Local DNS Hacking : Force your End Users to use “your site” Laugh at mates 1

20Oct
By Cyber Security, How to ...? , 0 Comments

Local DNS Hacking

Force your End Users to use “your site”

OK OK, this is not real hacking but it’s fun 🙂 As well as there are some attack types, where the browser is been hijacked so the User can’t go to some specific web pages or the user will be forced to open that page as soon as they use they Internet browser, where the user will be directed to the FAKE/ phishing web page or malware loaded local site)

By default, when a Windows PC User tries to open a website from a browser, Windows will try to resolve the website name to its IP address from the local DNS cache.

The local cache is stored :

C:\Windows\System32\drivers\etc\hosts

If this fails, it will query the host file and if there is no entry to the website there , then it will contact the DNS server which is set up in your NIC (Network Card) .

If there is any entry in the local cache , the PC will load or block that site depending on your settings. To make sure there is nothing in the DNS cache, you have to clear it so the little fun trick can work on your “victim” user or if you can :

open CMD and type “ipconfig /flushdns” or restart the DNS service from the services tab.

Open the file via typing “C:\Windows\System32\drivers\etc\hosts” in to the search area in your start menu

This will open the HOST File for you ( it will ask you, how you want to open the file type, select via NOTEPAD) , which is inside the “etc” section of your drivers

add an entry as below:

127.0.0.1 domainname.com

(domainname.com being the website you want to block. Save the hosts file outside the etc folder and then move it there, replacing the older version, as Windows won’t let you save the file there directly. Also make sure there’s no extension like .txt at the end of the file name) 

This way whenever a user tries to go to anything.domainname.com, their browser redirects them to 127.0.0.1 which is the local host. Or maybe you can redirect them to an HTML page stating the reason why that page is blocked from within your organization.

PS: It’s always a good practice to “copy the original” HOST file, so when the FUN is over, everything can be loaded to its original state.

Enjoy 🙂

Erdal

Hacking is easy by Erdal Ozkaya
Hacking is easy by Erdal Ozkaya

Share this post

Author

Named among Top 50 Technology Leaders 2021 by CIO Online & IDC, working with an ardent passion for raising cyber awareness and leveraging new & innovative approaches. He is committed to the delivery of accurate, accessible resources to inform individuals and organizations of cybersecurity and privacy matters in the internet age. Dr Erdal is a collaborative team leader with the key areas of his expertise spanning end-to-end IT solutions, management, communications, and innovation. In addition, he is a well-known public speaker, an award-winning technical expert, a book author, and writer of certifications (courseware and exams) for prestigious organizations such as Microsoft, EC Council, and other expert-level vendors. Some of his recent awards are: 2021: Best CISO for Banking and Financial Sector CIO Online & IDC : Top 50 Technology Leaders, Security Magazine Top CISO, Tycoon Success Magazine, Most Powerful 10 Middle East Businessman EC Council CEH Hall of Fame 2020: Khaleej Times "CISO Power List" , Cybersecurity Legend by GEC Media Group, "Super Hero CISO", by Enterprise IT Top CISO by Security ME Magazine 2019: CISO Mag " Hall of Fame" and Cybersecurity Influencer of the year , Microsoft Regional Director 2018 : NATO Center of Excellence Award 2017: Microsoft Platinum Club (employee of the year ), Security Professional of the year and more...

Leave a Reply

Your email address will not be published.

Related Posts

Security Exploit
22May

New Windows 10 Security Exploit Can Read All Your Files – What You Need To Know

New Windows 10 Security Exploit A security researcher with a history of releasing zero-day exploits for the Windows operating system has... read more

CTI
06Jun

Building a Cyber Threat Intelligence Platform in 5 steps

Cyber threat intelligence is information about a prevailing or evolving cyber threat that can be disseminated by threat intelligence partners... read more

Banking Security
23Jun

Australian Banking Security (We need to improve as of 2012 )

Australian Banking Security Online Security is getting every day more and more important. It’s so common these days to implement secure... read more

Mercedes Benz AMG Data Breach
07Jul

Mercedes Benz AMG Data Breach 2021

 Mercedes Benz AMG Data Breach I regret to inform all of you that I just received an email from Mercedes Benz... read more

EDR
22Apr

WHY EDR SOLUTION IS BETTER THAN ANTIVIRUS ?

WHY EDR SOLUTION IS BETTER THAN ANTIVIRUS Let's start first with the definition of EDR or Endpoint Detection and Response. It... read more

Manage Engine review
24Mar

A review of Cybersecurity The Beginner’s Guide : Informative Review (March 22 )

A review of Cybersecurity The Beginner's Guide Special thanks to Manage Engine for revieing my book and publishing it in their... read more

Kaseya VSA Breach
08Jul

Kaseya VSA Breach Consequences of Security Failures

Kaseya VSA Breach Consequences of Security Failures The world has witnessed another large-scale cyber-attack. On July 2, 2021, Kaseya, an IT... read more

Top 10 Best Book For Cyber Security Reviews
01Feb

Top 10 Best Book For Cyber Security

Top 10 Best Book For Cyber Security The Sawfinder team studied on 46978 reviews available online for Book For Cyber Security,... read more

CISO Mag May 20 Issue Dr Erdal Ozkaya
06May

CISO Mag May 20 Issue :Security Evolution , From Legacy to advanced to ML and AI

CISO Mag May 20 Issue  Security Evolution , From Legacy to advanced to ML and AI I did contribute in this... read more

The Art of Breach Detection
23May

Learn The Art of Breach Detection – Free Video 4

Learn The Art of Breach Detection Do you want to learn the key secrets of Breach Detection? Then this free video... read more