11Kas
DNS Hijack: Only spoofing sites listed in etter.dns
I'm trying to create a more practical DNS Hijack MITM attack. I do the traditional ARP poison with dns_spoof method. I don't have any issues getting it to work. The intended domain redirects exactly as expected. The only issue is that the current method isn't realistic. It would make a victim extremely suspicious because every other website would break. An attacker would need to count on the victim going to your domain immediately after you initiate the attack.
ALL websites not listed in the etter.dns host file gets redirected as well. How can we get ettercap to spoof ONLY the websites listed in etter.dns while forwarding everything else to their intended locations?
