WiFi Wireless Security Tutorial - 15 - DNS Spoofing and MITM Attack Demo

thenewboston

9 Sept 201510:00

Summary

TLDRThis video demonstrates how to perform a DNS spoofing attack, a type of man-in-the-middle attack. The tutorial walks viewers through the process of setting up a computer as a router using bridge utilities, enabling IP forwarding, and creating a fake DNS host file to redirect victim traffic to a malicious IP. The attacker sets up a fake web server to display phishing pages and uses ARP and DNS spoofing to intercept and manipulate communications. The video highlights the risks of such attacks, showing how easily sensitive data like login credentials can be compromised.

Takeaways

😀 Installing the `bridge-utils` package enables your computer to act as a router, forwarding network packets based on MAC address rather than IP address.
😀 Enabling IP forwarding is crucial to allow your computer to route traffic between the victim and the actual router.
😀 DNS spoofing involves providing false DNS responses, redirecting the victim’s web traffic to malicious websites hosted on the attacker’s machine.
😀 A fake DNS host file contains IP address mappings that tell the victim’s browser to connect to the attacker’s server instead of the real website.
😀 The attacker needs to set up a fake web page on their machine, typically stored in `/var/www/html`, which can mimic legitimate websites like banking or social media login pages.
😀 The Apache web server is used to serve the fake web pages to victims when they make DNS queries for popular websites.
😀 ARP spoofing is used to deceive both the victim and the router into thinking the attacker’s machine is the legitimate gateway, allowing interception of traffic.
😀 The ARP spoofing tool can be used to continuously send fake ARP replies, associating the attacker’s MAC address with the router’s IP address and the victim’s IP address.
😀 Running the ARP spoofing and DNS spoofing tools in tandem redirects the victim’s DNS queries to the attacker’s machine, displaying fake content designed to steal credentials.
😀 Potential consequences of this attack include credential theft, which can lead to account hijacking, password resets, and significant personal and financial loss.

The video is abnormal, and we are working hard to fix it.
Please replace the link and try again.