Skip to content

koma5/dnsSuffixSpoofingManInTheMiddleRootZoneSomething

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 

Repository files navigation

dnsSuffixSpoofingManInTheMiddleRootZoneSomething

The story behind this.

The commands to run those docker containers.

# setup new ip adresses on host
sudo ifconfig en0 alias 172.16.42.2/32 up
sudo ifconfig en0 alias 172.16.42.3/32 up

docker build -t evil-dns evil-dns
docker build -t httpd-com httpd_razw3hgtpmkesdh.com
docker build -t httpd-org httpd_razw3hgtpmkesdh.org

docker run --name evil-dns -d -p 53:53/udp -p 53:53 evil-dns --hostsfile hostsfile.txt
docker run --name httpd-com -d -p 172.16.42.2:80:8080 httpd-com
docker run --name httpd-org -d -p 172.16.42.3:80:8080 httpd-org

# add DNS sufix and point to docker DNS server
echo -e "search razw3hgtpmkesdh.com\nnameserver 127.0.0.1" > /etc/resolv.conf

Now point your Google Chrome to http://razw3hgtpmkesdh.org and the content of http://razw3hgtpmkesdh.com should be displayed.

About

some hack involving the root zone dot, DNS suffixes docker, evil DNS servers and good webservers.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published