Sponsored by Keepnet Labs

Local DNS Hacking : Force your End Users to use “your site” Laugh at mates 1

20 Oct
By Cyber Security, How to ...? , 0 Comments

Local DNS Hacking

Force your End Users to use “your site”

OK OK, this is not real hacking but it’s fun 🙂 As well as there are some attack types, where the browser is been hijacked so the User can’t go to some specific web pages or the user will be forced to open that page as soon as they use they Internet browser, where the user will be directed to the FAKE/ phishing web page or malware loaded local site)

By default, when a Windows PC User tries to open a website from a browser, Windows will try to resolve the website name to its IP address from the local DNS cache.

The local cache is stored :

C:\Windows\System32\drivers\etc\hosts

If this fails, it will query the host file and if there is no entry to the website there , then it will contact the DNS server which is set up in your NIC (Network Card) .

If there is any entry in the local cache , the PC will load or block that site depending on your settings. To make sure there is nothing in the DNS cache, you have to clear it so the little fun trick can work on your “victim” user or if you can :

open CMD and type “ipconfig /flushdns” or restart the DNS service from the services tab.

Open the file via typing “C:\Windows\System32\drivers\etc\hosts” in to the search area in your start menu

This will open the HOST File for you ( it will ask you, how you want to open the file type, select via NOTEPAD) , which is inside the “etc” section of your drivers

add an entry as below:

127.0.0.1 domainname.com

(domainname.com being the website you want to block. Save the hosts file outside the etc folder and then move it there, replacing the older version, as Windows won’t let you save the file there directly. Also make sure there’s no extension like .txt at the end of the file name) 

This way whenever a user tries to go to anything.domainname.com, their browser redirects them to 127.0.0.1 which is the local host. Or maybe you can redirect them to an HTML page stating the reason why that page is blocked from within your organization.

PS: It’s always a good practice to “copy the original” HOST file, so when the FUN is over, everything can be loaded to its original state.

Enjoy 🙂

Erdal

Hacking is easy by Erdal Ozkaya

Hacking is easy by Erdal Ozkaya

Share this post

Author

Erdal is an Australian IT Professional with business development & management skills who focuses on securing the Cyber Space & sharing his real-life skills as a Security Adviser, Speaker, Lecturer, Author and Cybersecurity Architect.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts

01 Feb

How hackers hack via Phishing

How hackers hack  Erdal Ozkaya YouTube   read more

20 Jul

Train your Threat Hunting Skills

Train your Threat Hunting Skills One of my best friends, my partner in conferences, books, family friend Milad Aslaner wrote... read more

Cybersecurity First Responder Erdal ozkaya
04 Aug

Cybersecurity First Responder

Here are the "Cyber Security First Responder " Subject Matter Experts, true professionals which earned my respect. It was... read more

International Cyber Warfare and Security Conference Erdal
02 Nov

International Cyber Warfare and Security Conference 19 Keynote Speaker

International Cyber Warfare and Security Conference I am pleased to announce that I will be one of the Keynote Speakers... read more

Network Security Administrator Erdal
19 Jan

Network Security Administrator (ENSA) Certification Free Short Course -2014

Network Security Administrator This short course is designed to partially prepare you for certification as an EC-Council Network Security Administrator (ENSA). The... read more

24 Jun

Start your Cybersecurity career for Free – Highly Effective 2016

Start your Cybersecurity career for Free I keep getting e-mails every day, if not hundreds definitely tens of them. Here... read more

01 Jun

10 years of virtual dynamite: A high-level retrospective of ATM malware

10 years of virtual dynamite: A high-level retrospective of ATM malware POSTED BY VANJA SVAJCE via Talos Intelligence Executive summary It has been... read more

Security Evolution From Legacy to Advanced to ML and AI
21 May

Security Evolution From Legacy to Advanced, to ML and AI

Security Evolution From Legacy to Advanced to ML and AI AI and ML present a new dawn in the cybersecurity... read more

Security Exploit
22 May

New Windows 10 Security Exploit Can Read All Your Files – What You Need To Know

New Windows 10 Security Exploit A security researcher with a history of releasing zero-day exploits for the Windows operating system... read more

Jay Bavisi Erdal Ozkaya AWARD
13 Nov

EC Council Circle of Excellence

EC-Council Circle of Excellence Award 2012 awarded to Erdal Ozkaya Miami, Florida, USA (29 October 2012) Erdal Ozkaya has been awarded with... read more