anao00

Change the DNS > User gets redirected to my website even though the URL is the same, but there is no https, only http > There is a warning saying that they browser or whatever is outdated and it asks for the user to download the update and install it > Undetectable payload is then installed. How could someone possibly defend themselves against this unless they know about MITM and the importance of HTTPS and checking the URL? I've been trying my luck with python. Lets say I own a DNS server and a lot of other servers. The user goes through the DNS and then gets redirected to my website. The website detects the original url that was intended, clones the desired page and poison the data with what I want, and then delivers it to the user. The problem with set is that it wasn't intended to be used for cloning and adding extra stuff. They made so you could easily grab credentials by capturing POSTs. A little bit of code tweak would be required. But its not very practical since the website would take too long to load, long enough that user could google about his connection being slow and then finding an article telling him to change his DNS. More fragile than DNS only basically every router that there is out there. That is very concerning. It was possible not a long time ago to have a domain like amazon.com being fed to the user using https and a valid certificate, but the way you'd achieve that was through buying a domain that looked like amazon.com, but actually the "a" from amazon was the a from the Cyrillic alphabet or something. Some guy even coded a script for that. Now, every updated browser will display a url that would look like "xn----14811mazon.com" after the user clicked the link, so its not very practical. But I noticed that most people don't even know what https is, and those who do know, they wouldn't question or try to figure out what is wrong if they accessed google and the browser didn't display a green padlock. They typed google.com and it worked, that's what they care about.

Do I need to be locally present, close to the target? If I set up rails in the middle on a webserver that is also running a DNS server and them make, somehow, the user use that DNS instead of the ISP's, could I temper a request from www.amazon.com and add something to the index.html page? How could I possibly protect myself from that besides regularly checking my DNS to see if its the correct one? I want to test that thing. I spent almost 2 days thinking about this and trying to figure out ways to make it work, and then how to make it not work on my machines. Haha.

Nice, the forum doesn't allow the OP to edit his own thread. What I wanted to do was to have the user type in a website domain and get the contents of that website altered so I could add some code to it, and I wanted to do that only by changing his DNS servers. I don't know how practical that is, I just wanted to know if its possible, and how.

Let's say I've managed to change my target's DNS How could I inject a payload (from a RAT) directly into the webpage of my victim? I don't want them to get redirected to a fake website, I just want to inject them with malicious code.