CarderPlanet
Professional
Hello everyone! Today we will analyze an interesting type of hacking, in which attackers are able to replace the original site with their own fake. That is, when entering, for example, vk.com, the victim will not go to the original site, but to our fake. Intrigued? Go!
We will check all this by raising the DNS server on the VPS server. We buy VPS here myvps.ru. And you don't need to write options for doing everything yourself on your local PC with port forwarding and DynDNS. Just don't
The axis of our VPS can be any, be it Ubuntu or Debian.
So, on our VPS we write the following
Dnsmasq is a DHCP and DNS server setup program. We only need the latter from her. Now go to the / etc directory using the command
The slash before etc is important, otherwise you will not get into the directory.
Now we need to edit the dnsmasq config, this is done using the command
Now, at any point in the config, we write:
address = / domain name of the site that needs to be changed / "ip of your webserver"
inteface = eth0 // instead of eth0 you need to write your own network interface, otherwise dns will not work as a service
You can write several such lines. Now CTRL + O, press enter and CTRL + X and enter too.
Now let's take a closer look at everything. In the ip of your webserver, you can register the same address as your VPS, but just before that, you also need to raise the webserver on the VPS itself, which is not difficult.
The site directory will be located at / var / www
Having finished raising the DNS and the web server, we register the command
Now it was up to SE. Our task is to replace the victim's DNS address with the ip of our VPS. Now in more detail. The victim's computer addresses our DNS and for example wants to find out the ip of the vk.com domain. A regular DNS server would say the real ip, and ours replaces it with a fake address. Accordingly, in the victim's browser, vk.com is displayed in the address bar, but the site will be our fake. If you google you can find a complete copy of the vk authorization page yourself, or you can make a full copy yourself.
If you suddenly have any questions about setting up, then write in telegrams, I will try to answer everyone. Good luck to everyone, bye everyone!
We will check all this by raising the DNS server on the VPS server. We buy VPS here myvps.ru. And you don't need to write options for doing everything yourself on your local PC with port forwarding and DynDNS. Just don't
The axis of our VPS can be any, be it Ubuntu or Debian.
So, on our VPS we write the following
Code:
# apt-get install dnsmasqDnsmasq is a DHCP and DNS server setup program. We only need the latter from her. Now go to the / etc directory using the command
Code:
# cd / etcThe slash before etc is important, otherwise you will not get into the directory.
Now we need to edit the dnsmasq config, this is done using the command
Code:
# nano dnsmasq.confNow, at any point in the config, we write:
address = / domain name of the site that needs to be changed / "ip of your webserver"
inteface = eth0 // instead of eth0 you need to write your own network interface, otherwise dns will not work as a service
You can write several such lines. Now CTRL + O, press enter and CTRL + X and enter too.
Now let's take a closer look at everything. In the ip of your webserver, you can register the same address as your VPS, but just before that, you also need to raise the webserver on the VPS itself, which is not difficult.
Code:
# apt-get install apache2The site directory will be located at / var / www
Having finished raising the DNS and the web server, we register the command
Code:
# service dnsmasq startNow it was up to SE. Our task is to replace the victim's DNS address with the ip of our VPS. Now in more detail. The victim's computer addresses our DNS and for example wants to find out the ip of the vk.com domain. A regular DNS server would say the real ip, and ours replaces it with a fake address. Accordingly, in the victim's browser, vk.com is displayed in the address bar, but the site will be our fake. If you google you can find a complete copy of the vk authorization page yourself, or you can make a full copy yourself.
If you suddenly have any questions about setting up, then write in telegrams, I will try to answer everyone. Good luck to everyone, bye everyone!
