Viewing 12 posts - 1 through 12 (of 12 total)
  • Author
    Posts
  • #52578
    Avatarencryptedn00b
    Participant

    So on lecture 7.7 when I run the commands iptables –flush then iptables -I FORWARD -j NFQUEUE –queue-num 0 my internet connection on my windows VM drops while the DNS spoofing tool and the arp spoofing tool is running at the same time. But when I run the arp spoofing tool alone it does not. Here is my code.
    https://pastebin.com/dLvpPzHQ

    #52620
    diegodiego
    Moderator

    Hi!

    Did you enable ip forwarding? echo 1 > /proc/sys/net/ipv4/ip_forward

    You have to do it every time you want to use arp_spoof script. Also don’t use Bing as it uses hsts protection now a days, use a simple https ot http sites like winzip.com, stackoverflow.com, zsecurity.org, vulnweb.com, etc.

    Greetings!
    Diego

    #52625
    Avatarencryptedn00b
    Participant

    Yes I did do echo 1 > /proc/sys/net/ipv4/ip_forward the problem is probably just cause I used bing I will try with another site

    #52656
    diegodiego
    Moderator

    Hi!

    Cool!
    Let me know how it goes!
    Diego

    #52703
    Avatarencryptedn00b
    Participant

    Okay so I ran
    1. iptables –flush
    2. echo 1 > /proc/sys/net/ipv4/ip_forward
    3. iptables -I FORWARD -j NFQUEUE –queue-num 0
    4. then ran the arp spoof program
    5. then ran the dns spoof program which I did not get any output back saying “Spoofing target”
    6. then I typed ping -c 1 http://www.vulnweb.com which returned it’s IP address not what its suppose to be when spoofed
    Here is the code but I believe you saw it.
    https://pastebin.com/dLvpPzHQ

    #52704
    Avatarencryptedn00b
    Participant

    Wait nevermind I changed “www.bing.com” to “www.vulnweb.com” I will tell you how it works

    #52705
    Avatarencryptedn00b
    Participant

    Still got the same problem

    #52765
    diegodiego
    Moderator

    Hi!

    But do you have internet access in windows machine? If you do then you need to clear the entire browser’s cache, by default it will be set to clear the last hour only.

    Let me know how it goes!
    Diego

    #52782
    Avatarencryptedn00b
    Participant

    I selected clear browsing data all time and I got the same result

    #52786
    Avatarencryptedn00b
    Participant

    nevermind its all good

    #52787
    Avatarencryptedn00b
    Participant

    But for the http lecture part he uses winzip for downloading an exe file for an example so nothing seems to show up when you run the download replacer program. Winzip seems to be using https now. Do you know any new examples that uses http?

    #52904
    diegodiego
    Moderator

    Hi!

    You can try with:
    http://www.angusj.com/resourcehacker/#download

    There’s a link to download an executable, I haven’t run the actual app that is downloaded from the site so I’ll recommend to don’t run it or do it in the virtual machine and not in your host machine.

    Greetings!
    Diego

Viewing 12 posts - 1 through 12 (of 12 total)
  • You must be logged in to reply to this topic.