MITM, DNS spoofing issues

Hacking
#1

Hey there, Im currently stuck trying to DNS spoof my target computer. I have followed the instructions closely and ran:

  1. Service apache2 start
  2. Bettercap -iface eth0 -caplet /root/spoof.cap
  3. Set dns.spoof.all true
  4. Set dns.spoof.domains zsecurity.org
  5. Dns.spoof on

It all runs with zero errors and seems to work fine, until I switch to the target computer and load the website, I am then met with:

This site can’t be reachedzsecurity.org refused to connect.
Try:

Checking the connection
Checking the proxy and the firewall
ERR_CONNECTION_REFUSED

I have cleared my ARP tables and looked through all of theses forums, yet have come up empty handed. Please help!!

#2

Can you try the ARP spoof with other websites like Vulnhub (vulnhub.com) test website?

#3

The ARP spoof, along with bypassing HTT, HTTP, and HSTS all work with no errors. I am able to gain sensitive information from simply following what has been taught. Yet my issue arises once I try to do a DNS spoof, the code all runs with no error, I put the following through Kali:

  1. Service apache2 start
  2. Bettercap -iface eth0 -caplet /root/spoof.cap
  3. Set dns.spoof.all true
  4. Set dns.spoof.domains zsecurity.org
  5. Dns.spoof on

I will get no errors and it seems to be running perfectly. Yet, when I try to access the targeted domain afterwards, via the targeted computer, it will bring me to an error screen that informs me that it can not reach the website, rather then spoofing the target to my custom Kali server’s. I am unaware on how to proceed…

Extra info:

  • I am using the newest version of Crome on the target machine.
    - I have reset my browsing data beforehand
    - I am working off of two VM’S connecting via built in LAN as shown in the course I’m taking
#4

Can you try spoofing a http address? Also for this https address try this IP tables routing solution - attacks - DNSspoof not working - Information Security Stack Exchange
Also debug using wireshark on your victim machine whether a DNS request is made or not when you visit the URL and if it is made then to which IP addr is is being made to.