Tutorial On DNS Cache Poisoning (Redirect abc.com By Entering xyz.com In Address Bar)



Hello guys! Today I'm going to post about a hacking technique named "DNS Spoofing or DNS Cache Poisoning". DNS cache poisoning is a computer hacking attack, whereby data is introduced into a Domain Name System (DNS) name server's cache database, causing the name server to return an incorrect IP address, diverting traffic to another computer (often the attacker's).

This trick is commonly used by hackers for redirecting original site to fake site (like opening Facebook, Gmail would open fake facebook, gmail).
DNS Cache Poisoning
Let's understand it by taking an example:
  • Go to C:\Windows\ System32\ Drivers\ etc\ Hosts
  • Open it with notepad.
  • Write 67.195.160.76 www.google.com below 127.0.0.1 localhost like that:
    127.0.0.1 localhost

    67.195.160.76  www.google.com
Where 67.195.160.76 is IP address of yahoo, you can change it whatever you want. If you are thinking about knowing IP address of any site, then go to command prompt> Type ping site name, for e.g. ping www.facebook.com

Note: Even you can use it for phishing purpose.

    Sharing is Caring

    Related Posts

    Previous
    Next Post »

    4 comments

    comments
    March 7, 2012 at 1:12 PM delete

    But we can do it only on that pc from which we have physical relationship....................................



    But how we can do it if we don't have control over somebody else pc............

    Reply
    avatar
    March 7, 2012 at 1:20 PM delete

    @Abhinav: bro it's just a basic idea how it work!! use some ways like making a batch file, which would replace victim's hosts file to yours!! n if you hv question about how to run it on victim computer, then use some social engg techniques!!

    Reply
    avatar
    Anonymous
    January 13, 2013 at 1:17 PM delete

    I cannot tamper the data of my system32/drivers/etc folder ???

    How will i do that ?

    Reply
    avatar
    January 13, 2013 at 5:43 PM delete

    @Anonymous: for it, you would have to change security permissions for that file or folder containing the file.

    Reply
    avatar

    Thank you for your comment.