[TUT] DNS REDIRECT ETTERCAP BACKTRACK SCREENSHOT ARP POISON APACHE DRIVEBY

this is useful for infecting people on your own network, or wifi like McDonalds or free wifi spots, you could attach a driveby or anything :D

first bootup backtrack (gnome)
you can get a live cd from here:
http://www.backtrack-linux.org/downloads/

login: root
pass: toor

type

Code:

startx

click applications.
click internet
click wicd network manager



connect to network.

click applicatinos
click accsesorys
click termanal

type:

Code:

sudo bash

Code:

apt-get install ettercap

(press y then enter)

Code:

apt-get install ettercap-gtk

(press y then enter)


click places.
click home folder
click file system
click var
click www



copy and paste your html files into here, make sure you name the index, index.html

close

click applications
click backtrack
click services
click httpd
click apache start

wait for apache window to close

click places.
click home folder
click file system
click usr
click share
click ettercap



open etter.dns



you should format it like this:

Code:

google.com A 192.168.1.6

*.google.com A 192.168.1.6

the google.com being the site you want, the star being any subdomain of the website to spoof and the 192.168.1.6 being your local ip adress, wich you can find by going to termanal and typing

Code:

ifconfig

and looking for wlan0 under inet e.g: addr:192.168.1.6



configure this file as you pleese and save it when finished.

go back to your termanal session and type:

Code:

ettercap --g

a gui should pop up
click sniff
click unified sniffing
choose wlan0 or your network interface
click hosts
click scan for hosts
this scans the network for computers:
click hosts, host list
click the network modem, or router, the gateway
in my case is 192.168.0.1 and add it as target 2
add the people you want to spoof as target 1



click start
click start sniffing
click mitm
click arp poisoning
click ok
click plugins
click manage plugins
double click on dns_spoof

congradulations, you did it :D

Categories: