Forum Thread: Arpspoof and Dnsspoof

Try useing ettercap or any other tool like mitmf
Look at github and search for mitm or man-in-the-middle

But the DNS server are external, like if it was 8.8.8.8.

Can we dns spoof even if using an external dns server ?

We can arpspoof victim and gateway, so that the attacker gets in the middle.

Then, if the victim's dns server is the same as the gateway, the attacker can use dnsspoof to forge packets accordingly.

But if the victim's dns is external (like 8.8.8.8), there's no possible way of spoofing him this way.

Am I right ?

Hey Guys,

How about using bettercap? You have to type 'sudo apt-get install bettercap' to install it. It also supports https.
If you want to mitm someone you simply have to type 'bettercap -T <Target> --proxy-https -P https' and that's it.
But don't forget to change the 0 in /proc/sys/net/ipv4/ip_forward to 1.

It's just a suggestion. Thanks.

The tool I use doesn't matter. I could have used ettercap, bettercap, dnschef, dnsmasq, dnsspoof with arpspoof etc...

Please read my post before. I think it's not possible because the victim's DNS is not the default gateway or another address part of the LAN. The dns is an external dns like 8.8.8.8.

I, the attacker, is in the middle with arpspoof.

If the dns was also 192.168.1.1 (like the default gateway), the dns spoof would work.

Please correct me if I'm wrong.

You might be right, Im bot sure I haven't use a mitm attack with a DNS.