Halla: Alright everybody. This is Halla with Information Leak doing another video tutorial. This one is on the host file. Real simple what is the host file? It's an old relic from back in a day before DNS translations, which basically means that IP address to like English, so like if you go to this domains, which is 64.233.167.99 advance you to Google because that's the address, but human beings don't really you know remember numbers as well as they do remember words because that's just we taught and so DNS translates addresses towards. In any case, so let's start screwing around shall we.
First thing we're going to do is find the host file, okay. What I'm going to do is I'll show you where it is. This is Windows XP, so we are going to My Computer, going to the hard drive, see we are going to Windows, we're going to drivers, we're going to System 32, then we go to drivers, drivers, drivers, drivers, drivers, then we got to ETC for etcetera and there is your host file. There should be -- let me try to zoom in here. I'm just messing with this for the first time, there you are, we the host file. Now, we right click, notice there is no extension on it. It's extensionless. We are going to open it with notepad. What the hell is going on in there? Yeah, computer is really slow today, alright we're going to open up a notepad and this thing is going to pop up and you should see it'll say copyright Microsoft Corporation, any other thing and I already do it, so what the hell is going on, here we go, we're going to open with notepad, notepad okay.
I apologize for my computer right now it's running exceptionally slow. Any case here is the host file, you see this it's looking good now let's start screwing around. So what can we do with the host file, well, first thing we can do is we can change IP at, if we put an IP address in right here this area here, this is like a target area, so we put a target IP address in. So for example we use Google. Right this is Google's IP address right here and now we put that in, we paste and then if we just hit tab or skip a space or something like that we can put something else in. So for example, myspace.com, right, so if we save this save and then we go to myspace.com, myspace.com enter. It just takes us to Google.
We could also change it to for example qwerty.com, file save and if we go to, lets just go to another website, if we go to mine for a second so you can see the difference. Now we go to qwerty.com enter, brings you right back to what we set that as for Google. So that's like one of the things you can do which is kind of funny, it's kind of a way to just filter websites locally. Let's say you are meeting potential lunatics on MySpace. Well every time you can just set it up to when if they type myspace.com in a browser or you can even do www.myspace.com for example you can do both.
Then it get redirected to the IP address of your liking which could be Google. I guess it depends on how mean of a person you thought, so this way is safe if you go to www.myspace.com it brings you back to Google. Now please notice that where it says http://www. If http:// indicates that you no longer using the host file it knows you're looking outside the your situation.
So, if you type in http it's going to go directly there but if you just type in the -- or www. without http://, that would be forward slash then you know then you get to go in any case what else can you do with this well you know as we know we can block, well we can filter websites which is cool but you can also use it to block popups, advertisements, spyware and stuff like that.
How do you that? Use the local host address of 127.0.0.1, that's loop back address that's you neck, that's your Ethernet card address. That's just an address assigned solely for that and then you can just skip the space and type in I don't know like advertising.com or something like that because you know you're getting pop-ups or something that's really pissing you off, I will do www.., you can do the same thing, lets say you don't want Microsoft to report their stuff, missed the dot, where -- anyway you get the idea if you block Microsoft, Microsoft is not always going to use Microsoft okay and there is a potential that you can screw-up your computer, you know because if you are using Windows you might need it to update or validate or whatever.
So far we have covered how to screw with this type of stuff. Let me give you -- Microsoft, I will just show you the advertising and it doesn't work.
Before I save it, I'll copy it, we will go to advertising.com, paste, that's advertising.com's website, one of it's sites to load it's probably filling me full of spyware but what you are going to do, that's advertising.com. Now we save the file, if you save it, didn't we - -we have 127.0.0.1 of course www.advertising.com, we got www.advertising.com and yeah I mean went to another one to hell, all I know -- get the idea.
Let's just do this -- because my local host is set to something else so, I will paste there, save, copy, paste. Okay, what the hell, all because it's http, you get the idea though that same -- back to Google. Anyway good, I am glad that worked out sorry for that mess up, so yeah there -- redirects and so far we have covered how to filter websites locally, how to stop spyware from reporting and other programs from reporting back to anywhere. You could use it to create forward look-ups.
For example may be you hosted your own website you know on you know that's your local address like I said before I wonder what that is on me, it's probably information leak yeah because I am hosting in air, so my local site is this, but let's say you know you are doing it and you don't feel like typing in 127.0.0.1 every time you just want to type in something quick you could do if you have a site you know set-up like that you can type in like myleetsite or something like, you don't even have to .com and what it does is it just shortcuts, so if I copy that, and I save it and I don't that here in paste should bring you right back to it.
Any case that's the situation, so now where it gets interesting you can use DNS for spoofing, what do I mean by spoofing, I mean faking. So let's say you make a fake MySpace page and you know it steals passwords or it makes the -- I don't know whatever you want to do. What you would do is simply you could edit the host file to redirect www.myspace.com or myspace.com to the IP address which should be the IP of the fake site. Therefore when somebody goes in and types www.myspace.com into the browser boom, it brings to you the fake site it looks good, but it's fake, and stuff like that okay.
Remember typing http:// will venue to the real site, so you know if you are doing this on a remote machine or you want to screw it somebody make sure you -- do their bookmarks or clearly webcast or whatever because who the hell types http://. I'll tell who, you will from now on because now you know that you can get screwed if you don't do it, so any case that's the situation.
These couple of notes -- this will only work for the machine you have edited the host file on, it's doesn't change the address to everybody on the internet, don't email me what else as I mentioned five times already you can visit the real site by typing http:// whatever, but you'll find many will rely on a saved browser history, you can clear the browser history the temp files and the cookies and then visit the fake site and then save the address in the browser and then making screw it from there.
Yes, you can make several fake sites MySpace, Yahoo, MSN, Gmail etcetera and set them each one to be redirected to each address that you specify as well. Well, I show you how to make the fake pages no, don't email me, just view source save as and modify. You don't understand what I'm talking about, don't do it. This is Halla from Information Leak. Hope you enjoyed my tutorial until next time -- system.
Transcription by:
Scribe4you Transcription Services