Menu Close

How to do a DNS Spoof Attack Step by Step | Man in the Middle Attack

Hi All today i am going to show how to do a DNS Spoof Attack

So first of all i am going to show how the network map is

Before start i am going to describe what is What is man in the middle attack.

What is man in the middle attack

A man in the middle (MITM) attack is a general term for when a attacker positions himself in a conversation between a user and an application

Why man in the middle attack ?

To Steal personal information ( login credentials, account details and credit card numbers)

Common Targets

Financial applications
SaaS businesses
e-commerce sites and other websites where logging in is required.

Results

  • Identity Theft
  • Unapproved fund transfers
  • Password change
  • Gain a access to a secured perimeter

Types of MITMA

  • IP spoofing
  • DNS spoofing
  • HTTPS spoofing
  • SSL hijacking
  • Email hijacking
  • Wi-Fi eavesdropping
  • Stealing browser cookies

So now we can Start our Lesson

On Hacker Machine

Kali Linux Latest

On Target Machine Windows 10 Latest

Load config file

/etc/ettecap/etter.conf

edit config file with following

change the “ec_uid” and “ec_gid” values to 0

after that find and uncomment these two lines:
redir_command_on = “iptables -t nat -A PREROUTING -i %iface -p tcp –dport %port -j REDIRECT –to-port %rport”
redir_command_off = “iptables -t nat -D PREROUTING -i %iface -p tcp –dport %port -j REDIRECT –to-port %rport”

Save changes

Then Load Ettercap by searching from the application list or execute sudo -E ettercap -G this in terminal

Now you can watch this Video to get a clear idea

%d bloggers like this: