Skip to main content

Questions tagged [dns-spoofing]

DNS Spoofing is a network attack whereby data is introduced into a Domain Name System (DNS) resolver's cache by an attacker that has no authority, causing diverting injected names to redirect traffic to a host controlled by the attacker.

4 votes
1 answer
89 views

Cannot consistently demonstrate ARP Spoof and DNS Spoof?

I am trying to use arpspoof and dnsspoof to practice a man-in-the-middle attack between a couple of computers at home. Despite repeatedly following the same exact steps below, I can not get ...
learningtech's user avatar
0 votes
0 answers
42 views

MITM experiment works with DLink DIR-605L but not Hitron CGN3AMF

I am trying to learn about man-in-the-middle. I was able to successfully demonstrate it in when I'm using a DLink DIR-605L wifi router that's connected to a Hitron CGN3AMF wifi modem. But I failed ...
learningtech's user avatar
3 votes
2 answers
2k views

Understanding TLS Protections Against DNS Spoofing and Fake Websites

What protections does TLS use in the above scenario? In the picture, the client asks the attacker for the address of Google.com, but the attacker gives them a different ip address which redirects to a ...
F0calPoint's user avatar
0 votes
1 answer
252 views

can a VPN provider do DNS poisoning?

I was wondering if we push our DNS over the VPN and basically let them do DNS resolution, is it possible to perform DNS poisoning and man in the middle attack on us? I know browsers check certificates ...
Naadiyaar's user avatar
1 vote
2 answers
280 views

DNS hijacking/poisoning effect on URL/URI and password manager autotype/autofill

A benefit to password managers, at least some of them, is that they can look at the URL and only use autotype/autofill when on the correct site, which can help prevent pharming since if instead of ...
vertigo's user avatar
  • 13
1 vote
0 answers
167 views

How can I manipulate certain server side responses? Specifically Ajax Responses? XXE Attack? Hybrid DNS Resolution?

I would like to be able to switch back and forth between the real DNS and maybe setting a local DNS entry so I can manipulate AJAX responses for code security checks. For instance if the server ...
Neo's user avatar
  • 141
0 votes
1 answer
273 views

Someone issued fake CAA records for my domain. What is the most important thing to do to resolve it?

First, I can update this with the affected domain, if it's critical, but for obvious reasons I'd like not to be the target of more problems. Someone registered some CAA records for my domain. I have ...
New Alexandria's user avatar
0 votes
1 answer
135 views

Suspicious ip address of our mail domain found on talosintelligence.com (spoofing attempt)

We have a fair amount of email traffic. Recently, we had some suspicious email spoofing attacks and a lot of users reported that outgoing emails were marked as spam and landed in junk folder (reported ...
xleccf's user avatar
  • 3
0 votes
1 answer
327 views

How does the attacker guess the domain name in a DNS query for DNS cache poisoning

Prior to 2008 before Dan Kaminsky finds the DNS issue, the resolver checked only the Transaction ID. I have seen videos in which it is explained if an attacker manages to send a DNS response like (...
Allen Johnson's user avatar
1 vote
1 answer
468 views

Risks of getting hostname for SSL cert verification via forward-confirmed reverse DNS lookup of user-supplied IP?

My understanding after reading other questions here is that an attacker would need control of the nameserver or the ability to forge responses from it to exploit this. Could it be abused in other ways?...
Shane Spoor's user avatar
2 votes
1 answer
249 views

Does using IP address over Tor with a one essential website expose me to any attack surface?

I routinely access www.email-provider-of-my-choice.com via browser over Tor. My browser enforces https-only mode and I opt for never saving my credentials with this provider. I tend to use the domain ...
John Smith's user avatar
0 votes
1 answer
444 views

Can this logic with regard to checking Reverse DNS records be flawed?

For my web app, I hardcode a reverse DNS detection for common web crawlers. And for detecting them I use their Reverse DNS, which I always check whether it includes i.e. google.com. My questions would ...
Munchkin's user avatar
  • 264
0 votes
1 answer
232 views

how does a DNS request sniffer see packets destined for DNS server?

If a DNS sniffer/spoofer is running on a network using something like netwag/netwox, how does the sniffer see the request that is destined for the real DNS server? Wouldn't the packets for the DNS ...
CJ7's user avatar
  • 101
-1 votes
1 answer
126 views

Are purchased domains from third party registrar or hosting managers without Cpanels or VPS or Editable Pages hackable?

If someone buys a domain and one may type the URL in but just sees a template page from the registrar but doesn’t purchase a cPanel or VPS or root access or any way to edit the website, does the ...
Coo's user avatar
  • 109
0 votes
1 answer
236 views

DNS local cache spoofing with malware or RAT

I was learning networking and knew that browsers don't have algorithms to convert domain names to IPs. It queries a DNS server. After that, the computer remembers the IP, so next time the domain is ...
Jenia's user avatar
  • 119
3 votes
1 answer
487 views

Does subdomain DNS cache poisoning depend on the authoritative name server ignoring requests for non-existing domains?

I'm reading "Introduction to Computer Security", Pearson New International Edition, 1st edition, by Goodrich and Tamassia. On the subject of DNS cache poisoning, they mention that a "...
Stefan van den Akker's user avatar
1 vote
1 answer
893 views

DNS spoofing over https [duplicate]

If a device sends a request to https://example.com and someone spoofs the DNS response to redirect the request to some malicious server. Would the attacker be able to modify the packets during the TLS ...
Reveles's user avatar
  • 13
0 votes
1 answer
2k views

How do I redirect HTTPS site to another HTTPS site over LAN using a linux? [closed]

Is there a tool, or a command for linux that can make possible to redirect HTTPS site to another HTTPS site on LAN? i'm using Kali Linux, and all the tools and commands that i found was to redirect ...
ARKban's user avatar
  • 1
0 votes
1 answer
887 views

DNS spoofing protection in Chrome and Firefox

I'm using hostapd to setup a wireless access point and dnsmasq as a DNS/DHCP server. I defined in dnsmasq to reply with the IP of the access point (10.0.10.1) when it receives a query for www....
Giannis Pappas's user avatar
1 vote
1 answer
2k views

How to prevent from DNS spoofing in Java code which obtains a name of localhost

FORTIFY static scan has detected that this piece of our java code is vulnerable to DNS spoofing attack: public String getLocalhostName(){ try { return Inet4Address.getLocalHost()....
krokodilko's user avatar
0 votes
1 answer
240 views

Spoofed DNS answers ignored by target machine applications

Attacker: Arch Linux Target: Windows 10 Scenario The attackers launches an ARP spoof attack to redirect all target traffic to the attacker. (This works) The target sends DNS queries for domain name ...
Burst's user avatar
  • 23
-2 votes
2 answers
213 views

Dns poisoning for any search [closed]

DNS poisoning works only if we open a certain website. For example, a victim enters 192.168.21.56 in a browser, it will be directed to a phishing page. What if we want to redirect the victim to 192....
Noone Noone's user avatar
1 vote
0 answers
116 views

How do you mitigate the risk of stolen unencrypted data because you are using Cloud DNS to proxy the request that are sent to your server?

Goal My goal is to build a PWA. I am new to programming and I believe it is better to start with NGINX. I have not found a good article (explaining the security risk) about using the Cloud DNS (such ...
Jason Rich Darmawan's user avatar
1 vote
1 answer
162 views

What portion of recursive (ISP, public, etc.) nameservers validate DNSSEC strictly?

I'm adopting/setting up DNSSEC on my domains for the first time, and curious about the practical benefits I can expect. In theory, regardless of whether client/stub resolvers want checking, recursive ...
R.. GitHub STOP HELPING ICE's user avatar
1 vote
2 answers
1k views

The security of IP whitelisting large ranges

I am not a network expert but; a recent conversation has come up with a client asking to whitelist a range of ip's (let's say 250 odd for now) to transfer their data to us for processing. I should ...
John Halstead's user avatar
2 votes
1 answer
1k views

ARP spoofing + DNS spoofing

To make a prank on a friend, and also for educational purposes, I am trying to hack a DNS server in my local network. I am using Windows. I used arpspoof from GitHub. Can someone please elaborate on ...
C.Unbay's user avatar
  • 207
1 vote
0 answers
2k views

DNS Packet Spoof Scapy

I am looking into local DNS spoofing by sniffing DNS-requests with Scapy, and sending a spoofed packet in response. Here is the code I used: from scapy.all import * def spoof_dns(pkt): if (DNS ...
Nomad's user avatar
  • 2,399
16 votes
3 answers
40k views

What is the most secure way to store cross subdomain cookies

I am working for a company we will call "Company x". This company has a domain companyx.com. They have a cloud platform that manages things like SSL, but in order to do this you are required to use ...
Jackie's user avatar
  • 261
1 vote
2 answers
1k views

Can I alter the DNS cache on my Computer?

Can I alter the DNS cache of my computer. When I search online it only shows result to flush DNS cache and not how to alter it. The DNS cache saved on Windows consist of URL,serverIP and many other ...
Shaswat Kumar's user avatar
-1 votes
2 answers
2k views

How to conduct this MITM attack [duplicate]

For educational purposes, I want to conduct a demo for a Man In The Middle attack. The attack scenario is: 1) The client request aaa.com 2) The MITM changes the client request to bbb.com 3) The ...
user9371654's user avatar

15 30 50 per page
1
2 3 4 5