Please help: possible case of SMS spoof?

So the other night my boyfriend and I got some texts from a local number saying some hateful things. We both texted back and tried calling multiple times, but the number rang and went to a strange automated voicemail. My bf texted a few things and said to call back and finally he gets a text from a completely different phone number saying to call, they are ready. Bf calls and a man answers the phone. Bf says ‘hey you told me to call’ and the guy says he got a text message from him (bf) to call. We realized something wasn’t right. The guy was obviously asleep and so bf apologized and hung up. The next day we called the original number that texted and it went to the guy again who answered the previous night. We asked the guy his number and it was completely different than what we dialed. We hung up and dialed again and it went to the guy’s number again. I looked up call spoofing and it sounds like this may be what has happened. But I couldn’t understand why when we texted or called this first number (where we got the original crazy texts from) would then forward to a totally different number. Thoughts?

DNS Spoof Not Working

So I was trying to use DNS SPOOFING in Man in the Middle Attached. But it didn’t work. However, it did work for ‘www.gmail.com’ once. I checked, and I could see that I was actually offline. Now I checked the reason. And it was that the original URL isn’t really ‘gmail.com’. Its ‘mail.google.com’. And so there was no DNS cache.

So, if there was a way I could block website ‘mail.google.com’ for the victim during the MITM attack, the DNS SPOOFING will work in case the victim enters ‘gmail.com’. Can you suggest any such way to block any website without configuring router (assuming its a mobile hotspot)?

How can someone spoof their phone number / caller id?

How can someone spoof their caller ID. Basically make it look like someone else is calling when actually it’s you. If their is a way to do this I specifically want to know how to do it with python. If you can’t do it with python, how can you do it in general. Note: I do not want to use any programs other people made I want to make mine from scratch.

DNS Spoof Printer on network

I was wondering if it would be possible to arp spoof my printer and router

arpspoof -t printer router  arpspoof -t router printer 

and then reroute all print requests to my CUPS print server on localhost?

dnsspoof -f hosts.txt 

If so, what type of traffic would I outline in my hosts.txt

would it be something like this?

host_ip ipp* 

Thanks for all the help, I’m only asking because DNS spoofing doesn’t normally work for me because of cookies and SSL Certificates.

Can MitM spoof a signed certificate by imitating the Certificate Authority?

I understand that a signed certificate is a server public key signed by the private key of a certificate authority. As a result, a client allegedly rest assured that the signed public key is for the desired server. Really? How does the client get the pubic key of the certificate authority? Can’t the attacker just sign his own public key and spoof the CA by providing the client with the wrong public key to decrypt the certificate? I’m assuming, of course, that the attacker has control of the network, including DNS.

My guess is that the CA’s public key has to be a preshared key or else you’re vulnerable. In my browser I see a list of certificate authorities like verisign and digicert. If these are preshared (say at windows/browser install), what happens if that store is ever updated or compromised (say by a virus, official looking request to install a new one, or an unscrupulous network admin). Could you then steal whatever you wanted? Answer goes to clear, concise explanation that shows how this really works and addresses these either real or perceived vulnerabilities.

Is it possible to spoof an IP address to an exact number?

The title says it all really. Say my IP address was 1.2.3.4 and I wanted to change or ‘spoof’ it so that its exactly 2.3.4.5, would this be possible or are there too many varying factors that need to be taken into account before getting a definitive answer?

Why you might ask?

Well I was in a store the other day and they had iPads around the room setup so that they were showing the store’s online website. I went over and looked at one and noticed that what was showing on their in-store iPads was different to what I would see by simply connecting to their site via my phone (and yes, they were both the exact same link using the same exact browser, Safari).

This lead me to think that the only way they’re able to do this is by either having the site detect the device’s IP address and show specific (or exclusive) content on their homepage based on that, or by having the site detect that the device is using the stores WiFi (although I doubt this is possible, hence why I thought the IP route was more plausible).

So I was curious whether it’d be possible to spoof my device’s IP to that of the stores’ exact IP so that my device showed exactly what theirs did in regards to their website.

Feel free to discuss this, I know this is very very specific and with minimal details known, so I doubt there’s a definitive solution…