$type=carousel$cols=3$hide=post

$hide=post-mobile

DNS Hacking/Hijacking Tutorial

This is an introduction to DNS poisoning which also includes an example of quite a nifty application of it using the IP Experiment. It’s pu...


43477664rk1.gif (177×77)This is an introduction to DNS poisoning which also includes an example of quite a nifty application of it using the IP Experiment. It’s purely educational, so I’m not responsible for how you use the information in it.
To start, you’ll need
• A computer running Linux (Ubuntu in my case)
• A basic understanding of how the Domain Name System (DNS) works.
Note that this is a more advanced topic; don’t try this if you don’t know what you’re doing.

Why DNS?

The DNS provides a way for computers to translate the domain names we see to the physical IPs they represent. When you load a webpage, your browser will ask its DNS server for the IP of the host you requested, and the server will respond. Your browser will then request the webpage from the server with the IP address that the DNS server supplied.
If we can find a way to tell the client the wrong IP address, and give them the IP of a malicious server instead, we can do some damage.

Malicious DNS Server

So if we want to send clients to a malicious web server, first we need to tell them its IP, and so we need to set up a malicious DNS server.
The server I’ve selected is dnsmasq – its lightweight and the only one that works for this purpose (that I’ve found)
To install dnsmasq on Ubuntu, run sudo apt-get install dnsmasq, or on other distributions of Linux, use the appropriate package manager.


Once you’ve installed it you can go and edit the configuration file (/etc/dnsmasq.conf)


sudo gedit /etc/dnsmasq.conf


The values in there should be sufficient for most purposes. What we want to do is hard-code some IPs for certain servers we want to spoof


The format for this is address=/HOST/IP


So for example;


address=/facebook.com/63.63.63.63


where 63.63.63.63 is the IP of your malicious web server


Save the file and restart dnsmasq by running


sudo /etc/init.d/dnsmasq restart


You now have a DNS server running which will redirect requests for facebook.com to 63.63.63.63


Malicious Web Server


You probably already have a web server installed. If not, install apache. This is pretty basic, so I won’t cover it here.


There are a couple of things you can do with the web server. It will be getting all the traffic intended for the orignal website, so the most likely cause of action would be to set up some sort of phishing site


I’ll presume you know how to do that though


Another alternative is to set up some sort of transparent proxy which logs all activity. I might come back to this in the future.

I Can Be Your DNS Server Plz?

An alternative is to, instead of a spoof webserver, set up a Metasploit browser_autopwn module . You can have lots of fun with that


But how do you get a victim? Well this is where my project, the IP Experiment could come in handy


If you don’t know, the IP Experiment basically harvests people’s IPs through websites such as forums and scans them for open ports. A surprising number of these IPs have port 80 open and more often that not, that leads straight to a router configuration mini-site. ‘Admin’ and ‘password’ will get you far in life; its fairly easy to login and change the DNS settings.

COMMENTS

Name

0day,4,404,1,Account,1,Acunetix,1,Adobe,1,Android,12,anonymity,3,Antivirus,5,Apk,2,App Store,1,audio,1,backdoor,1,Backtrack Tutorials,5,Binders,1,Blogger,9,blogger templates,1,blogging,1,Booters,1,Breach,1,Brute Force Cracking,4,business,1,c99,1,Cain and Abel Tool,3,Candy Crush Soda Saga,1,CEO,1,clone,5,Command Prompt Hacks,2,computer,1,Computer Tricks,5,cookie,1,Cookie Stealing,2,cookies,1,Corrupt,1,Cpanel Cracking,1,Cpanels,1,cracked apk,1,Cracked PC Game Latest,1,cracking,9,Create Virus,2,Cross site Scripting,3,Crypter,1,Cryptography,1,Cyber News,9,Cyber War,1,darknet,1,Data,1,Database Hacking,4,DDOS,1,DDoS Attack Pack,1,deepweb,2,deface,4,Dictionary Attacks,2,DNN,1,DNS Hacking/Hijacking,2,Domain,3,Dorks,2,Dos/DDos,3,Doxing,2,Drupal,1,Election Commission,1,Email Hacking,14,EVM Hacking,1,Exploits,12,Extratorrents,1,Facebook,31,Facebook Hacks,29,Fake Call,2,Features,1,free,1,Free Minutes,3,Free Recharge,6,Free Softwares,20,Freeze,1,FreeZone,9,Games,7,Gmail Hacks,15,Gold,1,Google Chrome Tricks,4,google dorks,2,Google Play Store,1,Google Tricks,8,Grand Theft Auto 5 {G.T.A V },1,hack cctv camera,1,Hacking,37,hacking Tools,21,Hacking Tricks,28,Hash Codes Cracking,5,Hash Types,1,havij,1,hotmail,2,how to,12,HTML Injection,1,images,1,Information Security,1,Information Security Event,1,Information Security Summit,1,internet,2,internet hacks,33,Internet security,1,ip hacking,1,javascript,2,Joomla,2,kali,2,Keyloggers,11,Kickass Torrents,1,Latest,1,LinkedIn,1,linux,1,Lucky Patcher,1,lucky patcher cracked,1,lucky patcher cracked latest,1,MAC,1,Make Money,6,Malware Protection,2,MD5 Cracking,1,messages,1,Messenger,1,Metaspolit,3,MMS,1,Mobile Tricks,22,Modded APK,3,Modded quickly,1,Netbios Hacking,1,network security,10,News,3,Notepad Tricks,2,operating system,2,OphCrack,1,OurMine,1,password Crack,7,PC,1,pentesting,5,pentesting tools,2,Phishing,1,Phising,1,Prank calls,1,RAT,4,RAT's,1,receive,1,redirect,1,remote hacking,3,Rockstar,1,Scanner,2,Security,3,security tips,10,send,1,SEO,3,Sharecash,1,Shell,5,Shell Upload,3,Sms,1,SMS Bomber,1,Social Engineering,2,Spoofing,1,SQL,13,SQL Hacks,10,SQL Injection,2,Stealers,1,Tech News,8,template,5,text,1,tips,1,Torrents,2,tricks,10,twitter,1,video,1,Virusses,1,VLC Media Player Tricks,4,Vulnerability,23,Web Application Vulnerability,17,Webcam (Cam),1,website hack,42,WhatsApp,1,WHMCS Hacking,1,Windows Hacks,16,Wordpress,1,XSS,6,yahoo,3,
ltr
item
The Hackers Store: DNS Hacking/Hijacking Tutorial
DNS Hacking/Hijacking Tutorial
http://a3.twimg.com/profile_background_images/267941728/43477664rk1.gif
The Hackers Store
http://www.thehackerstore.net/2012/07/dns-hackinghijacking-tutorial.html
http://www.thehackerstore.net/
http://www.thehackerstore.net/
http://www.thehackerstore.net/2012/07/dns-hackinghijacking-tutorial.html
true
5606695727162515522
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS CONTENT IS PREMIUM Please share to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy