Jump to content

PacketSquirrel


Harun

Recommended Posts

Hi, I just checked the tutorials on how the PacketSquirrel works and what it does and I've decided to purchase one myself to have a play around with it. I've captured traffic on the device, recorded and analysed the TCP dumps on WireShark. The only part I'm struggling on is how to get the dns spoof to work. I have switched to Arming mode and edited the 'spoofhost' file to 'facebook.com' with the ip address being my victim's ip address on the Windows machine. 

I'm wondering how it's possible to create a fake web page and harvest the victim's usernames and passwords via my fake facebook page and have them redirected back to the original facebook login

Link to comment
Share on other sites

DNS spoofing, for me, works one time, then the next time it'll refuse to work and then the next time it'll be fine again. Probably just me though.

Your spoofhost file should look like this:

address=/facebook.com/<ip>

<ip> of course being the IP of your victim (or even localhost).

address=/facebook.com/127.0.0.1

Now, the PS needs to be inbetween the network and the victim. Network -> PS -> Victim (that's the way the ethernet cables will go).
So if you hold your PS so that the switch is pointing down, and the button is up, the left ethernet port needs to go out to the victim, and the right ethernet port needs to go out to the LAN.

                                               BUTTON

Victim <--------------> IN PORT    PS    OUT PORT <---------------> Network

                                               SWITCH

 

Hope it helps!

Link to comment
Share on other sites

Thank you, I've have set it up correctly, Although the spoof sort of works because it allows me (the victim) to gain access to other websites other than 'facebook.com', I'm just wondering how I can implement my own php/html script as the 'fake website' so whenever the victim is trying to gain access to facebook.com, they end up visiting my malicious website. Hence once they attempt to login I'm able to capture their passwords.

 

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...