Use raspberry pi to spoof dns

Posted on

Problem :

I wish to use a raspberry pi as a sort of man in the middle, between my laptop and the internet. I was hoping to connect to the pi by ethernet, and then use a second ether net adapter (usb) to connect the pi to the internet. Then have the pi forward all of my traffic, but the traffic I wish to spoof. I was planning to use a dns server running on the pi (or man in the middle proxy) and then arp spoof to force my laptop to go through the pi.

Is this approach possible?

Solution :

Yes, very easily possible. With two ethernet adapters, you don’t have to arp spoof, just make sure the Laptop you want to monitor is only connected to the RaspPi (no WLAN etc). You also don’t need to run a DNS server on the pie.

You will need to setup forwarding and possibly NAT on the RaspPi, google for tutorials.

Wireshark works fine for getting an idea what kind of traffic you are dealing with. A transparent html proxy, or somethig like mitmproxy can actually modify some HTML requests/answers if you need to.