DNS hijacking
Environment: Windows 2008 an attacker
kali attacker
1, build a web service in the attacker's computer
2, the html file index.html written in / var / www / html
<img src = " image url " >
Ettercap terminal opened in DNS file /etc/ettercap/etter.dns
Add deception in which A record
3, the input terminal kali ettercap-G into the graphical interface of the tool
Then the network host scan sniff-> unified sniffing-> select a network interface and click OK
And then view the scanned host situation Hosts-> scan for hosts
Click Hosts list View Host
route -n or netstat -rn View gateways have to find the gateway and the host IP deception
4, choose to add a gateway to target1, select the target IP to target2
Mitm->ARP posioning->勾选Sniff remote connections
Find Plugins-> Manage the plugins-> find dns-spoof, double-click the selected
5, found in the menu bar start, click on the start sniffing, started ARP spoofing and DNS hijacking
6, access www.baidu.com in the attacker's computer eventually see is a picture page
7, closed side attack command: ipconfig / flushdns