Fake updates with the DNS-spoofing attack
A fake update with the DNS-spoofing attack is a LAN-based attack. It very handy while conducting internal audits of security and also while conducting a white box penetration test. This attack consists of ARP poisoning, DNS spoofing, and Metasploit. In this attack, we will first set up a server with a fake page that shows the download section for system updates. These updates will be our payloads for three different operating systems: one each for Windows, Linux, and Mac OS.
Next, we will ARP poison the local LAN and will send spoofed DNS entries that point every domain request to our fake Download updates page.
Whenever a client on the local LAN tries to open any website, his or her request will redirect him or her to our fake page and he or she will not be able to make any connections to any websites unless and until he or she downloads the updates.
As soon as the victim downloads the update files and runs them, the update files that are our Metasploit...
