Donate to us via Paypal!
The important thing is not to stop questioning. - Albert Einstein
Thursday, February 25, 2021
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 147
Guests Online: 146
Members Online: 1

Registered Members: 133690
Newest Member: toni000098
Latest Articles

View Thread

HellBound Hackers | Computer General | Hacking in general

Author

injecting dns requests remotely...


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-09-07 14:23
is this possible?
what i mean by it is say a victim types in the address google.com, is there a way to(remotely) manipulate the dns server or returned information so that a different ip is returned from google's real one?
p.s. i have googled before anyone asks/tells


Author

RE: injecting dns requests remotely...


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-09-07 14:39
it would be hard to do if possible but the rewards would be huge. In advertising you could manipulate search results so your service/product comes out first, you could get peoples email/paypal/ebay passwords and redirect them and submit the info so they log in as normal and are completely unsuspecting.

Knowledge on how to do it would be worth loads and i dont think many people would disclose it readily though if anyone does know how.... Wink


Author

RE: injecting dns requests remotely...


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-09-07 14:42
but if anyones offering... Grin


Author

RE: injecting dns requests remotely...


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-09-07 14:47
Not impossible. It would require a lot of low-level programming and won't be as easy as choose an IP and click a button.
Author

RE: injecting dns requests remotely...


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-09-07 14:50
i know, i hate automated programs that "hack" people, hence why i dont use them. i like to be able to write my own code to do these things. well i guess ill research into sockets that DNS uses and interception methods and try and work it out from there.


Author

RE: injecting dns requests remotely...


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-09-07 14:52
let us know if you do indeed figure it out Pfft


Author

RE: injecting dns requests remotely...


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-09-07 15:04
will do Smile

yknow i think hbh should have a research team or something that goes out and finds out things that the overall community want to learn about Pfft


Author

RE: injecting dns requests remotely...


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-09-07 15:12
Not impossible. It would require a lot of low-level programming and won't be as easy as choose an IP and click a button.


Of, course there is a way to do it! Manipulate their DNS Cache.
http://en.wikiped. . ._poisoning

Don't suggest/mislead people when you're NOT sure of what you're talking about, that's being counterproductive.

Mr_Noob, catch me on AIM if you need further help on accomplishing this.


Author

RE: injecting dns requests remotely...


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-09-07 15:12
I know how you could do something similar to what you want to do. You check the packets' destination IP address, and if it is the one you are interested to, you change it to a proxy you own, or a server that will fake the host the user requested.

If it is through HTTP, you would also need to change some HTTP headers.
Author

RE: injecting dns requests remotely...


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-09-07 15:12
we would have to have a poll thing or something and a reward in points for people to want to do it


Author

RE: injecting dns requests remotely...


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-09-07 15:17
thanks for the link netfish Smile and sorry dont have AIM :/

was thinking of a new way of possibly attacking windows boxes, by changing the dns record of windowsupdate.com and making the user download malocious code disguised as a patch :ninja:


Author

RE: injecting dns requests remotely...


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-09-07 15:23
mr noob wrote:
thanks for the link netfish Smile and sorry dont have AIM :/

was thinking of a new way of possibly attacking windows boxes, by changing the dns record of windowsupdate.com and making the user download malocious code disguised as a patch :ninja:


that would be awesome and to make it even more ironic you could have more downloads as patches for your malicious downloads to keep ahead of the antivirus programs


Author

RE: injecting dns requests remotely...


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-09-07 15:25
lol that would be quality :-)


Author

RE: injecting dns requests remotely...


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-09-07 15:26
You wouldn't have that much access to the victim's packet, arcube. But way is also do-able (slow).

Remember, he's going after the DNS Server (not the victim), because he only wants to redirect their DNS requests.

You can make multiple queries in one request. Just change the:

- QName
- QType
- QCLASS

Simply define the amount in QDCount. Look at the RFC for more details on the technology and protocol itself:

http://www.netfor. . .




Edited by on 22-09-07 15:32
Author

RE: injecting dns requests remotely...


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-09-07 15:28
was thinking of a new way of possibly attacking windows boxes, by changing the dns record of windowsupdate.com and making the user download malocious code disguised as a patch


It's been done before. And it still is being done today. Not many people are exposed to it. If you study worms more thoroughly you'd see what I'm referring to.


Author

RE: injecting dns requests remotely...


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-09-07 15:29
yeah im in the process of reading up on DNS internals and your link from wiki netfish Smile