Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Forge name-query?
From: Dug Song <dugsong () MONKEY ORG>
Date: Mon, 20 Nov 2000 21:52:33 -0500

On Mon, Nov 20, 2000 at 07:47:52AM -0800, jarel () NIGHTMAIL COM wrote:

In theory you're able to make a program that listans after a
name-query for a special address and when it comes you're racing
the real DNS and tries to give the client an other ip-address than
the real one... Does anyone know of such a program?

I succeeded to get people to use SSH instead of telnet after
showing them what I could do with Hunt.

wait a bit for the next release of dsniff, which includes

dnsspoof
        forge replies to arbitrary DNS address / pointer queries on
        the LAN. this is useful in bypassing hostname-based access
        controls, or in implementing a variety of man-in-the-middle
        attacks (HTTP, HTTPS, SSH, Kerberos, etc).

sshmitm
        proxy and sniff SSH traffic redirected by dnsspoof(8),
        capturing SSH password logins.

webmitm
        proxy and sniff HTTP / HTTPS traffic redirected by dnsspoof(8),
        capturing most "secure" SSL-encrypted webmail logins and form
        submissions.

among other things...

-d.

---
http://www.monkey.org/~dugsong/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]