TT1TTONE Posted October 15, 2011 Share Posted October 15, 2011 Firstly; I want to mention that I'm new to the forums even though that I've followed the Hak5 show for a very long time, however - hi, everyone! :) Now, I've got some questions that I think you guys might be able to help me out with; I've been thinking for some time about doing a prank on my friends sometime when we are together at a LAN-party or so, by doing a DNS-spoof with Ettercap redirecting them to a clone of a regularly visited social site (Face...) which will have the look as if it had got hacked (or rather defaced). I've never used Ettercap before but I've seen a lot of tutorials on Youtube but unfortunately I've not been able to find its manual nor its official forums, so I'm not completely sure about how to go ahead. But if I've understood it correctly, the process of DNS-spoofing with Ettercap is done in the following 2 steps (very simplified): Ettercap tells the default gateway that the URL of choice - www.URL.com - refers to my computers IP-adress. When people who's inside of that gateway tries to browse the site with that URL, the gateway recalls "Oh, that belongs to this (internal) IP-address" and redirects them to me. Am I correct about this or is there something that I've missed or should be aware of? Is the DNS-cache poisoning harmful in any way? How do after the prank is done tell the gateway to forget about my spoof and go ahead and process/recognize that URL as it would usually do? I don't want it to keep thinking that I'm the holder of that URL. May I accidentally cause any harm to the network, my friends' computers or to someone/something else? I really don't want to risk their belongings such as online accounts or infecting their computers with malicious stuff. Another question that I got is about pen-testing in general. I've for a long time got more and more interested about and have tried to obtain as much knowledge as possible regarding this. However, I've yet to start doing some practicals and learn-by-doing but what draws me back from starting is my concern that I unwillingly might cause any harm to may it be my test computer, my private network and the connected computers or my friends' computers if I prank them as mentioned above. As for a starter-kit, I've found what I think might be 3 or 4 good applications to start with, being: Nmap - scanning/analyzing of devices on a network Metasploit - exploitation of the devices Wireshark - analyzing traffic between devices Ettercap - security testing of a network and for some pranks Any other software that you would recommend? Now the listed softwares is all open-source, but does it mean that one could trust the author(s) in the matter that the software is not doing things - or rather - only doing things that the user wants it to do? Are those tools/softwares of the kind that you would want to use as a professional pen-tester or are they considered more as script-kiddie tools? Is Backtrack better to start of with, and if so, is it itself as a distribution and the applications it contains safe aswell? If you have read all the way to here - thank you very much! I'm sorry if I've been unclear on something or if there is any eventual spelling/grammar errors, English is not my first language :) // TT1TTOne Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.