If an attacker or penetration tester has compromised a host on the internal network, they can escalate the attack using DNS redirection. This is generally considered to be a horizontal attack (it compromises persons of roughly the same access privileges); however, it can also escalate vertically if credentials from privileged persons are captured.
In this example, we will use ettercap which acts as a sniffer, interceptor, and logger for switched LANs. It facilitates man-in-the-middle attacks, but we will use it to launch a DNS redirection attack to divert users to sites used for our social engineering attacks.
To start the attack, we must first modify the ettercap configuration file located at