Are simulated locally , Please do not use it in illegal ways
Xiaobai studies , If there are any errors or suggestions, please put forward
So let's see dns agreement , Of course dns It can also be used as a hidden tunnel ,,, Write it later

DNS The protocol is used to convert domain names to IP Address （ Can also be IP Convert the address to the corresponding domain name address ）

dns hijacked ：

Experimental environment ：

Windows10( Drone aircraft ) 192.168.64.139,kali Linux( attack ) 192.168.64.133

Are all NAT Pattern , Ensure that they are in the same gateway , Be able to communicate , It can be used ping test (windows Default ping The four time ,Linux Default always ping, You can add a parameter -c To specify the ping The number of times )

Get ready ：

The tools used are kali Under the ettercap, Need to be in ettercap.dns Add the following data to the file ( stay /etc/ettercap/ettercap.dns in )：

###################################################
#microsoft sucks
#redirect it to www.linux.org

microsoft.com A 107.170.40.56
*.microsoft.com A 107.170.40.56
www.microsoft.com PTR 107.170.40.56 # wildcards in PTR are not allowed

*A 192.168.64.133

*PTR 192.168.64.133

##################################################

ps： Below * Represents all parsed to the target IP

Start

open ettercap, Choose the network card eth0

hosts Choose from scan for hosts Scan host , then hosts list List the surviving hosts

Take the attack IP Add to target1, Join the gateway target2

choice ARP poisoning… that , Default ,ok, Where to find out for yourself , Different versions and positions

stay plugins choice manage plugins, choice dns_spoof

Then it began to attack

then ping Baidu will find that the analysis is kali Of ip

Little knowledge ： If a website suddenly cannot be accessed, it may be that the operator hijacked your dns, Try modifying it locally hosts file

Usage expansion , Inside net fishing ：

msf Create a Trojan , Let the target resolve to the server you set up , Build a website on the server , Prompt to download and upgrade the browser plug-in , Induced download generated Trojan

service apache2 start // start-up apache The server , Remember to drive 80 port

cp test.exe /var/www/html // Put the Trojan under the page

Limited ability , The page of inducing downloading and upgrading browser plug-ins cannot be written ,,, No code found , Subsequent patch ,,,