DNS Spoofing whole Network (Wireless)

Following the configuration of Ettercap, dnsspoof, or any other tool it’s time to think of an Attack Vector.

Most attacks give out too many flags, from a security point of view the most specialized ones are also the most worrying ones.

This time we are gonna see how to spoof the whole network’s DNS and redirect specific traffic to our own hosted server.

This server emulates a fake facebook page along with a MySQL database to store all the passwords, and displays a “we are in maintenance” message.

If you would like to try it, all you have to do is connect to MySQL (on Backtrack default password is ‘toor’):

  • mysql -u root -p
  • Enter password: toor
  • create database facebook;
  • USE facebook;
  • create table content(username VARCHAR(64), password VARCHAR(64));

Start apache and run Ettercap, or arpspoof/dnsspoof, whatever you like. 🙂

Here’s the link for the fake Facebook Project: [ DOWNLOAD ]

Check the vid the out!


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s