser goes out to the internet, it

starts by asking a local DNS server to find the address for a name. The local DNS

server will ask the root servers that own that domain.

 

- When a malicious actor intrudes in the process, and supplies false or fraudulent output,

then it is DNS poisoning. These types of man-in-the-middle attacks are often called

DNS spoofing attacks.

 

- By this process attacker will able to redirect request of victim to malicious website.


Procedure:

1. Open the kali linux , open terminal and type "nano /etc/ttercap/etter.conf" scroll down and find linux and in this remove both #. save the file by pressing 'Ctrl+X' and 'y'


2. Then type “nano /etc/ttercap/etter.dns” in the terminal. In this file add domain which you want to redirect. Enter your IP address. If victim opens flipkart.com, he will be redirected to spoofed page.


3. Start the Apache by using “service apache2 start” in the terminal.

4. Open Ettercap UI by using “ttercap -G” command in the terminal. Then stop the unified sniffing. 

5. Then scan for hosts by navigating Hosts > Scan for Hosts


6. Check the host list to show all scanned hosts.


7.   Find the default gateway IP by using ipconfig in cmd. Set gateway IP as target 2 and victim’s IP as target 1. 


8. Now go to MITM tab and select ARP poisoning choose Sniff remote connections and press 




9.    Now navigate to Plugins > Manage the plugins and double click on dns spoof to activate that plugin. 



10.    In ettercap select Start sniffing, the attack has started. Now every time when the victim enters flipkart.com, he will be redirected to spoofed webpage. 




Request of www.flipkart.com from the IP address 192.168.1.3 was redirected to the malicious webpage by DNS Spoofing using Ettercap tool. 

Comments

Post a Comment

Popular posts from this blog

How to Installing and setup GoPhish on Kali Linux

-
Image
  How to Installing and setup GoPhish on Kali Linux Gophish is an open-source phishing toolkit designed for security professionals to conduct penetration tests and awareness training. Developed with user-friendliness in mind, Gophish allows users to easily create, launch, and manage phishing simulation campaigns. It provides a web-based interface where users can design customizable email templates, landing pages, and email lists. Gophish’s real-time reporting and analytics capabilities enable detailed tracking of campaign metrics such as email open rates, link clicks, and submitted credentials, helping organizations assess their vulnerability to phishing attacks. Its flexibility and ease of integration make it a valuable tool for enhancing cybersecurity awareness and testing organizational defenses against social engineering threats. The tool supports various deployment environments, ensuring adaptability to different IT infrastructures. Gophish's comprehensive features make it...
Read more

Malware analysis tools

-
Image
  Best malware analysis tools and their features. Malware has become a huge threat to organizations across the globe. Something as simple as opening an email attachment can end up costing a company millions of dollars if the appropriate controls are not in place. Thankfully, there are a plethora of malware analysis tools to help curb these cyber threats. When responding to a security incident involving malware, a digital forensics or research team will typically gather and analyze a sample to better understand its capabilities and guide their investigation. There are a number of tools that can help security analysts reverse engineer malware samples. The good news is that a few malware analysis tools are completely free and open source.  1.peStudio This is an excellent tool for conducting an initial triage of a malware sample and allows me to quickly pull out any suspicious artifacts. Once a binary has been loaded it will quickly provide the user with hashes of the ma...
Read more

Search engines for cybersecurity research ( part -1 )

-
Image
  In the ever-evolving landscape of cybersecurity, staying ahead of emerging threats and vulnerabilities is crucial. Information security professionals, researchers, and enthusiasts constantly seek the latest insights, tools, and resources to fortify digital defenses. One invaluable weapon in this ongoing battle is the vast realm of search engines tailored specifically for cybersecurity research.   Cybersecurity research has grown into a multidisciplinary field, encompassing everything from threat intelligence and vulnerability analysis to incident response and ethical hacking. To navigate this intricate terrain effectively, researchers rely on specialized search engines that go beyond the surface-level results of conventional search queries. These dedicated tools are engineered to unearth the hidden gems within the vast sea of digital information, making them indispensable for anyone committed to securing the digital realm.   This blog aims to shed light on the d...
Read more