20155236 Fan Chenge Exp7 Internet Fraud Technology Prevention

Others 2022-04-27 22:00:47 views: 0

20155236 Fan Chenge Exp7 Internet Fraud Technology Prevention

Virtual machines often crash = =, so basically do an experiment and change one. . .
I encountered a simple little problem and the teacher helped to solve it: the virtual machine is not connected to the Internet. . .

1. Answers to basic questions

  1. In what scenarios are you usually vulnerable to DNS spoof attacks?
  • Connect to wifi without a password indiscriminately, because it will be in the same network segment as each host connected to the local area network and the local area network.
  1. How to prevent the above two attack methods in daily work?
  • The main defense against URL attacks is to pay attention to the IP address when opening a web page. In advance, you can use the gid command and the nslookup command to check the correct IP address of the website. If the website shows that the visited IP address does not match the number, it proves that it has been attacked. .
  • The prevention of DNS spoofing attacks is mainly to pay attention to public WIFI without passwords.
    We also use intrusion detection systems for prevention.

Second, the practice process record

Simple application of SET tool to build a fake website

My IP for this kali:192.168.128.131

Environment configuration

  1. To make the impostor website visible on other hosts, you need to open the Apache service of the local machine, and change the default port of the Apache service to 80, first open the terminal in kali and enter: netstat -tupln |grep80command to check whether port 80 is occupied.

  2. kill+进程IDKill the process if there are other services running .

  3. After step 12, modify the configuration, view the apache configuration file, and modify its listening port to 80. Order:sudo vi /etc/apache2/ports.conf

Open the apache service:service apache2 start

set settings

  • Select from the menu: 1) Social Engineering Attack -> 2) Web Attack Method -> 3) Phishing Website -> 4) Clone Website
    Fill in the attacker's IP, which is Kali's IP:

After the configuration is complete, you can enter the URL: 127.0.0.1 under the kali attack machine to check whether the phishing website is successfully set.

Tried several Baidu's loading can not come out and
finally decided on Evernote

Build a domain name

It is also possible to wrap via the website ( http://short.php5developer.com) :

After getting this new address, press Enter, and you will find a jump prompt. After 10 seconds, you will be connected to Kali's IP address, and the phishing website built by yourself can be displayed normally, indicating initial success.

I forgot to take a screenshot of the webpage, I'm really mentally retarded. . .

Get username and password

OK I see

ettercap DNS spoof

  1. Modify the DNS configuration file (the file path under kali is /etc/ettercap/etter.dns), and write the new DNS cache: www.baidu.com A 192.168.128.131 is followed by your IP as a spoofed address, which is me Own host IP address:

  2. Use the service apache2 startcommand to open apache2, then enter the command ettercap -G, open , a visual interface will pop ettercapup automatically . Click in the toolbar and the interface will pop up, select eth0->ok.ettercap
    Sniff—>unified sniffing

  3. Scan for hostsClick on Scan Subnets under Hosts in the toolbar

  4. Add the IP of the kali gateway to target1, and the IP of the target machine to target2.

  5. Choose Plugins—>Manage the plugins, choose the plugin for DNS spoofing among the many plugins

  6. Then click the start option in the upper left corner to start sniffing

  7. At this point, use the command line to ping www.baidu.com in the target machine and you will find that the resolved address is the IP address of our kali

Use DNS spoof to direct specific visits to impostor websites

  • Because win7 was uninstalled by me = =, I tried it with someone else's computer connected to the hotspot and found that it works! Forgot to take a screenshot. . Put on a poor Ubuntu. .

  • Here we repeat the previous steps, using DNS spoofing to guide the target machine to our fake website, here we directly use the facebook given by the webpage template, and then implement DNS spoofing through the second experiment, and then enter the URL www.baidu on the target machine .com, you can find that you have successfully logged in to our impostor website.

Experiment summary and experience

I feel that this experiment is relatively simple compared to the previous one. There is no problem except that I don't have win7 and XP! At the same time, this experiment also reminded myself that I may be cautious about wifi in public places and links sent by others in the future.

Good luck this time! Thank God! There was a problem in the third step, I did it again and it was ok QUQ

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=325890865&siteId=291194637
Recommended
微软回应中国区AI团队“打包赴美”传闻
Ranking
How to use ChatGPT to write 100,000+ hot articles for public accounts (includes prompt words)
sudo echo command execution Permission denied
ADO: Using Transactions to Operate Oracle Database
[Java] [Class and Object] equals, hashCode, clone methods
Linux virtual host function
Порт управления rabbitmq открыт
on,where
jQuery WeUI
How can there be a weed pilot in Hangzhou?
tcp / ip model four
Daily
More
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)

Code World

© 2018 codetd.com