1
00:00:00,450 --> 00:00:07,380
OK, so we'll come back in this video, I'm going to teach you how to use DNS spoofing to redirect users

2
00:00:07,380 --> 00:00:15,240
to your fake website, and to do that, I'm going to use the F-bomb King framework, which you can download

3
00:00:15,240 --> 00:00:17,430
and install from this web page.

4
00:00:18,570 --> 00:00:27,870
So let's open the framework by going to the terminal and type the pumpkin and here go to Settings and

5
00:00:27,870 --> 00:00:32,070
you will see different options on how you can modify the access point.

6
00:00:33,000 --> 00:00:35,190
And in my case, I will only change.

7
00:00:35,190 --> 00:00:43,410
This is a guy name to airport free Wi-Fi and click Start up here to start the access point.

8
00:00:44,700 --> 00:00:45,390
All key?

9
00:00:45,410 --> 00:00:47,730
No, the access point is up and running.

10
00:00:48,360 --> 00:00:55,290
So let's performed a DNS spoofing attack by going to modules and select DNS buffer.

11
00:00:56,100 --> 00:01:00,750
And on the left box, use the right click and select Add Host.

12
00:01:01,590 --> 00:01:05,850
No, you need to type the web address for the website, which you want to spoof.

13
00:01:06,750 --> 00:01:11,640
So for this example, I will use Yahoo dot com and click OK.

14
00:01:12,630 --> 00:01:21,870
Basically, this attack will redirect yahoo.com to this IP address, then dot 0.2 0.1, which can be

15
00:01:21,870 --> 00:01:23,370
a malicious website.

16
00:01:24,480 --> 00:01:32,760
OK, so to launch the attack, click Start Attack and held the DNS spoof is running all key.

17
00:01:32,770 --> 00:01:39,900
No, you can also inject the Monisha JavaScript code like the beef hook URL, and to do that, click

18
00:01:39,900 --> 00:01:41,430
on the phishing manager.

19
00:01:41,670 --> 00:01:44,880
And here enable beef by checking the box.

20
00:01:45,990 --> 00:01:54,320
And no, I'll go to the terminal and go to beef, which I already started and copy the hook you rl and

21
00:01:54,330 --> 00:01:59,620
pasted here and click store server or key.

22
00:01:59,640 --> 00:02:08,160
So we should a victim machine and connect to airport free Wi-Fi and then open the web browser and type

23
00:02:08,160 --> 00:02:09,420
Yahoo dot com.

24
00:02:10,620 --> 00:02:17,040
In case you have be redirected to Wi-Fi bumpkin web page, which contains the beef hook you are there.

25
00:02:17,970 --> 00:02:25,020
Now you can improve this attack by cloning the website from Yahoo dot com and put the files on your

26
00:02:25,020 --> 00:02:26,580
Apache Web server.

27
00:02:27,180 --> 00:02:33,900
So when users from your fake access point are trying to visit Yahoo dot com, they would be redirected

28
00:02:33,900 --> 00:02:38,700
to a fake Yahoo web page, which looks exactly as the original one.

29
00:02:40,140 --> 00:02:40,710
OK.

30
00:02:40,740 --> 00:02:42,480
No, I have also injected the hook.

31
00:02:42,480 --> 00:02:43,710
You are there from beef.

32
00:02:44,220 --> 00:02:51,660
So let's switch back to the Carly machine and see if I have a hooked browser and I will go to Beef Control

33
00:02:51,660 --> 00:02:57,540
Panel and you can see I have a hooked browser from Yahoo dot com.

34
00:02:58,350 --> 00:03:00,420
So that's it for now.

35
00:03:00,450 --> 00:03:03,360
Thanks for watching, and I'll see you next time.