CarderPlanet
Professional
- Messages
- 2,552
- Reaction score
- 712
- Points
- 83
This article is written for educational purposes only.
All Salaam. I wrote an article about spoofing a DNS router, stealing passwords and substituting my own ads, but the whole thing turned out to be too cumbersome. And I decided to divide it into 3 parts. Or maybe there will be a fourth part, where we will configure SSL for our fake and the fifth part, where we will create our own admin panel where we will collect our fruits in a structured way. Additional will most likely be if interest in all this.
A bit of theory
So, today we will analyze raising our DNSChef. DNSChef is a DNS proxy that will help us to raise a fake DNS, which we substitute for the normal one, which is given to us by the provider.
DNS server is the same computer where our ip addresses are stored. When we enter the site address in the browser, we turn to the DNS server and say: "Hey, hardware, I need the ip address on which this site is located", it gives us an ip, then we go to it and get the content of the main page in our browser ... Rough explanation, but pretty clear. Plus, the image:
When we substitute our DNS server into the router, it is also a working server, but we can already redirect the user to our site. Those. now, when the victim enters vk.com, our dns gives the victim not the real ip address, but the ip of our server, where we raised the vk.com fake
So what we have:
3. DNSChef
Practice
Here we will describe in detail how and where in the router we need to change our DNS address and, of course, install and configure DNSChef.
Installing and Configuring DNSChef
Let's start by installing DNSChef, I install and will do everything on a VPS Ubuntu 14.04. You can take a VPS for yourself and install a convenient distribution kit. You can also choose any hoster, but it is desirable, of course, that the data centers are abroad. I have it on ihor.ru in Russia, since I do not carry out any shenanigans on this VPS. Of those that are abroad and quite bulletproof, I can recommend zomro.com.
For convenient configuration and adding domains and databases, we will also install the VestaCP panel on the server. For more details see here
I think you won't have any problems with this.
Next, install DNSChef:
We launch our DNSChef and we should see this:
We see that DNSChef starts up normally. Now we can start and indicate which domain will be fake and on which ip our ip address will be located. We start the whole thing in this way:
DNS spoofing in the router and domain creation
After that, we go and substitute our IP proxy into the router. How to change DNS on your router can be found in the internet.
Ready. Next, we are going to add our fake domain to VestaCP.
The domain was added when we did it through VestaCP, it automatically configures and creates our virtual host.
For example, let's create a test file index.html in the vk.com folder with the content
And now if we are connected to an Internet through the router, where we made the substitution, then when we go to other sites everything will work correctly, and when we go to vk.com, the server will redirect to ours and we get this.
Didn't seem to have missed anything. Well, if you mention something in the comments and we will analyze it.
As a result, we analyzed the installation and configuration of DNSChef and DNS spoofing in our router.
In the next part, we will analyze the methods of site grabbing and password stealing.
See you!
All Salaam. I wrote an article about spoofing a DNS router, stealing passwords and substituting my own ads, but the whole thing turned out to be too cumbersome. And I decided to divide it into 3 parts. Or maybe there will be a fourth part, where we will configure SSL for our fake and the fifth part, where we will create our own admin panel where we will collect our fruits in a structured way. Additional will most likely be if interest in all this.
A bit of theory
So, today we will analyze raising our DNSChef. DNSChef is a DNS proxy that will help us to raise a fake DNS, which we substitute for the normal one, which is given to us by the provider.
DNS server is the same computer where our ip addresses are stored. When we enter the site address in the browser, we turn to the DNS server and say: "Hey, hardware, I need the ip address on which this site is located", it gives us an ip, then we go to it and get the content of the main page in our browser ... Rough explanation, but pretty clear. Plus, the image:
When we substitute our DNS server into the router, it is also a working server, but we can already redirect the user to our site. Those. now, when the victim enters vk.com, our dns gives the victim not the real ip address, but the ip of our server, where we raised the vk.com fake
So what we have:
- VPS server where we will raise our dns server and a fake site.
- A router with the ability to change DNS, well, in modern ones, it seems to be all possible. In my case, I have Mikrotik hap lite
3. DNSChef
Practice
Here we will describe in detail how and where in the router we need to change our DNS address and, of course, install and configure DNSChef.
Installing and Configuring DNSChef
Let's start by installing DNSChef, I install and will do everything on a VPS Ubuntu 14.04. You can take a VPS for yourself and install a convenient distribution kit. You can also choose any hoster, but it is desirable, of course, that the data centers are abroad. I have it on ihor.ru in Russia, since I do not carry out any shenanigans on this VPS. Of those that are abroad and quite bulletproof, I can recommend zomro.com.
For convenient configuration and adding domains and databases, we will also install the VestaCP panel on the server. For more details see here
I think you won't have any problems with this.
Next, install DNSChef:
Code:
sudo apt-get install python-ipy
sudo pip install dnslib
git clone https://github.com/iphelix/dnschef.git
unzip dnschef *
cd dnschef *We launch our DNSChef and we should see this:
We see that DNSChef starts up normally. Now we can start and indicate which domain will be fake and on which ip our ip address will be located. We start the whole thing in this way:
Code:
python dnschef.py -i IP_DNS_Proxy --fakeip Server_IP --fakedomains vk.comDNS spoofing in the router and domain creation
After that, we go and substitute our IP proxy into the router. How to change DNS on your router can be found in the internet.
Ready. Next, we are going to add our fake domain to VestaCP.
The domain was added when we did it through VestaCP, it automatically configures and creates our virtual host.
For example, let's create a test file index.html in the vk.com folder with the content
And now if we are connected to an Internet through the router, where we made the substitution, then when we go to other sites everything will work correctly, and when we go to vk.com, the server will redirect to ours and we get this.
Didn't seem to have missed anything. Well, if you mention something in the comments and we will analyze it.
As a result, we analyzed the installation and configuration of DNSChef and DNS spoofing in our router.
In the next part, we will analyze the methods of site grabbing and password stealing.
See you!
