How can I perform DNS rebinding using evil twin in local level?
as the title says i want to perform this attack https://sinister.ly/Thread-DNS-Rebinding-Attack
using evil twin on local level
the curl command to login into the router
curl "http://192.168.1.1/" --data "frashnum=&action=login&Frm_Logintoken=25&Username=admin&Password=admin" the curl command to get the page that contains the wifi password
curl -v -X GET "http://192.168.1.1/getpage.gch?pid=1002^&nextpage=net_t.gch" -o 565.html this how i was planing to perform the attack evil twining a wifi using fluxion or whatever .... when the user opens the captive portal sign in network page (that has dns rebinding scripts in it )is detected we stop the ddos ... the user auto connects to his wifi then the page refreshes and execute the dns rebinding attack to get the wifi password from his router ....
but now i don't know how will get the html file back if want to use it in local level only
thought about another way around this by enabling the second ssid instead of the WiFi password .. wouldn't xss do this better ? the second problem is how will the page refresh when the server is offline .
can we make it check if it's connected the internet if yes then execute the code ?!
what do you think folks ?
0 comments
[ 2.9 ms ] story [ 13.3 ms ] threadNo comments yet.