Jump to content

Faking Certain Webpages As Mitm


bmccutch
 Share

Recommended Posts

Hello, I am pretty new with man in the middle attacks but i know how to use arpspoof and stripssl to capture passwords. I was wondering if it was possible to use this to "fake" certain webpages like redirecting them to another page?

thanks

Link to comment
Share on other sites

I looked into dnspoof and did not have much luck getting it to work but i did not have much time to test it out, and i am also getting a wifi pineapple in a few days i was wondering if this was already covered somewhere else?

Link to comment
Share on other sites

  • 1 month later...

Hello, I am pretty new with man in the middle attacks but i know how to use arpspoof and stripssl to capture passwords. I was wondering if it was possible to use this to "fake" certain webpages like redirecting them to another page?

thanks

You can use Cain and Able to redirect victims to other websites, or a fake website if you will.

Link to comment
Share on other sites

  • 5 months later...

You can use Cain and Able to redirect victims to other websites, or a fake website if you will.

This has interested me greatly!

I suppose I would say I'm new to 'hacking' but in all truth I have been playing around with things like cain and abel and SET for about a year with varied results ;)

When using SET I've found the most difficult thing to do is push my credential harvester to the target pc; I've had to hit up my IP in their browser when they're not looking etc.

How would I use cain and abel (or any other alternate method) to redirect victims to my IP?

Cheers,

Tombo

Link to comment
Share on other sites

There's a lot of ways to do that.

The victims router could be compromised by relying on a phony DNS server (that you'd create) that would redirect to whatever IP you want for whatever purpose.

DNS could be spoofed MITM style on/outside of LAN.

ISP/LAN DNS cache could be poisoned.

The victims hosts file could be compromised.

A browser could be infected.

Probably many other ways too.

Link to comment
Share on other sites

This has interested me greatly!

I suppose I would say I'm new to 'hacking' but in all truth I have been playing around with things like cain and abel and SET for about a year with varied results ;)

When using SET I've found the most difficult thing to do is push my credential harvester to the target pc; I've had to hit up my IP in their browser when they're not looking etc.

How would I use cain and abel (or any other alternate method) to redirect victims to my IP?

Cheers,

Tombo

Edited by Infiltrator
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...