First, hackers use "airpwn" tool to create a target HTTP, DNS and then to attack. This attack is very simple idea:
If there are two people in an open WLAN: Bob and Eve. E B want to visit a malicious Web page created her, so she could install malicious software on Bob's computer, or may show a fraudulent site to try to steal authentication information to Bob by downloading the hidden nature.
Already know how to run this kind of attack, then let's use Python to automate this attack.
Set Alfa AWUS06H Wireless LAN
root @ bt: ~ # airmon- ng start wlan0
Now that we have started a monitoring mode, and run on mon0 interface, let's start writing Python code!
Write attack code
We will use scapy crawler module to achieve this hack. We start by listening to any destination port 53 UDP packet, and then send the packet back we are going to write the name of a function send_response:
Now create a resolution request related information can be injected and response functions. Resolved by moving the package layer by layer manner and creates a response follows:
After minor details are ignored, scapy frame make this becomes quite easy, as follows:
Set all the signs, and then add on to create a DNS response:
Ultimately, we deceive inject this response:
sendp (the Response)
demo
HTML response from the host 192.168.2.138:
You may want to add any HTML, Javascript, and so on.
My phone is a screenshot of the attack:
Recommended reading:
Basics zero Python's most detailed source of tutorials
2019 Python Reptile Learning Roadmap full version
Why Python can be firmly secured the first card AI Artificial Intelligence Language
Python rise, TIOBE list of programming languages a new high!