Sunday, November 28, 2010

ARP Poisoning - DNS Spoofing

I used ettercap to perform this attack. In theory, it arp poisoning victim machine ( use dynamic map), said victime that " DNS Server has MAC address is xxxxxx". Of course, all DNS request will be going to Attacker Machine. You must distinguish between ARP Poisoning - DNS Spoofing with DNS Poison. Above, DNS Spoofing id a part of ARP Poisoning ( a plugin of ettercap), it perform ARP Posoning, then, Man in the Middle ( Attacker is DNS agent). But, DNS Poisong is we attack DNS Server ( not AiRP Poisonging), it can be DNS Server bug, cache posion, sub-domain poisoning.
Victim is XP SP2, use dynamic MAC to update MAC table, Attacker is Backtrack, use ettercap to poison. You can use cain&abel, similar to do.
Video i made :)
Exe file: http://www.mediafire.com/?xp6cp5217d28kab
Avi file - too big: http://www.mediafire.com/?r6p47gtj8d4n8oo
Youtube:




------------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
All my Lab:
Linux Lab -- window and Cisco Lab
to be continued - I will update more. 

No comments:

Install Xposed Inspector and Frida on Genymotion

Today i had some work with android. So i need trace application. I found 2 nice tool can help me: Xposed Inspector and Frida. To setup ther...