How To Hack And Have Fun At The Same Time

Posted by Brandon Boyce in May 14th, 2008

Posted in: Hack Tags: ARP, Hack, linux

If you’re stuck in a hotel room or a college dorm room and would like to have some fun with people the video below will show you how to spoof both SSL and DNS. SSL spoofing will allow you to see things that would normally be encrypted in plain text. DNS spoofing will allow you to send people to any site you want. If they type google.com you can send them to yahoo.com all in the name of fun.

You will need Linux to do this, the best choice would probably be BackTrack. BackTrack is designed to be an out of the box hacking machine. The hacks rely on something called ARP poisoning which I’ve defined below for your reading pleasure.

(n.) Also referred to as ARP poison routing (APR) or ARP cache poisoning, a method of attacking an Ethernet LAN by updating the target computer’s ARP cache with both a forged ARP request and reply packets in an effort to change the Layer 2 Ethernet MAC address (i.e., the address of the network card) to one that the attacker can monitor. Because the ARP replies have been forged, the target computer sends frames that were meant for the original destination to the attacker’s computer first so the frames can be read. A successful APR attempt is invisible to the user.(webopedia)

Popularity: 4% [?]

Comments For This Post Topic Were Disabled By The Author

Dustfinger said on August 30th, 2007 @4:22 pm

I find it oddly telling that this was posted on my birthday.

Hopefully some of this will help me crack my router, whose password I managed to accidentally change to god knows what >__

DarkTech said on August 30th, 2007 @5:56 pm

Dustfinger, unless you’re router is of the big industrial strength kind, the reset button on the back resets to factory settings including admin password. If it is a standard off the shelf type, you can probably re-enter all the required details in less than half an hour. My last setup took about that including setting up MAC allowances for the wifi.

If you still need the password sorted, or you’re using something this wont work for (industrial routers, linux servers acting as routers, etc) post you’re router model/distro to give us something to see what we’re dealing with.

Brandon Boyce said on August 30th, 2007 @6:08 pm

Dark’s right, you probably won’t be able to crack it with these tools. Your best bet will be to hold in that reset button to restore the router to its defaults.

itsmee said on August 30th, 2007 @6:35 pm

there are also a lot of authentication bypass exploits for home grade routers.

Dlink, netgear.. etc.

fatman said on August 31st, 2007 @6:19 am

and even if it’s a commercial grade router, there are ways to open it so long as you have physical access and putty/telnet.

Other Guy said on August 31st, 2007 @8:25 am

(I love how none of these comments have to do with this post)

Pressing the reset button usually works, but sometimes you have to hold it down for 5-10 seconds. But you probably knew that.

Dustfinger said on August 31st, 2007 @4:56 pm

Wow, didn’t realize a side comment would carry this far.

The router I have is a Linksys BEFSR81 ver 3. I know about the reset button, but the thing is I don’t know the email or password used to connect to our Bellsouth service (or ATnT now, whatever). My parents keep track of all that stuff, and I’d rather keep them in the dark about this, since they’ll probably get paranoid and think I’ll be opening up the network to hackers and such (which I probably will be, but that’s besides the point >__>). At this point I’m fairly new at figuring out how networks work and such, so a little nudge from anyone would be greatly appreciated.

DarkTech said on September 1st, 2007 @6:28 pm

After a brief look around google (30 min), nothing useful turned up. There is a DoS attack bug that can leave that model in the state it’s in now, but no info about a fix except the reset button. My advice is ask for the email/username + password from you’re parents in a way that doesn’t sound like you broke the router. “I want to check … settings at … provider’s end and need Pass +user to see them” is one that usually works. Talk about upgrading external anti-virus for you’re home email, etc. If they think it will make the connection more secure, they should give it to you… Most parent’s are low level user’s and will fold when you start talking about stuff that sounds complicated. Also if you happen to work for any type of computer store (in my case PC World on the advice/services desk) this is a great way to get money from customers.

Malfist said on September 2nd, 2007 @11:39 am

If they use it to log on to the internet each time, you could try a keylogger, but that’s illegal. My mother paranoid too so I know what you mean, my mother was afraid of me looking at Taoism and pornography. Keylogger helps a whole lot

lunk said on September 12th, 2007 @11:48 am

You could just reset it and wait a few hours for your parents to call tech support – they should send someone out to probably give you a new modem, but they’ll leave the default pw.

eyestrain said on September 26th, 2007 @3:28 pm

Download this -> Data Doctor Password Recovery.

then ask mum n dad to enter username/PW for you. The Doctor will remeber them and reveal them to you.

enjoy.

john said on October 19th, 2007 @4:52 am

im on my psp, i just use a keylogger. i now know all my moms passwords!! i am just starting and would app. help. how would yu hac a web like file planet. im not saying im going to do it . !!!!

Brandon Boyce said on October 19th, 2007 @9:26 am

litter the parking lot of the file planet offices with USB keys that have key loggers in them, someone is bound to pick one up and put it into their computer.

john said on October 19th, 2007 @12:59 pm

i am now on my computer. And flash drives cost a !@#$ load even for a little one. like 20 bucks. There isnt a way that i could use brute force? oh yah check out this website. hackerscatalog.com it has all this useful stuff. some illegal. but it had regestration gen. for stuff you get off the
internet that you have to buy to get more than 3 dvds copyed, for instance. its usefull. it cost a lot for shipping though. anyway, how would i deliver a email with a keylogger that sends emails to me. and how would i spike it?

Web designer Fredrick said on November 21st, 2007 @12:40 am

interesting post. its really a valuable information provided here in this post to prevent hacking. This is the first time i have come across NetStumbler, a decent wireless tool for Windows and easy to use also. thanks for those valuable information.

john said on November 21st, 2007 @3:51 pm

???hacking rules im just new…

bLuefRogX said on November 23rd, 2007 @8:00 pm

You didn’t mention SARA or SATAN, among my favorite tools for auditing security.

Shane said on November 27th, 2007 @8:12 pm

Ugh. I think I have seen variations of this list 1,000 times or more…

DarkMindZ said on December 29th, 2007 @8:27 am

yet another top tools / utilities :

http://www.darkmindz.com/download.dmz

xrgsal said on February 2nd, 2008 @10:10 am

dagii,

ilu. vmj. skj,wkj. djj. noushijan. silly. u light i yearn again. 2ctnotmsihawl4e. tarfb2thomy appr a h2 another taste. eaj,apj,jhj:jah,jmy,imy,jdy. sIsO.7.yj7.oi.

john said on February 4th, 2008 @6:52 pm

How do you get hashes. Where r they or how do you get them

Brandon Boyce said on February 4th, 2008 @8:29 pm

You have to get access to the hard drive to get the hashes, they are stored in the registry or in the SAM file

jason said on February 22nd, 2008 @12:36 pm

nice guide, now I know what to check if my comp is safe

newkiraj said on February 25th, 2008 @5:32 pm

haha #9 the last scentence should have been” you don’t want it hanging around to BYTE you in the ass.” lol anyway good list

Awards said on August 18th, 2009 @11:55 pm

test

jlogan said on August 26th, 2009 @6:17 pm

i'm trying to find a way to operate my digital camera it is a kodak easyshare cx7330 its not working right in the back window it say camera error #45 see users guide and i do not have a one i got the camera at a garage sale and it was working and it stop for reason and i am trying to get to work and i can't can you help me thank you

doctorsaba said on September 7th, 2009 @3:41 am

max191 said on October 7th, 2009 @8:27 am

Thanks for writing this blog and sharing it with the world. I would like to know how to go for reading your rss blog. Please let me know if possible.
regards
charcoal grill

Black Toner Cartridge said on October 25th, 2009 @12:02 pm

Thank you for review

Black Toner Cartridge

Free Games said on November 19th, 2009 @5:03 am

Cool Retro Games! Love it^^ Thanks for sharing and brings back the old memory

Dual Sim Mobile said on January 8th, 2010 @9:25 am

nice post

computergadget said on April 22nd, 2010 @1:21 pm

Hem……interesting post

Computer gadget

Mobile Phone

air jordan 3 said on June 7th, 2010 @11:32 pm

The idea of friend upstairs is reasonable, maintaining a healthy body is very important, I bought a few pieces of XX particularly recently,it can help keep our body healthy, let us feel fit as a fiddle every day, I was alight it in this store!! http://www.canno-tmake.com/