Saturday, 26 August 2017

[DNS Spoofing Attack] What is DNS Spoofing And How to DNS spoof with KaliLinux?

Hello guys once again welcome here in this advance hacking blog. I'm going to teach you full detailed guide on DNS Spoofing and How to DNS Spoof with KaliLinux . So friends know first what is DNS?

DNS Spoofing@mytechworld.com


What is DNS(Domain Name System)?

A Domain Name System server translate a human readable domain name (like as XYZ.com) into a numerical IP address that is used to route communications between nodes.
Friends, the website that we open in our browser, the system does not understand the names of those websites, it understands the Ip address. Every website has its own 1 unique IP address. The main work of the dns system is Translator, it is not necessary that you can open the website only by its name, you can also open the website through ip address.  As you all know that it is very difficult to remember the ip of all the websites, The main reason of creating the domain name system was this.

DNS spoofing is a part of computer hacking. A domain name is diverted to an incorrect IP address via DNS spoofing. A domain name is diverted to an incorrect IP address via DNS spoofing. Because of this, traffic of victim system is diverted to the attacker system.
So let's see how the DNS spoof attack ?

MOST READ:


How to DNS Spoof with KaliLinux (Step by Step Follow me)

There are many tools to attack DNS spoofing but I will use the Ettercap tool here which is by default in Kali linux. Ettercap is a very easy and popular tool.

Step1; Before using this tool some configuration settings have to be done, first of all you have to open the terminal window in the Kali linux machine.

Step2; Type the following command in your terminal window and press enter.
Command:
leafpad /etc/ettercap/etter.conf

Step3; Now  will open a leafpad window, scroll down there and setup ip table in linux portion. Screenshots are given below

DNS Spoofing@myteachworld.com


Step4; Activate the both commands that are below the ip table. To activate the command  remove the # symbol and save the file.

Step5; You are doing this attack on the local network, check your local IP and copy it.

Note- Type the ifconfig command to check ip of your local network. 
Step6; Now again type the following command in your terminal window and press enter.
Command:
leafpad /etc/ettercap/etter.dns

Step7; Now  will be again open a leafpad window, scroll down there and Here you have to set the target, you will be seeing Microsoft.com, you can change it, I did xyz.com, now as the Victim will open xyz.com, then here victim will redirect to whatever ip is located.
 Screenshots are given below

DNS Spoofing@myteachworld.com


Step8; Now save the file and close it.

Step9; Now you type the following command in your terminal window and press enter.
Command:
ettercap –G

You will now see that the ettercap in front of you is open in GUI mode.

Step10; Now Click “Sniff->Unified Sniffing, It will list the available network interface as shown below.

DNS Spoofing@myteachworld.com


Step11;  And you have chose the interface the following window will open .

DNS Spoofing@myteachworld.com


Step12; Now the next step is add  the target  for performing the ARP poisoning.

Step13; Now  Click on“Hosts >Scan for Host”, and you will see start to scan the hosts present in the network.

Step14; Now among the list, select “192.168.1.44” and click “Add to Target 1” and select “192.168.1.10” and click on “Add to Target 2”

Step15; Now select “Mitm >Arp Poisoning”, dialog box will open and Select “Sniff Remote Connection” and click on “ok”. Then click “Start->Start Sniffing.

Step16; Next step is Click on “Plugins >Manage Plugins” and Select the “dns_spoof” plugin and double click to activate it.

Step17; You can see that it returns a local machine’s IP address which we have given in the configuration.

Step18; ARP Poisoning and DNS Spoofing. Once everything is done, remember to stop MITM attack, you goto the Mitm tab and click on “Stop mitm attack”

So friends this is the end of the article ,if you like this post please share it your friends.If you face some problem in any steps please drop your email by going to contact us section of this site. thank you




No comments:

Post a Comment