Block a website by manipulating the HOSTS file in Client [feature-request]

[vigneshkarthisan]

I think this would be a rarely used feature however, one can frustrate a user(client) by blocking access to a website by adding values in the HOSTS file in C:\Windows\System32\drivers\etc.

I am sure you all know how to do this but for newcomers;
For example - to block www.facebook.com,

127.0.0.1 www.facebook.com

It would be awesome to add a separate form to block websites. This feature would provide a basement to phish websites using this technique.Redirect a website to localhost(say facebook)using the HOSTS file, start a minimalistic server running a copy of that website(there are plenty of c# http servers in GitHub) and get those passwords.

[MaxXor]

Yes, it's maybe useful. However you'll need Administrator rights to do this.

[vigneshkarthisan]

Yeah. Trying to trick the user to get admin rights and then running xRAT as a windows service would be a viable option. Since this feature is easy to implement(just add logic to write to a file), we can add a try{} catch{} and if the client does not have admin rights, then sending a packet denoting that admin rights is not available is possible

[ModdersCentral]

You might want to use this alternative instead of the host file.

foreach (TcpConnectionInformation con in (new IPGlobalProperties.GetIPGlobalProperties).GetActiveTcpConnections){
If (con.RemoteEndPoint.Address.ToString = blocked_website_ipaddress){

}

}

iphlpapi.dll (SetTcpEntry)