Skip to content
October 7, 2008 / technocrawl

DNS Spoofing in Windows Boxes

DNS Refers to Domain Name Systems or Domain name Service, which basically resolves domain name into its equivalent IP address.
When ever you type a valid URL in the browser, it will first look for primary DNS which is in the same box, if it fail then it will try to communicate with the seconaday DNS servers on the internet, once it finds the right match then it resolves the human readable Domain name or FQDM ( Fully Qualified Domain Name ) into its equivalent IP adress that can be easily understood by machines and also updates the same in the primary DNS so that the next time, there is no need to contact the secondary DNS.

Here is a trick that you can use for DNS Poisoning in Widnows Boxes.

just move on the following location


a dialog box prompts to choose open with, select notepad and open it up, then it will display a window like below….


On the last line you can see something like       localhost

Here is the loopback dotted deciaml IP address, and localhost is its equivalent human readable domain name. So what happens once you type \\localhost in the URL box of the internet explorer or any browser? It will contact the DNS which is actually the host file, then it will open up the locahost window, instead you can type \\ in the URL box, which does the same opertaion.

Here comes the trick where you can use this to poison DNS and redirect the victims to some other website. So, lemme make it clear that if a user types in the browser, then they will be redirected to

Once you opened up the hosts file, just obtain the IP address of the yahoo just by pinging or nslookup, then copy and paste the IP address of in the hosts file that you recently have opened with a notepad, make sure that you are pasting it in a new line, then leave a space (CRLF – Carriage Return Line Feed) and type, then close the hosts file, it will prompt you to save the changes, you have to save it. Now restart your browser and type in the URL, now you will be re-directed to and you are done now!

By using DNS poisoning, anyone can launch a phishing attack, and re-direct to any malicious websites to create havoc.

// This is Meant for Educational Means alone. technocrawl and its members are not responsible for what ever you do using this.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: