Effectively change the hosts file of your iPhone, iPad or Android with ettercap

Based on “Test web apps on iOS by DNS spoofing your LAN with Ettercap” by Henrique Barosso. Modified to work on a Mac running OS X.

To access a website or service that uses a virtual host but isn’t in DNS, you need to add it to the hosts file of the machine you’re using for testing.

Unfortunately, you can’t edit the hosts file of a (non-jailbroken) iPhone or iPad. This makes testing difficult.

As a work around, we’re going to use ARP spoofing to intercept DNS requests from your iPhone or iPad and respond to those requests with the IP address of your virtual server.

So, if accessing your development environment requires a hosts file entry like	devserver.mysite.com

then this process will let you tell your iPhone or iPad to resolve devserver.mysite.com in the same way.

A few things to keep in mind before you do this:

  • you need to have sudo on your Mac
  • your iPhone or iPad and Mac need to be on the same WiFi network, and
  • you can do a lot of evil, evil things by ARP spoofing on a public network; do not do this, it’s illegal

With that said, to get this going:

  1. Install ettercap. I recommend using homebrew to manage linux ports on your Mac:
    % brew install ettercap
  2. Find the IP address of the device (iPhone or iPad) you’d like to test with. On iOS 7 you can see your phone’s IP address by navigating to Settings > Wi-Fi > Wireless Network Name . Let’s say it’s
  3. Turn of WiFi on the device you want to test with; this will clear its ARP cache.
  4. Edit /usr/local/etc/ettercap/etter.dns and add an entry for the virtual server you would like to test, e.g.
    # Websites for testing
    devserver.mysite.com   A
  5. Enable the firewall and IP forwarding:
    % sudo sysctl -w net.inet.ip.forwarding=1
    % sudo sysctl -w net.inet.ip.fw.enable=1
  6. Start ettercap and activate the dns_spoof plugin:
    % sudo ettercap -i en1 -T -q -M ARP:remote -P dns_spoof / //

    Remember to replace with the IP address of your phone or tablet.

  7. Turn WiFi back on on your device.

    If everything worked properly, you should see some output from ettercap, letting you know that it’s intercepted an ARP request on your device.

    % sudo ettercap -i en1 -T -q -M ARP:remote -P dns_spoof / //
    ettercap 0.8.0 copyright 2001-2013 Ettercap Development Team
    Listening on:
       en1 -> XX:XX:XX...
    SSL dissection needs a valid 'redir_command_on' script in the etter.conf file
    Privileges dropped to UID 65534 GID 65534...
      33 plugins
      42 protocol dissectors
      57 ports monitored
    16074 mac vendor fingerprint
    1766 tcp OS fingerprint
    2182 known services
    Randomizing 255 hosts for scanning...
    Scanning the whole netmask for 255 hosts...
    * |==================================================>| 100.00 %
    Scanning for merged targets (1 hosts)...
    * |==================================================>| 100.00 %
    7 hosts added to the hosts list...
    ARP poisoning victims:
     GROUP 2 : ANY (all the hosts in the list)
    Starting Unified sniffing...
    Text only Interface activated...
    Hit 'h' for inline help
    Activating dns_spoof plugin...
    dns_spoof: [devserver.mysite.com] spoofed to []
  8. Try navigating to devserver.mysite.com on your device. If it doesn’t work, then try turning your WiFi on and off again to flush the ARP cache.
  9. Once you’re done testing, press q to exit ettercap.

That’s it! If you have questions, concerns, or enhancement suggestions please let me know on twitter (@josephby) or join the conversation on Hacker News.

10 Ways to Create a Billion Dollar Media Brand

  1. Write snappy headlines that include no information. Link those headlines to a four-hundred word article which, if properly edited, would be two sentences long.
  2. Make people who try to read your website on a mobile phone dismiss a request to install your App. Every. Damn. Time.
  3. Include multiple, paid links beside every article. Do not label them as “paid”. Better yet, apply a misleading label like “Articles Recommended for You.”
  4. Write lots of top-N lists and implement them with slide shows.
  5. Hijack the “Copy” function of the web browser so that anyone who tries to quote a single line of the article will paste in twenty lines of garbage.
  6. Share buttons. Everywhere!
  7. “Syndicate” your posts so that “marketers” can re-use them in their “content marketing” efforts.
  8. Create articles that consist of nothing but twitter conversations and snappy commentary. Report on said conversations as though they were news.
  9. Be outrageous. Failing that, be outraged. Failing that, be snarky.
  10. Ensure good search engine placement by making the URL of each article more/informative-than-the-headline-or-body.

Is the open internet dead?

I was fortunate enough to get online in the mid-90’s. I wrote some terrible software to configure Dial Up Networking in Windows 3.1, and then sold it to a local ISP for years of free access.

At that point, consumers were rapidly adopting what I’ll call “open” technologies, including email, forums (USENET), messaging (IRC) and file transfer (ftp). The web was about to be littered with millions of consumer home pages, hosted by Geocities and people’s internet service providers.

Since then, nearly all consumer technology growth has moved from open to closed systems. Facebook and Google are “closed” in the sense that those companies exert total control of the platform, in a winner-take-most marketplace.

It’s hard to find recent examples of new, open technologies that had a lot of direct consumer adoption. The few I could think of are:

  • Firefox (which went mainstream in the U.S. around 2004)
  • Bittorrent (2005)
  • RSS (2005)
  • SMS (2008)
  • open video formats (2010, when YouTube added support)

Of these, I’d argue that only open video is thriving. Of the rest:

  • Firefox is suffering under pressure from Chrome
  • Bittorrent is being replaced by Netflix, Spotify and Hulu
  • RSS has been all but abandoned, replaced by twitter and weibo
  • SMS is under heavy attack by closed platforms like WhatsApp and Skype

Today, the fastest-growing platforms are all closed and controlled by large corporations.

Very few start-ups go public. This means that if you’re a successful new company, built on an open platform, you’re likely to be acquired by one of the incumbents and merged into their closed platform.

Is it still possible for open to win? Or is it time to give up, and search for a political solution?

Privacy, Trust and Identity

Privacy, Trust and Identity are now at the forefront for all consumers, and have wide-ranging impact on technology and media businesses. From tech companies, expect lobbying actions, new tools, new policies and more personal control to rebuild users’ confidence, and from the policy world expect more guidelines around use of personal data and stricter repercussions for violations of user trust.

The Best “Sleeper Ideas” For Trends, Stocks, And Private Companies To Watch In 2014 – Forbes

Eric Jackson’s roundup of Sleeper picks includes this nugget from Michael Wolff (which of course I agree with), as well as a few thoughts from yours truly.

(via gregcohn)

Dog loses airline – now THAT’s a story!

I think I would just ignore, it is local news doing a story on a lost dog. Their entire government is shut down and about to default and this is how the US media spends its time.