|
(HELP) dnsspoof with Dsniff
i am really impressed about what comax, torpedo and saturn did to our community by contributing the wondeful application YAMAS.
previouslt i knew nothing about MITM attack and how to run YAMAS. thanks to torpedo for the videos which helped me alot. i am new to linux OS and still learning. i learned few things about yamas and what dsniff package contains. i am really eager to learn about dnsspoof which job is to redirect websites or to prevent hosts to view certain website ( as far as i understood ). i run an office of my own and due to security reasons i want to use the dnsspoof package. i am hereby familiar to many linux boss in this forum like karam, saturn, comax, freemandragon, saturn and many more. i opened a new thread so that people like me could learn and then teach someone else who is a newbie. please anyone help me to run dsnspoof with yamas using dsniff. all i kno is that i need to find the ip address of the website with ns lookup. and edit the dnsspoof.conf file. but where to put the file? how to start dnsspoof. please help me anyone?? |
Re: (HELP) dnsspoof with Dsniff
can anyone please help me before this thread dies. please
|
Re: (HELP) dnsspoof with Dsniff
can anyone please help me to dnsspoof. i tried evry possible way. i edited the usr/share/ettercap/etter.dns
but before that i ran yamas with ettercap so that it ipforwards and to run ettercap. and ran the dnsspoof with the command : " ettercap -T -q -M arp:remote -P dns_spoof // " i got activating dns plugin. but website doesnot redirect. i found the ip with the command for ex: nslookup www.google.com. can anyone please help me. i am trying my level best. maybe my editing isnt rite but i cant figure out were i went wrng. |
Re: (HELP) dnsspoof with Dsniff
take a look at yamas' source, there is DNS spoofing. It should help you understand.
http://comax.fr/yamas.php http://pastebin.com/7TGfjJuy If even with the link you provided, and the search you appear to have done, you still can't figure it out, then maybe yuou should try and learn the basics before trying this kind of attack. |
Re: (HELP) dnsspoof with Dsniff
Quote:
1) found the ip address of the website with nslookup www.google.com. and entered the ip in the /usr/share/ettercap/etter.dns. (below where its written microsoft.com) : i followed few youtube videos. 2) opened yamas with yamas-e since i dont kno how to run ettercap seperately. i guess thats okay. 3) then i typed in another xterm window. - ettercap -T -q -M arp:remote -P dns_spoof. i got activating dnsspoof plugin. thats it. but the redirecting dint happen. i thing i messed it up in editing the /usr/share/ettercap/etter.dns file. so a step by step guide would be helpful if there is no problem. :). thnx in advance |
Re: (HELP) dnsspoof with Dsniff
ettercap -T -q -P dns_spoof. would be enough in a different xterm.
Dns spoofing - be it with ettercap or DNSspoof - is a very messy thing. You don't want to use that for blocking sites in an office... And with a telephone ?! I'd help you with DNS spoofing, but it seems it's really not what you're looking for. Again, there is DNS spoofing in Yamas, so even without the code you should be able to comprehend how it works. I made this script for people to learn and get things easily. Did you run it or just watched the video ? |
Re: (HELP) dnsspoof with Dsniff
@Mohammed
few things to clear other things for you : 1- dnsspoof or ettercap dns spoof plugin cannot redirect a website to another ex : google.com to talk.maemo.org it doesn't work like this 2-it can redirect to a local ip ex : talk.maemo.org to 192.168.1.55 (a random selected ip addres or your IP) so if you want to block others in your office from accessing a website you will need to redirect them to an empty local ip or to your ip for some needs like (activating apache2 server and put an index.html than says : this site is blocked or so) or (the one i love) activate a metsploit browser exploit and redirect them to your local ip and they get hacked 3- you cannot do any of this if you are using cable (mostly all offices do so) to arp spoof someone: You and he MUST be using wireless as for the way using them: http://google.com hope this helps |
Re: (HELP) dnsspoof with Dsniff
@Karam I think you're wrong...
1) It can. But the IP must be a website. So for instance, mutualised-hosted site won't work. In layman's term : you can redirect to Google.com, but not to comax.fr... 2) just redirect to 127.0.0.1 to block a website (any IP would do of course as long as there is no server running on port 80...) but this is the way it's mostly done. About metasploit, yes but I don't think he's here yet... 3) Wut ?! Of course you can do it however you are connected... ARP is independant from the type of packets used. It's *Adress Resolution* Protocol so... It resolves adresses whatever the source. Now, if you are saying this in regard to the use of the cell phone, you might be right since I don't have the phone and don't know how it works when plugged. If you were talking in general terms, then I suggest you read OSI model to have a better understanding of how the network works : http://en.wikipedia.org/wiki/OSI_model |
Re: (HELP) dnsspoof with Dsniff
as i said earlier sir i kno little about linux. yamas includes dsniff and dsniff has many sniffing files like filesnarf, urlsnarf, dnsspoof etc. i kno how to use yamas and what each filesnarff and urlsnarf does.. i got really surprised by seeing what yamas could do. i want to do the following like someone will type www.facebook.com and will automatically redirect to www.google.com bt the name on address bar will be facebook.com. i saw it on a video in youtube.also is it possible to kill other people who are sharing the wifi to get the full bandwith.its possible in android by wifikill application. hope to get support.
:D |
| All times are GMT. The time now is 05:19. |
vBulletin® Version 3.8.8