Exercise 1: Setting Up the Scenario
In this lab, we need to edit our current DHCP scope and change the lease time, as well as the Subnet delay. After making those changes we also need to move the ‘wwwroot’ folder to the ‘inetpub’ folder.
Exercise 2: Preparing the Attack
In this part, we need to modify a copy of a website and then use an open source DHCP and DNS server to redirect traffic.
First I needed to create a folder to save the website too, and then make any changes to the websites HTML code.
Now the website has been saved, I need to set a static IP address on the Rogue VM.
Now that the Rogue is on a static IP, I need to add a Windows Feature ‘Internet Infomation Services’
Now I need to open up IIS and point to my Website.
Now I need to install DuelServerInstallerV7.12, and start the Duel DHCP DNS Service.
Exercise 3: Falling for the Attack
In this part, we log into the client and open up the website and see which version we get.
After following the lab’s steps, I get the unedited website, now the reason this is happening is that my IP range is still above 129. The lab does say that the VM will try to hold its previous IP address and to force it to renew, but it still only renews to the DCs Scope.
This lab was a bit confusing, from the point of view that the lab does not actually tell me if I was supposed to see the edited website or not. I am assuming I should be because why go through all that effort for nothing.
If the client does not want to pick up a false DHCP range and sticks to the Domain Controllers DHCP scope, that’s a good thing and I can’t see a way to force it to link to the Rogues fake website.