DNS Attacker
DNS Resolver is a software service running on any computer, in this case MIRC/IRC Network. DNS Resolver service forwards DNS Queries to the DNS Server, in this case MIRC/IRC DNS Server for Name Resolution, on behalf of Operating System using DNS Resolver (a DNS Client) and other applications, this is where DNS Resolver ask DNS Name Server to provide information and resolve specific IP to Address. This will cause our DNS query to resolve for DNS Server going from MIRC/IRC Server to victim DNS, once resolve, we can access victim pc shares or null shares remotly, as if we are into victim local network.
- Types of Access
- Read, write or both
- Vhost Networks
- If you are connected to null shares, you will see something like routers, printers, scanners, remote machines
- If you see $, it means that is unix
- If you are stuck at access, you will still know victim exact username or list of usernames available
- Windows: Change victim hosts files or regedit remotely
- *nix based system, obtain /etc/shadow /etc/passwd /etc/services
- Works on Windows/*nix/mac and LAN/WLAN/NAT but not on websites/web systems
- Do not over due victims, wait 24 hours otherwise you will over load DNS
- If victim is resolved it can be hacked, if not then no
- Load the script and find any victim
- Command: /dns Victim_IP
- On Windows: Start menu then run enter \\VICTIM_IP that is resolved (you will see new window)
- On Linux: Smbclient //VICTIM_IP (with or without other parameters, if neccessary)