91.564 Project Presentation   DNS Spoofing    Beibei (Betty) Yang    byang1@cs.uml.edu
Theoretical DNS recursion
DNS in the real world 
DNS Spoofing (Pharming)pharming      n. the process of producing medically useful products from     genetically modified p...
DNS ID Spoofing (Ver. 1)  1. ARP Poison 2. Sniff DNS packets from a certain victim 3. Reply fake DNS packets ./dnsspoof.py...
DNS ID Spoofing (Ver. 2)  1. Continuous ARP Poison 2. Sniff DNS packets from all victims 3. Reply all victims with fake DN...
Implementation OS: Ubuntu 9.10 Language: Python 2.6.5 Library: Scapy 2.1.1    http://www.secdev.org/projects/scapy/
Scapy Example -- Building a packet$ sudo scapyWelcome to Scapy (2.0.1-dev)>>> IP()<IP |>>>> target="www.target.com">>> tar...
Scapy Example -- Packet Sniffing>>> sniff(filter="icmp and host 66.35.250.151", count=2)<Sniffed: UDP:0 TCP:0 ICMP:2 Other...
sudo ./dnsspoof.py 68.87.73.246 192.168.1.104 129.63.176.200sudo ./dnsspoof.py 68.87.71.230 192.168.1.104 129.63.176.200 s...
Victim A Switch network Windows XP
Corresponded Wireshark Snapshot 
Victim B Wireless Jolicloud
              Thank you!
Upcoming SlideShare
Loading in...5
×

Class Project Showcase: DNS Spoofing

2,703

Published on

done for my class project 91.564 Data Communication II at UMass Lowell

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,703
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "Class Project Showcase: DNS Spoofing"

  1. 1. 91.564 Project Presentation DNS Spoofing Beibei (Betty) Yang byang1@cs.uml.edu
  2. 2. Theoretical DNS recursion
  3. 3. DNS in the real world 
  4. 4. DNS Spoofing (Pharming)pharming  n. the process of producing medically useful products from genetically modified plants and animals. (dictionary.com) DNS Spoofing The art of making a DNS entry to point to an another IP than it would be supposed to point to. Three techniques: 1. DNS Cache Poisoning2. DNS ID Spoofing 3. Making the attack more accurate with the Birthday Paradox
  5. 5. DNS ID Spoofing (Ver. 1) 1. ARP Poison 2. Sniff DNS packets from a certain victim 3. Reply fake DNS packets ./dnsspoof.py <dns_server> <victim> <impersonating_host>
  6. 6. DNS ID Spoofing (Ver. 2) 1. Continuous ARP Poison 2. Sniff DNS packets from all victims 3. Reply all victims with fake DNS packets ./dnsspoofv2.py <dns_server> <impersonating_host>
  7. 7. Implementation OS: Ubuntu 9.10 Language: Python 2.6.5 Library: Scapy 2.1.1 http://www.secdev.org/projects/scapy/
  8. 8. Scapy Example -- Building a packet$ sudo scapyWelcome to Scapy (2.0.1-dev)>>> IP()<IP |>>>> target="www.target.com">>> target="www.target.com/30">>> ip=IP(dst=target)>>> ip<IP dst=<Net www.target.com/30> |>
  9. 9. Scapy Example -- Packet Sniffing>>> sniff(filter="icmp and host 66.35.250.151", count=2)<Sniffed: UDP:0 TCP:0 ICMP:2 Other:0>>>> a=_>>> a.nsummary()0000 Ether / IP / ICMP 192.168.5.21 echo-request 0 / Raw0001 Ether / IP / ICMP 192.168.5.21 echo-request 0 / Raw>>> a[1]<Ether dst=00:ae:f3:52:aa:d1 src=00:02:15:37:a2:44type=0x800 |<IP version=4L ihl=5L tos=0x0 len=84 id=0 flags=DF frag=0L ttl=64proto=ICMP chksum=0x3831 src=192.168.5.21 dst=66.35.250.151 options= |<ICMPtype=echo-request code=0 chksum=0x6571 id=0x8745 seq=0x0 |<Rawload=Bxf7gxdax00x07umx08tnx0b x0crx0ex0fx10x11x12x13x14x15x16x17x18x19x1ax1bx1cx1d x1ex1f !x22#$%&()*+,-./01234567 |>>>
  10. 10. sudo ./dnsspoof.py 68.87.73.246 192.168.1.104 129.63.176.200sudo ./dnsspoof.py 68.87.71.230 192.168.1.104 129.63.176.200 sudo ./dnsspoofv2.py 68.87.73.246 129.63.176.200sudo ./dnsspoofv2.py 68.87.71.230 129.63.176.200
  11. 11. Victim A Switch network Windows XP
  12. 12. Corresponded Wireshark Snapshot 
  13. 13. Victim B Wireless Jolicloud
  14. 14.     Thank you!

×