Conjunction with DNS spoofing
The primary motive behind all attacks on a victim's system is gaining access with minimal detection and least risk of catching the eye of the victim.
Now, we have seen the traditional browser autopwn attack and a modification of it to hack into the website's target audience as well. Still, we have the constraint of sending the link to the victim somehow.
In this attack, we will conduct the same browser autopwn attack on the victim but in a different prospective. Here, we will not send any link to the victim, that is we will allow victim to browse normally.
This attack will work only in the LAN environment. This is because in order to execute this attack, we need to perform ARP spoofing, which we can perform only under the LAN environment. However, if we can modify the hosts file of the remote victim somehow, we can also perform this over a WAN.
Tricking victims with DNS hijacking
Let's get started. Here, we will conduct an ARP spoofing/poisoning attack against the...