Collaborate Disseminate
I’m trying to create a more practical DNS Hijack MITM attack. I do the traditional ARP poison with dns_spoof method. I don’t have any issues getting it to work. The intended domain redirects exactly as expected. The only issue is that the … Continue reading DNS Hijack: Only spoofing sites listed in etter.dns
This question already has an answer here:
Can anybody explain what happens in this situation
Lets assume we hijack dns server and rediret users form goodsite.com to badsite.com and also goodsite.com use ssl so when user redirect to badsite.com the browser shows alarm and users find they are in wrong place but what happens if attacker sign badsite.com by somthing like lets encryp so the browser does not shows alarm and attacker gets result.
May be I did not not explain enough
Imagine I change dns server of some user to mine and add goodsite.com to my server and add ssl to it by lets encrype ( lets encrype doesnt require to prove you are owner of the goodsite.com) so when user want to see goodsite.com they come to my goodsite.com and becuse ssl is verify their brwoser doent complain and they dont find anything wrong.
So the ssl doesnt protect againt dns attack!!!
I have executed the command netstat and does somebody sees something that is suspicious about this output that I have been hacked?
I googled the IP addresses with port 9001 and I found that these IP addresses are coming from … Continue reading Have I been DNS tunneled? [on hold]
I have one of those questions that rely on the rule sets for DNS lookup.
Let us say Person A owns the site https://www.example.com. A different person, Person B, not associated with A, attempts to register https://sub.exampl… Continue reading Does DNS allow third parties to register subdomains?
This question already has an answer here:
Chrome SSL Warning: “You cannot proceed because the website operator has requested heightened security for this domain. ”
I’m a developer by trade, but not that well versed in information security. I’ve encountered a strange problem at home:
About three times now in the past year, when I open some website – I’m thrown to some garbage domain whi… Continue reading Strange Problem – DNS Cache Poisoning?
I live in a country which is under many sanctions. Both internal sanctions (government on people) and external sanctions (US on our people).
In our country, YouTube, Twitter, Facebook and many other sites are blocked by defa… Continue reading How could a public DNS server return bad results?
This Question is about DNSCurve. I thought of DNSCurve as “HTTPS for DNS” (like in this Answer) but had some resent thoughts about the trust-relationship between resolvers and nameservers serving the public-keys.
Here an example to expla… Continue reading How does DNSCurve protect against forgery in a man-in-the-middle attack scenario?
Does a VPN protect against a malicious DNS configuration on the Access Point?
By my understanding it should, since traffic to the final destination should be encrypted and encapsulated inside packets then sent to the VPN ser… Continue reading VPN protection against DNS poisoning on AP
Using lookalike character symbols to circumvent HSTS and public-key pinning with DNS spoofing via MITM Attack.
Redirect: facebook.com –> faceḃook.com
—
I have seen SSLStrip+ using the technique of adding another “w” to d… Continue reading Bypassing HSTS and Public-key pinning with lookalike characters