Results 1 to 6 of 6

Thread: DNS Spoofing with Ettercap

  1. #1
    Junior Member
    Join Date
    Feb 2006
    Posts
    47

    Default DNS Spoofing with Ettercap

    DNS Spoofing with Ettercap

    In my previous two videos I showed how to use Ettercap plugins for various pen-testing and security evaluation functions. In this video Iíll show how to use the Ettercap plugin dns_spoof to set up DNS spoofing on the local area network. This Ettercap plugin is only one potential way to pull off DNS spoofing, and only works if the attacker is on the same subnet. Malicious people could use this technique as part of a Pharming scheme, and itís also useful to pen-testers for testing various attacks.

  2. #2
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Nice video Irongeek ...always good to see the intuitive vids you make on pentesting

    By the way, for those that watched the video, he touches upon the fact that Firefox caches DNS; for those that want to disable this, do as follows:


    • Goto about:config in the address bar.
    • Right click on the list of properties, select new > integer in the context menu
    • Enter network.dnsCacheExpiration as the preference name and 0 as the integer value
    • Add another integer preference, this time use network.dnsCacheEntries as the preference name and again 0 as the value
    dd if=/dev/swc666 of=/dev/wyze

  3. #3
    Junior Member
    Join Date
    Feb 2006
    Posts
    47

    Default

    Thanks, I did not know there was a setting to disable the DNS cache in Firefox. I've got another video in the works on DEP, but since it does not have to do with Backtrack I guess I won't be posting it here.

  4. #4
    Junior Member drwalter's Avatar
    Join Date
    Mar 2008
    Posts
    88

    Default

    Great Job on the video Irongeek

    just a small sidenote... you mentioned in the default configuration for etter.dns doesn't work for redirecting microsoft to linux online. It actually still does redirect there if you test it out... at least it did a few days ago when I last checked.
    ================================================== ===
    Dr. Walter - Depraved linguist, Benevolent troublemaker extraordinaire
    ================================================== ===

  5. #5
    Junior Member
    Join Date
    Feb 2006
    Posts
    47

    Default

    Weird, I tested it out a few days ago too and it failed. Maybe it was down when I did my test? Or maybe I just screwed it up.

  6. #6
    Junior Member drwalter's Avatar
    Join Date
    Mar 2008
    Posts
    88

    Default

    Yea I don't know... double-checked today and it still worked... anyway I'm looking forward to your DEP video. Even if you don't think it's BT specific it has a place in the General IT discussion category
    ================================================== ===
    Dr. Walter - Depraved linguist, Benevolent troublemaker extraordinaire
    ================================================== ===

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •