[Tutorial] DNS Spoofing ( Man in the middle attack )l]

[Tutorial] DNS Spoofing ( Man in the middle attack )l]

DNS Spoofing

DNS Spoofing

What Is DNS Spoofing?
DNS spoofing is an attack that can categorize under Man-In-The-Middle-Attack, beside DNS Spoofing MIMA contain:
-ARP poisoning
-Sessions hijacking
-SSL hijacking
-DNS Spoofing

Ill only be showing u DNS Spoofing , For now .. !

How does it work ?
Man in the middle attack means that the hacker will clone a specific web site such as facebook.com/twitter/google etc…. and force the victim to enter his cloned page , And phish his login credentials … ( this only works on your local connection ) Like , You can phish People on the same router u are.
To under stand It more likely , Ill show u a pic for example:
Posted Image
I guess u got it ?


1-Linux operating system ( IMPORTANT )
2-Basic knowledge with Linux commands ( Important )

First off ill be adding pics when i get some time , because its pain in the ass to show u every thing with pics .
1-Setting Java applet attack / Cloning a specific web site ” Ill clone facebook.com ”
2-Setting the DNS spoofing blugin using ettercap

First off:
We will open a terminal And type in

cd /pentest/exploits/set



Now we will get our exploit on and running , Now we are going to choose it like so :

Website attack vectors/Java applet attack method /Clone web site / Enter the web site u want to clone ..
Then after it finish cloning , Use the
TCP reverse meterpreter payload
Then we will use the following exploits : shikata_ga_nai

Insert an opened port after that …
It will ask you to
create a Linux/OSX reverse_tcp meterpreter Java Applet payload also?
And we will type “no”

Then we are done for the java applet setting ….
Now comes the real hacking
Open a new terminal and type

locate etter.dns

Then it will show u a directory of the tool

nano <Directory of the tool>

Without the <> ofc.
Now it will load the tool , We will scroll down till we see
3 lines with microsoft.com
Change them all to facebook.com without removed the *. in the 2nd line
And without closing this terminal , We will open a new one , And type


Now we will copy our local address its usually like


And ofc we will replace it with the ip’s in front of the 3 lines of microsoft.com
Now we will press CTRL+O and type y And then y again until it says
xx lines wrote
Then we will press CTRL+X
Then we will execute what we have done using

ettercap -T -q -i eth0 -P dns_spoof -M arp // //

Then it will load our Etter cap Wink and then It will tell you
facebook.com spoofed to [192.168.2.xx]
Now every one on your own local connection Visits facebook.com
and insert his infoz and login , You will be informed with the login infoz Wink

You can also buy instant:


Cashapp Money Transfer Click here

Paypal Money Transfer Click here

Western Union  Money Transfer Click here

Venmo Money Transfer Click here

Bank Money Transfer Click here to Contact Us

Leave a Reply