Dustin Software Online (post-beta)

This little tutorial is kind of a fun one, basically it allows you to scare the crud out of people by hacking Google.  Now we’re not really hacking Google, we’re making the appearance that Google has been hacked.  This type of procedure we’re about to undertake is called a man-in-the-middle attack, and really doesn’t take that much time to accomplish.  Pretty fun and makes you look impressive!The way this works is simple-install two vital pieces of software on your laptop and use them to re-route all requests on the LAN to your computer.  The software we’ll be using is called “Cain and Abel” and “Apache”.  Apache will be used to serve a local, spoofed copy of Google which you can alter to your liking.  Cain and Abel will be used to spec out your network and actually re-route all requests going to your router to pass through your computer first.  This software is very powerful and can capture passwords as they go through, so please don’t do anything malicious.  This is all for fun, not for harm.

1. Download a copy of Apache 2.0 from httpd.apache.org (it’s my preferred version, 2.2 will work fine.)  Install to its default directory, and look for the htdocs folder buried within its folder (usually in c:\program files\apache group).  Make a note of this for later.
2. Open a new Firefox (or Internet Explorer) window and go to Google.ca.  Not Google.com.
3. Go to the File Menu and save the web page in the htdocs folder which you found earlier with the filename “index”.  Make sure you save the web page as complete, not single file.  Depending on your Apache version, you may have to rename the file to index.htm or index.html.  Test that your new temporary webserver is working by visiting http://localhost in your browser.  If Google pulls up, you’re ok.
4. Open the htdocs folder and change the Google webpage to your liking.  Add in a threat message or something for fun.  You have to know HTML somewhat to perform ths step, maybe change the downloaded Google logo to a picture of a duck or something.  It has to have the same filename, though.
5. Download Cain and Abel from Oxid.it.  Some security programs may identify this as a threat, remember you’re downloading a security analysis tool and NOT a virus.  I’ve checked it out myself.
6. Once installed, you’re ready to perform the trick.  Connect to the target network and make sure you can get online before continuing.  IP settings might have to be configured.
7. Figure out your IP address by going to Start > Run > cmd > Type ipconfig.  Write down the Default Gateway and your IP address.
8. Open Cain and click the Configure menu.  Select the adapter with the IP of the network you’re on.  Also I’ve had better results by turning off Promiscuous mode.  Click OK.
9. Go to the Sniffer tab.  Enable your adapter by clicking on the second icon on the toolbar from the left that looks like a network card.  You’ve just enabled Cain access to your network card.
10. Right click in a blank area of this window and click Scan MAC Addresses.  Click OK in the next window.
11. You should see some hosts popping up in the list, your Internet router being one of them.  It should have the same IP address as you found in ipconfig.
12. Make your way to the next tab on the bottom, the one that says APR (ARP Poison Routing).  On the top of your window click the +.
13. Select your router on the left-hand side of the screen and any other computers remaining on the right-hand side.  You may also select just one computer so you don’t force all Internet traffic through your computer.
14. Click APR-DNS on the left hand side of the main window, and click the + on the top of the screen.
15. Type in www.google.com under the DNS Name requested and your IP address under IP address.  Click OK.
16. Click the Radioactive sign on the main window.  You are now routing all requests to the Internet through your computer!  Now sit back and watch as the computer lab melts down…

There you have it.  In celebration of New Years, this is one of the big projects I’ve been working on, and I hope it’s of use to some people out there!  Remember it’s just for practical jokes…so don’t get to carried away or the feds might show up at your house.  ^^