Packet Squirrel
Search…
Packet Squirrel
Packet Squirrel by Hak5
Getting Started
Packet Squirrel Basics
USB Flash Disk Support
Default Settings
LED Status Indications
Selecting and Adding Payloads
Default Payloads
Logging Network Traffic
Spoofing DNS
OpenVPN Payload
Internet Connectivity
Getting the Packet Squirrel Online
Software Updates
Upgrading Firmware
Manual Upgrade
Payload Development
Payload Development Basics
Ducky Script for Packet Squirrel
The NETMODE Command
The LED Command
The SWITCH Command
The BUTTON Command
Included Tools
Troubleshooting
Firmware Recovery
Factory Reset
FAQ
Powered By GitBook
Spoofing DNS
The built-in DNS spoofing payload from switch position 2 will intercept DNS requests between the target and the LAN and provide spoofed responses. By default the payload is configured to spoof all requests with the IP address of the Packet Squirrel.
To configure the DNS Spoof payload with custom mapping, just power on the Packet Squirrel in Arming Mode (switch to far right position) and edit the /root/payloads/switch2/spoofhost file. This can be achieved by either using an SCP graphical utility such as WinSCP or FileZilla, or from the command line via SSH.
SSH into the Packet Squirrel and edit the spoofhost file with nano
Replace # with the domain you wish to spoof, and the IP address with the spoofed destination.
Responds to request for asitewewanttospoof.com to 159.203.210.247
With the spoofhost file configured and saved, power off the Packet Squirrel and flip the switch to position 2. Now place the Packet Squirrel inline between a target and the network. When it powers on the DNS spoof payload will run, indicated by a single blinking yellow LED.
Pro Tip: Modify the DNS Spoof payload to be more inconspicuous and to not blink the LED by changing line 22 of /root/payloads/switch2/payload.sh from LED ATTACK to LED OFF
Default Payloads - Previous
Logging Network Traffic
Next - Default Payloads
OpenVPN Payload
Last modified 9mo ago
Copy link