DNS2Proxy/SSLStrip2 Problem

Question

DNS2Proxy/SSLStrip2 Problem

Lionade opened this issue 9 years ago · 5 comments

Hi there!
I am trying to use the start-nat-full Script. It is possible that the client
connects to the rogue ap. SSLStrip2 is also changing the domain names
(e.g. wwww.google.com) but the client doesn't know how to resolve the spoofed
addresses. So I think the DNS-Queries are not redirected to DNS2proxy. Do I have to change something in the DNS2Proxy Config-Files to make it work?

Best regards

Answer 1 · 2016-10-28T08:39:33.000Z

Did you find the solution to this issue?
I'm experiencing the same thing.

Answer 2 · 2016-12-20T12:54:09.000Z

Same issue here... any solution or is this the expected behaviour?

Answer 3 · 2017-03-07T13:24:25.000Z

I am having the same problem, y try to connect to "google.com" in my Android, in the NAV bar I can see wwww.google.com, and the "Connection Error" page instead of the real google.com

Answer 4 · 2017-07-04T13:57:46.000Z

I found that the problem is that dnsmasq starts in port 53, and dns2proxy too, so request to port 53 goes to dnsmasq instead of going to dns2proxy.
But still can not do it work.

Regards.

Answer 5 · 2017-10-24T09:36:22.000Z

Well, I found the problem.
When you start dns2proxy, it uses the port 53, the same as dsnmasq, so they can not be run at the same time.
When using nat + dns2proxy + sslstrip, we need dns2proxy to respond DNS queries, so the only thing we need to do, is disable dnsmasq (DNS functionality)
In the scripts, change the line:
dnsmasq -z -C /etc/mana-toolkit/dnsmasq-dhcpd.conf -i $phy -I lo
To:
dnsmasq -z -C /etc/mana-toolkit/dnsmasq-dhcpd.conf -i $phy -I lo -p 0
The option "-p 0" disables the dns in dnsmasq, but dhcp still works.

Regards