Showing posts from November, 2010

ARP Poisoning - DNS Spoofing

I used ettercap to perform this attack. In theory, it arp poisoning victim machine ( use dynamic map), said victime that " DNS Server has MAC address is xxxxxx". Of course, all DNS request will be going to Attacker Machine. You must distinguish between ARP Poisoning - DNS Spoofing with DNS Poison. Above, DNS Spoofing id a part of ARP Poisoning ( a plugin of ettercap), it perform ARP Posoning, then, Man in the Middle ( Attacker is DNS agent). But, DNS Poisong is we attack DNS Server ( not AiRP Poisonging), it can be DNS Server bug, cache posion, sub-domain poisoning. Victim is XP SP2, use dynamic MAC to update MAC table, Attacker is Backtrack, use ettercap to poison. You can use cain&abel, similar to do. Video i made :) Exe file: Avi file - too big: Youtube: ------------------------------------------------------------ Thanks for reading ------------------------------------------

Session Hijacking - Demo

Thanks for Mr. Thịnh of my team :)). This demo of session hijacking - man in the middle, We will steal session of facebook, and spoof it :)). The most importation is this tool, so easy to perform attack. :)). Demo: And this MF link: ------------------------------------------------------------ Thanks for reading -------------------------------------------------------------------------- All my Lab: Linux Lab -- window and Cisco Lab to be continued - I will update more.