Project Abstract

In this project, we explore how attackers, also referenced as hackers in the technology industry, can steal saved web browser credentials either by poisoning the Domain Name System (DNS) server or local DNS cache on a user’s machine. The web browser does not know much about the IP addresses assigned to the online account's websites as they heavily depend on the domain name system to resolve this assignment. An attacker can poison the local DNS cache/server on a user’s machine.

We explore the process of creating a fake website based on the target website. Create an account on the original website and save the login credentials onto the local cache. Poison the user/victim’s local DNS cache by manually configuring the victim’s local cache to redirect to the fake website whenever they try to login to the original website. Since the browser does not concern itself with the IP address resolutions, when a user lands on the fake account orchestrated by the attacker, the browser will submit the saved login credentials of that online account. The fake website will be designed to save/steal the login details when a user clicks the login/submit button. As an extra feature, the fake website should send the login credentials, in human-readable format, to the attacker via an email address.

Procedures:

Meet The Team