What is DNS(Domain Name System)?
A Domain Name System server translate a human readable domain name (like as XYZ.com) into a numerical IP address that is used to route communications between nodes.
Friends, the website that we open in our browser, the system does not understand the names of those websites, it understands the Ip address. Every website has its own 1 unique IP address. The main work of the dns system is Translator, it is not necessary that you can open the website only by its name, you can also open the website through ip address. As you all know that it is very difficult to remember the ip of all the websites, The main reason of creating the domain name system was this.
DNS spoofing is a part of computer hacking. A domain name is diverted to an incorrect IP address via DNS spoofing. A domain name is diverted to an incorrect IP address via DNS spoofing. Because of this, traffic of victim system is diverted to the attacker system.
So let’s see how the DNS spoof attack ?
MOST READ:
- How To Secure The Website By Finding The Website’s Vulnerabilities Using Kali Linux?
- How To Generate Payload – Backdoor Using Ezsploit Tool And How To Hack Android Device Using Ezsploit Tool?
- How To Install Kali Linux On USB Or Pendrive?
- How To Install KaliLinux In Android Phone Manully
How to DNS Spoof with KaliLinux (Step by Step Follow me)
There are many tools to attack DNS spoofing but I will use the Ettercap tool here which is by default in Kali linux. Ettercap is a very easy and popular tool.
Step1; Before using this tool some configuration settings have to be done, first of all you have to open the terminal window in the Kali linux machine.
Step2; Type the following command in your terminal window and press enter.
Command:
leafpad /etc/ettercap/etter.conf
Step3; Now will open a leafpad window, scroll down there and setup ip table in linux portion. Screenshots are given below
Step4; Activate the both commands that are below the ip table. To activate the command remove the # symbol and save the file.
Step5; You are doing this attack on the local network, check your local IP and copy it.
Note- Type the ifconfig command to check ip of your local network.
Step6; Now again type the following command in your terminal window and press enter.
Command:
leafpad /etc/ettercap/etter.dns
Step7; Now will be again open a leafpad window, scroll down there and Here you have to set the target, you will be seeing Microsoft.com, you can change it, I did xyz.com, now as the Victim will open xyz.com, then here victim will redirect to whatever ip is located.
Screenshots are given below
Step8; Now save the file and close it.
Step9; Now you type the following command in your terminal window and press enter.
Command:
ettercap –G
You will now see that the ettercap in front of you is open in GUI mode.
Step10; Now Click “Sniff->Unified Sniffing, It will list the available network interface as shown below.
Step11; And you have chose the interface the following window will open .
Step12; Now the next step is add the target for performing the ARP poisoning.
Step13; Now Click on“Hosts >Scan for Host”, and you will see start to scan the hosts present in the network.
Step14; Now among the list, select “192.168.1.44” and click “Add to Target 1” and select “192.168.1.10” and click on “Add to Target 2”
Step15; Now select “Mitm >Arp Poisoning”, dialog box will open and Select “Sniff Remote Connection” and click on “ok”. Then click “Start->Start Sniffing.
Step16; Next step is Click on “Plugins >Manage Plugins” and Select the “dns_spoof” plugin and double click to activate it.
Step17; You can see that it returns a local machine’s IP address which we have given in the configuration.
Step18; ARP Poisoning and DNS Spoofing. Once everything is done, remember to stop MITM attack, you goto the Mitm tab and click on “Stop mitm attack”
So friends this is the end of the article ,if you like this post please share it your friends.If you face some problem in any steps please drop your email by going to contact us section of this site. thank you