DNSpwn DNS hijack | Metasploit Exploit Database (DB)

DNSpwn DNS hijack

Race DNS responses and replace DNS queries

Search Other Modules


Rank

  • Normal

Authors

  • dragorn < >

Development


Similar Modules


Usage Information

$ msfconsole

                ##                          ###           ##    ##
 ##  ##  #### ###### ####  #####   #####    ##    ####        ######
####### ##  ##  ##  ##         ## ##  ##    ##   ##  ##   ###   ##
####### ######  ##  #####   ####  ##  ##    ##   ##  ##   ##    ##
## # ##     ##  ##  ##  ## ##      #####    ##   ##  ##   ##    ##
##   ##  #### ###   #####   #####     ##   ####   ####   #### ###
                                      ##

msf > use auxiliary/spoof/wifi/dnspwn
msf auxiliary(dnspwn) > set RHOST [TARGET IP]
msf auxiliary(dnspwn) > run


Module Options

CHANNEL The initial channel (default: 11)
DNSLIST YAML file of DNS entries for replacement (default: /home/svn/jobs/msf3/data/exploits/wifi/dnspwn/dnslist.yml)
DRIVER The name of the wireless driver for lorcon (default: autodetect)
DURATION Duration of spoofed IP record (default: 99999)
FILTER Default BPF filter (default: port 53)
INTERFACE The name of the wireless interface (default: wlan0)
IP IP for host resolution (default: 1.2.3.4)
MATCH Match for DNS name replacement (default: (.*))
PCAPFILE The name of the PCAP capture file to process
RHOST The target address
SNAPLEN The number of bytes to capture (default: 65535)
TIMEOUT The number of seconds to wait for new data (default: 500)
USEDNSFILE Use dns list file for response (default: false)
GATEWAY The gateway IP address. This will be used rather than a random remote address for the UDP probe, if set.
NETMASK The local network mask. This is used to decide if an address is in the local network.
UDP_SECRET The 32-bit cookie for UDP probe requests.
VERBOSE Enable detailed status messages
WORKSPACE Specify the workspace for this module