In this post we will discus our very first method of poisoning DNS i.e Intranet DNS poisoning. Intranet DNS poisoning attack is done over a LAN which has been ARP poisoned. Since I ‘ll not repeat how to poison ARP, please read my previous tutorial on ARP poisoning. For performing this DNS poisoning attack you’ll need at least three computers connected in LAN for which a same router, switch or computer should act as gateway and any man-in-the-middle attack tool, for this tutorial I am using Cain And Abel. Make sure your setup matches following diagram.
Note that this attack works well for switched network, a hub based network will also work but result will not be as effective as switched network. Now Google for Cain And Abel download it and poison ARP table. Now click on APR-DNS from bottom and add a host name to it.
For our example I am poisoning entry of www.Yahoo.com. Now specify IP address of website you want to redirect traffic, if you want to redirect traffic for www.yahoo.com to https://xtraweb.wordpress.com then click on Resolve type https://xtraweb.wordpress.com in it and IP address field will take IP address of my blog. So now whenever anyone in LAN will try to browse to yahoo will land on my blog.
Now something important, from all DNS poisoning methods Intranet DNS poisoning is easiest and doesn’t require any technical skills because you don’t have to setup a DNS server but for all other methods you must know how to setup DNS server. I will try my best to keep things as easy as I can but as an advise I would recommend you please Google a little and get some information about how to setup a DNS server. If I would have to perform above attack then my choice of tool would be Ettercap I took this tutorial with Cain And Abel just because its easy to use and we covered ARP poisoning using Cain and not Ettercap.
Cain is easy for someone who is beginner so just take this tutorial as start-up piece, after getting little understanding about how DNS poisoning is done, try same with Ettercap. So easiest DNS poisoning method I.e Intranet DNS poisoning is done next time we will see Internet DNS poisoning method. Thanks for reading and keep visiting.