Lab 10 Attacks Against DHCP and DNS

Exercise 1: Setting Up the Scenario

In this lab, we need to edit our current DHCP scope and change the lease time, as well as the Subnet delay. After making those changes we also need to move the ‘wwwroot’ folder to the ‘inetpub’ folder.

This slideshow requires JavaScript.

Exercise 2: Preparing the Attack

In this part, we need to modify a copy of a website and then use an open source DHCP and DNS server to redirect traffic.

First I needed to create a folder to save the website too, and then make any changes to the websites HTML code.

This slideshow requires JavaScript.

Now the website has been saved, I need to set a static IP address on the Rogue VM.

Now that the Rogue is on a static IP, I need to add a Windows Feature ‘Internet Infomation Services’

This slideshow requires JavaScript.

Now I need to open up IIS and point to my Website.

Now I need to install DuelServerInstallerV7.12, and start the Duel DHCP DNS Service.

This slideshow requires JavaScript.

Exercise 3: Falling for the Attack

In this part, we log into the client and open up the website and see which version we get.

This slideshow requires JavaScript.

After following the lab’s steps, I get the unedited website, now the reason this is happening is that my IP range is still above 129. The lab does say that the VM will try to hold its previous IP address and to force it to renew, but it still only renews to the DCs Scope.

Lab Complete


CT&A

This lab was a bit confusing, from the point of view that the lab does not actually tell me if I was supposed to see the edited website or not. I am assuming I should be because why go through all that effort for nothing.

If the client does not want to pick up a false DHCP range and sticks to the Domain Controllers DHCP scope, that’s a good thing and I can’t see a way to force it to link to the Rogues fake website.

 

Post Author: Nicholas Wilkinson

I am a 3rd year Networking Major in my IT BIT degree. I have a passion for Cloud Computing and IOT devices.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.