ettercap problem with spoofing fb but everything else work

[AXANO]

So here are the facts

i am working with kali sana trying to spoof dns with ethercap



1.internal network
2.I can spoof dns ===> when pinging facebook.com from victim machine i get my internal IP (192.168.1.6)
3.but when i try to browse with edge, chrome to facebook.com it says no connection
4.when i spoof a different url i get the index page of the server of the attacker
5.tried to spoof dns on xp and on windows 10 same results

how can i solve this problem and what is the cause


Thank you in advance

[digininja]

It's probably to do with HSTS and certificate pinning, basically Chrome is clever enough to work out that you are trying to mess with the site and so blocks access. You don't say which other sites you try but you'll probably get the same result from Google and any other big site which usually only runs over HTTPS.

[AXANO]

Thank you for your reply after some research that took a while i found the same results Ive tried to spoof google.com with succes but the search site which is indeed https but doesnt have any log in fields.

Question: will it e possible to spoof facebook.com if i configure my server (apache2) to respond as HTTPS????

[digininja]

Are you saying it worked for Google or not?

Running a HTTPS based site might work, it depends on certificate pinning. That is a way that a company tells the browser what certificate to expect for their site and if it gets anything different it will give an error.

[AXANO]

Yes it worked indeed for google.com

I will try to configure my server with https and i will inform you with the results here on this post Thank you very much for your time!!!!