Disclaimer: This article only experimental research study, please do not criminal.
Experimental environment:
a kali linux and a Windows7
two are in a network, can ping each other
Windows7 access to the Internet
to start the experiment:
Windows7 look at whether the page can be accessed, and ip address
Ettercap edit the configuration file using DNS
gedit /etc/ettercap/etter.dns
I add the IP address of a site to build my own, in order to succeed in the final after the attack to see the screen.
Just add the ip can open a web page, but do not have the https encryption certification conditions, it is also available.
Otherwise, the attack is successful, open the page can not be displayed.
And it appears as disconnected problem. In fact, just add your ip address, not open the page only.
* A 192.168.247.1
“*“ 代表所有域名,将所有域名的A记录解析到这个ip地址,被攻击的主机,访问所有其他的网址都会到ip地址的页面
Then click Save, more than a few clicks. .
Then open ettercap software
ettercap -G
Select Interface
Sniff ------> Uified sniffing
choose eht0 this card
scan online hosts
Hosts -> Scan for hosts
to open the Host List
to see the host ip this segment
will add to the ip address Windows7 first attack list.
选择Windows7的ip地址,再点击Add to Target 1
Select Mitm -> ARP poisoning
select the first, two-way poisoning.
Found Plugins -> Manage the plugins
find dns_spoof, double-click to start dns poisoning.
Found Start -> Start sniffing, began to attack.
Windows7 on to look at the effect, turn off tour, a refresh dns configuration
open cmd, enter:
ipconfig /flushdns
Then open the tour is
input www.163.com Netease's official website
enter www.bilibili.com beep beep miles miles official website
input www.qq.com Tencent's official website
enter www.sina.com Sina's official website
OK, has been successful, What is the problem, as well as the exchange of comments O (∩_∩) O ~