A fake update with the DNS-spoofing attack is a LAN-based attack. It very handy while conducting internal audits of security and also while conducting a white box penetration test. This attack consists of ARP poisoning, DNS spoofing, and Metasploit. In this attack, we will first set up a server with a fake page that shows the download section for system updates. These updates will be our payloads for three different operating systems: one each for Windows, Linux, and Mac OS.

Next, we will ARP poison the local LAN and will send spoofed DNS entries that point every domain request to our fake Download updates page.

Whenever a client on the local LAN tries to open any website, his or her request will redirect ...