Jump to content

Search the Community

Showing results for tags 'internal resources'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

Found 1 result

  1. Hello everyone, Today I have been playing with the SpoofDNS feature of the Packet Squirrel (payload 2). I noticed the following: > Redirection of spoofed URL works fine > Internet works fine > Internal resources by DNS name are not accessible (but can be pinged) This almost never causes problems on a private PC but might cause problems on a company network. The user is able to access the internet but can no longer access internal websites. For example, we host a ticket system on the network (tickets.company.nl) which, for example, was no longer accessible. All other internet DNS queries where resolved ok. SpoofDNS is standard on NAT network mode. This is fine. The client thus receives an IP address from the Packet Squirrel. The client first performs a DNS lookup at the Packet Squirrel and the Packet Squirrel routes it to the Spoofed IP if the requested DNS name is on the spoof list. If the name does not appear on the spoof list, I assume that the Packet Squirrel routes the client traffic through the company's DNS server. But I do not think that is the case because the internal resources are no longer available. Which DNS server does the Packet Squirrel use? And is there a fix so that internal resources can be reached. I have already tried to change the network mode to BRIDGE. Then internal resources can be reached again but logically the spoofing does not work because the client make the DNS request at the company DNS server and not at the Packet Squirrel anymore. I am very curious how this works. Hopefully you can help me? Thank you! Sincerely, Jarno
×
×
  • Create New...