Samysam Posted October 29, 2010 Share Posted October 29, 2010 So, I remember hearing on a sorta older episode when darrens at mubix's place and they talk about social engineering toolkit and MiTM's and Darren talks about doing a man in the middle with some target machine and when the target requests a site like gmail or something it redirects the target machine to a phishing site, or a site with a java exploit on it to load a meterpreter or something along those lines... Anywho how would someone go about doing this? is this even possible? Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 29, 2010 Share Posted October 29, 2010 You can use dns poisoning to redirect a user from a legit website to a fake one. And then use Metasploit to create a reverse shell. Quote Link to comment Share on other sites More sharing options...
Samysam Posted October 29, 2010 Author Share Posted October 29, 2010 (edited) So, i wouldn't be able to edit a request to a website to a different one (like a locally hosted faked or phishing site) through ARP spoofing? anyhow... DNS poisoning any Hak5 episodes on this? Sounds like what I wanted to perform! Maybe i'd mix it up with the social engineering toolkit's java applet attack :D I'll try it out on my network when i get home Edited October 29, 2010 by Samysam Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 29, 2010 Share Posted October 29, 2010 I can't remember from the top of my head, what episode talks about DNS poisoning. But if you look into Ethercap or Cain and Abel, you should be able to perform the attack. Quote Link to comment Share on other sites More sharing options...
Samysam Posted October 29, 2010 Author Share Posted October 29, 2010 (edited) Worked like a charm! thanks a bunch started up ettercap ran a dns spoof and BAM everyone in my network that requests to go to sayyyyy google.com goes straight to a local test site i setup which could be set as anything, such as a reverse shell :D Edited October 29, 2010 by Samysam Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 30, 2010 Share Posted October 30, 2010 (edited) Worked like a charm! thanks a bunch started up ettercap ran a dns spoof and BAM everyone in my network that requests to go to sayyyyy google.com goes straight to a local test site i setup which could be set as anything, such as a reverse shell :D Glad it worked and glad I could help. Edited October 30, 2010 by Infiltrator Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.