Author Topic: dns hijacking facebook (Read 883 times)

gogia1 · « **on:** September 16, 2015, 04:22:19 pm »

i'm trying dns hijacking, i've configured dns server added zone file, when i typed facebook.com in browser addres bar i've got

is there any way to bypass ?

iTpHo3NiX · « **Reply #1 on:** September 16, 2015, 07:07:00 pm »

The reason for this is because your certificate is not validated. It's always going to appear

flowjob · « **Reply #2 on:** September 16, 2015, 08:19:50 pm »

Quote from: iTpHo3NiX on September 16, 2015, 07:07:00 pm

The reason for this is because your certificate is not validated. It's always going to appear

OP could always install his own root certificate on the target computer, but that would require admin access.
If that's a feasible way depends on what he wants to archieve. If he wants any live information or plans to spoof multiple websites to steal info this would be a way to do it. If, on the other hand, OP just wants facebook credentials it would be easier to get them from the browsers saved passwords.

xor · « **Reply #3 on:** September 17, 2015, 05:17:36 am »

Certain websites are in all browsers HSTS list.

This means that even if you browse to them using HTTP, they will also redirect to HTTPS.
If this wasn't the case, your DNS hijacking would work fine, now though, you have to have a certificate that is trusted on the client computer.

Kind of annoying and can't be solved without access to that machine.

EvilZone

News:

Author Topic: dns hijacking facebook (Read 883 times)

gogia1

dns hijacking facebook

iTpHo3NiX

Re: dns hijacking facebook

flowjob

Re: dns hijacking facebook

xor

Re: dns hijacking facebook