Proof-of-Concept-Host-Hijack

DNS spoofing and phishing are a very real issue dealt with on the internet. The purpose of this program is to detail our workflow and research progress regarding DNS spoofing and phishing sites. This was created to work within my lab environment. The work produced and submitted is for educational purposes and proof of concept.

We were tasked with picking a topic regarding security and either developing or researching that topic. We decided to attempt a DNS spoof/phishing site for this project. With the time given for this project, we decided on key features to include. The result produced by this project is more so a proof of concept and feasibility than an actual deliverable product. Our project assumes a lot from the user and the execution of our code and phishing site, which could have been overcome in a more long-term project with more resources to our disposal. The legality behind this project coursed us through some decisions regarding our approach to certain features of the project. We could not fully develop an efficient payload or properly and fully host a webserver, due entirely to this fact. As mentioned in the earlier sections, the purpose of this was the educational value behind the feasibility and proof of concept, in goal of showing and understand the process behind DNS spoofing and phishing, and how it can effect a network.

One of the items that was out of scope was how we would distribute our software that we made to the user. We felt that trying to figure this out might take away from the main portion of our project and cause us to lose focus on what we actually needed to do. Another item that was out of scope was getting other web browsers to reach our webpage. We found out from the research of this project that Google Chrome has a built in DNS resolver. The reason that this would cause a problem is that each time the user would go to the Mysait website they would always be pointed to the actual page. The only way to prevent this was if someone deleted the DNS cache that was built in to Chrome. We again felt that this would pull too much away from the main purpose of our project and we would not have enough time to finish. A third item that was out of our scope was getting the software to work on all of the operating systems. We didn’t have the time nor the resources to fully check and try to figure out how to get the program to work on other operating systems. Another item that was out of scope was assigning the IP in the host file. Since in the program the IP of our webserver is hard coded instead of having the IP address set to wherever our webserver was at any point in time. Another item that was out of scope was what would happen to the user after they had entered their credentials and were taken to the error login screen. If this was in our scope we would’ve had them get redirected to the real Mysait website so that they would not realize that anything was wrong. One of the complications that we had with the project was we could not get it to work if someone was on a different subnet. We were only able to get it working if both the user and the webserver were in the same room and connected using a wired connection. Another complication was if the user didn’t access their Mysait account to access the various resources. This project would only work if the user planned on going to their Mysait website. Anything that was not listed in the project is considered out of scope.