Posted on Thursday, 3rd March 2011 by Michael
A Hacker’s Proposal:
A little over two years ago I met the girl of my life, not knowing at the time she would one day be my wife.
Social Engineering: The Ring
One day while out shopping she found the ring she would later on wear. The only issue I had was it was more then what I planned on. Though how could you say no to the one you love. I did not let her know at the time and continued to ask what she thought of other rings making sure her heart was definitely set on that one.
Then one evening as I was getting ready to leave work I called her letting her know I was going to stop at the store to get some water. She told me since I did not feel well that she would stop at the store for me and meet me at home. I figured this be the best opportunity to surprise her. Though I was super ill I ran to the store and bought the ring knowing that she would stop by there on the way to get the water to look at it like she normally did. I got to the store and purchased the ring to find that this is a one of a kind ring with no others available like it from that store. Nor did any other stores have one. I spent the last several months visiting jewelers showing them pictures of the ring and asking if they had one like it, all of them were amazed by the design. Once I heard this I knew she would call me tonight to let me know that the ring was gone. Like clockwork the call came through and you can hear the disappointment in her voice.
Phase 1 was completed she had no idea that I bought it for her or what was to come.
DNS Poisoning and ARP Spoofing: The Proposal
Before continuing to read, for those non technical people out there or in the event that the owner of Hip2Save ever reads this, NOTHING malicious was done to their site and all the below took place on my own personal network using our own personal equipment.
What is a better way to say I love you then poisoning the one’s you love DNS to send her to a false site that looks like the original site but has a personal deal, poem and directions. I decided to use the site www.hip2save.com. The site offers daily deals and she loves to visit the site and get free / discounted products, I know we will have to work on her giving away her info so freely. I used wget –m to download a mirrored copy of their site to my apache directory on my backtrack box and altered the page to look like the below image:
That was the easy part. The next part was carrying out the actual spoof and poisoning. Remember it is a race condition to see what DNS server answers first. So I cheated here and set my firewall to my malicious DNS server that I installed on my backtrack so I knew I would win. When I think about it, it would have been easier to setup my own zones for the sites I wanted to hijack, but where would the challenge be there. With that in place I used Dsniff’s arpspoof to take care of the arp s this did not take out my wireless switch like ettercap did. Then I used ettercap –T –q –P dns_spoof (after editing the etter.dns file of course). I also enabled IP forwarding so the packets could be forwarded out and I used my DNS server to handle all the non hijacked sites. The above took several days of testing and researching before I knew without a doubt that it would all work.
Exploitation: Popping the question
Several hours after she got home from work we were both sitting on the couches watching TV and surfing the net when she said “what is this” and started to cry (Happy tears). I was like what’s wrong as I got off the couch and approached her to see what she was talking about (already knowing). I pulled the ring out and asked her to marry me while getting down on one knee.
She said: Yes and was extremely impressed with my idea for the proposal and even though she doesn’t know anything about hacking she asked that I explain to her how I did it.
Posted in Blog | Comments (2)
