**::DNS POISONING TUTORIAL::**
INTRODUCTION:
What is DNS Poisoning ?
DNS (Domain name service or system) is also called Cache Poisoning in Domain Name and Corrupt the Internet
Server or Provider. Basically an attacker will Inject any other IP
address of website in DNS and Replace it with different IP and Web
Server Domain name, so simply the domain and IP will create a loop holes
and redirect user to the IP address with the Domain name.
As we know , Now Days Many Hackers Hacking Domain's via DNS Poisoning !
Before Today you Guyz Only read About DNS Poisoning Attack ! Means only theory :(
So, I am going to Show You Actually What Happen in DNS Poisoning!
A TYPICAL DNS QUERY:
The Computer responds to our question like that.
The DNS is not secure.
‣ A computer sends a “question” to a DNS server, asking a
question like “What is the IP address for site.org?”
‣ The computer gets an answer, and if the answer appears to
match the question it asked, completely trusts that it is
correct.
‣ There are multiple ways that traffic on the Internet can be
intercepted and rerouted, or impersonated, so that the
answer given is false.
question like “What is the IP address for site.org?”
‣ The computer gets an answer, and if the answer appears to
match the question it asked, completely trusts that it is
correct.
‣ There are multiple ways that traffic on the Internet can be
intercepted and rerouted, or impersonated, so that the
answer given is false.
WHAT AN ATTACKER DO?
An Attacker can do following attacks using DNS Poisoning.
*System and Server Hijack
*Phishing
*Force downloading
*Complete Change Webpage and URL
*URL Poisoning
*Spreading botnets and malwares etc.
*Deface website
All-right, So here I'll show you tutorial on Windows
OS. How can an attacker Poison your System and perform many types of
Hacking. Listen, I'll teach you this attack on your system so you can
understand, I won't give you DNS Changer malware
it's very risky to give away DNS Changer malware. So if you want to
learn this attack you've to make your own System as Target. First of
all, I'll teach this attack to Windows users to understand and be
definite to perform this attack.
--------------------------------------------------------------------------------------------------------------------------
DNS Poisoning - Windows OS
--------------------------------------------------------------------------------------------------------------------------
It's very easy to DNS Poison windows user but it's
really very hard to perform same thing without DNS Changer malware, Okay
let's start but before starting we will learn little bit about "Hosts"
file.
# Hosts File : The Hosts file is the computer file used
in an Operating system to map hostnames to IP addresses and to locate
IP to Web server Domain Name. Whenever any users type www.google.com in
address bar and hit Enter then the foremast duty of browser is to scan
hosts file & then proceeds.
So, I hope by looking at above picture you can
understand how web browsers works, I've one request to look once again
on Step 3 and 5 ... Got it ?? well lemme explain in step 3 the browser
was searching for Google.com and in Step 5 it is searching for domain
name IP. : What if an attacker changes Domain name IP with different IP
of any other bogus website then browser will confuse and redirect any
normal user to Different website with different Domain name, that's what
we call DNS Poisoning attack.
Okay, let's do it manually on your own system :
Note : This tutorial is performed manually, and if you
want to poison your victim's DNS then you'll need DNS Changing malware
that I can't give away link. (It's very risky we've to keep records)
Manually DNS Poisoning tutorial
All-right you might know that, we've to modify hosts file to Poison victim's computer DNS.
Click on Start Button , type "Notepad" right click on it and "Run as administrator"
A Blank Notepad program pop-ups, Now click on "File"
> "Open" and Locate to hosts file >
C:\Windows\System32\drivers\etc Click on "All files" and you'll see 4
files in that folder.
Now, Choose "hosts" file and open it.
After all we have to modify this file. Go to bottom of the page and Hit enter to get new Line.
Now, How to Modify Hosts file, Just add two lines at the end like this:-
After writing that two lines Save it.
So, Now let's understand meaning of that two lines:
Advance Explanation
31.12.80.1 is the IP of facebook with the domain name
of Google.com. Just try to understand the statement meaning. Here, we
entered the IP of Website for Eg. 31.12.80.1 of facebook and we wrote
domain as Google.com, Now....! whenever you'll search for google.com in
your browser it will redirect you to IP of Facebook that means if any
normal user will search for google.com he'll directly redirect to
facebook.com without any knowledge. You can also change the IP and
Domain, Suppose.
If you want to Poison your victims Computer DNS that
redirects him from yahoo.com to any bogus website or Phishing website,
then Ping yahoo.com get it's IP and Write it in Hosts file and replace
domain name with your own Phishing page.
THANKS FOR READING
STAY CONNECTED.
THANKS FOR READING
STAY CONNECTED.
If you ever want to change or up your university grades contact cybergolden hacker he'll get it done and show a proof of work done before payment. He's efficient, reliable and affordable. He can also perform all sorts of hacks including text, whatsapp, password decrypt,hack any mobile phone, Escape Bancruptcy, Delete Criminal Records and the rest
ReplyDeleteEmail: cybergoldenhacker at gmail dot com