How to do a DNS Spoof Attack Step by Step | Man in the Middle Attack

Hi All today i am going to show how to do a DNS Spoof Attack


So first of all i am going to show how the network map is





Before start i am going to describe what is What is man in the middle attack.

What is man in the middle attack

A man in the middle (MITM) attack is a general term for when a attacker positions himself in a conversation between a user and an application


Why man in the middle attack ?

To Steal personal information ( login credentials, account details and credit card numbers)


Common Targets

Financial applications
SaaS businesses
e-commerce sites and other websites where logging in is required.


Results


  • Identity Theft
  • Unapproved fund transfers
  • Password change
  • Gain a access to a secured perimeter


Types of MITMA


  • IP spoofing
  • DNS spoofing
  • HTTPS spoofing
  • SSL hijacking
  • Email hijacking
  • Wi-Fi eavesdropping
  • Stealing browser cookies




So now we can Start our Lesson

On Hacker Machine

Kali Linux Latest


On Target Machine Windows 10 Latest



Load config file

/etc/ettecap/etter.conf



edit config file with following

change the “ec_uid” and “ec_gid” values to 0

after that find and uncomment these two lines:
redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"




Save changes


Then Load Ettercap by searching from the application list or execute sudo -E ettercap -G this in terminal





Now you can watch this Video to get a clear idea










දිරියක් වෙන්න අදහස් පෙළක් දාන්න

Post a Comment (0)
Previous Post Next Post