bettercap – Page 5 – WindowsTechs.com

arp spoofing and https reading doubts in bettercap tool

Posted on September 23, 2018 by Alessio Martorana

using the popular bettercap tool and observing responses I had two doubts that also concerns some theoretical questions:

Bettercap allows you to arp spoof entire ranges of ip-s (e.g. an entire /24 subnetwork you’re in), but… Continue reading arp spoofing and https reading doubts in bettercap tool→

Why does bettercap and sslstrip work sometimes on Google and Facebook?

Posted on July 16, 2018 by AznBoyStride

sslstrip and bettercap work “sometimes” on Chrome browsers on sites such as Facebook, Google, AOL, and other sites that use preload HSTS. Why does it work sometimes when it shouldn’t work at all?

Continue reading Why does bettercap and sslstrip work sometimes on Google and Facebook?→

How use bettercap for arp spoofing

Posted on July 1, 2018 by Alvin

I’m trying to use Bettercap for arp spoofing but I’m missing some parameters because it doesn’t work well.

Below my configuration:

bettercap v2.6

192.168.1.1 = gateway
192.168.1.6 = target
192.168.1.4 = attacker machine

… Continue reading How use bettercap for arp spoofing→

dnsspoof and bettercap not dns-spoofing

Posted on April 24, 2018 by Amy Jian

I want to dns spoof my own phone, because I feel like it would be a cool experiment to do. It’s not working (damn phone keeps connecting to the internet), and I would really appreciate any suggestions or ideas in how to make it work. I can… Continue reading dnsspoof and bettercap not dns-spoofing→

Bettercap output file is empty after capture

Posted on March 21, 2018 by Iratzar Carrasson Bores

I am trying to do a sniffing attack and I want to save a .pcap file with the result of the analysis. I use this command:

bettercap –interface eth0 -X –proxy –sniffer-output /root/Escritorio/file.pcap

But when I open the file, it’s em… Continue reading Bettercap output file is empty after capture→

Bettercap sniff HTTPS login credentials using proxy

Posted on January 29, 2018 by Jacob Collins

I was wondering how I could sniff HTTPS credentials using the Bettercap proxy.

I am using the following command:

bettercap -I wlan0 -T 10.0.0.23 -X –proxy-https

And when I setup the proxy on my android (In WiFi settings… Continue reading Bettercap sniff HTTPS login credentials using proxy→

How to bypass Facebooks hsts on a fb-country-domain once connected via https to Facebook.com

Posted on September 22, 2017 by user159652

Setting: bettercap hsts bypassing
Victim: some Facebook-User
Issue: once a victim connected to a https:// …Facebook.com, hsts seems to apply to all Facebook domains, even to Facebook.de

I discovered that if you were once connected to a secured fb.com page you cannot do a hsts bypass with bettercap anymore.

With a fresh browser connecting to Facebook.de I can get http and thus beeing able to redirect the victim. But once he victim has been on https:// de-de.facebook.com before the former approach doesn’t work anymore.

I cannot figure out what the special thing about their hsts header could be. Other pages like golem.de have hsts too but the attack still works, even if I connected to the site before via https.

My guess:
Once the browser was able to resolve Facebook.de into Facebook.com the hsts is set for Facebook.com. Then the next time I try to get http://Facebook.de the browser remembers the former resolve and thus instantly switches to https://de-de.facebook.com.
Can someone confirm this?

Next issue: as far as I could view it, Facebook.com does not have the “subdomains” property set in the hsts header. So why does it still work with subdomains like de-de.facebook.com or does this domain have its own hsts header?

Best regards fabian

Continue reading How to bypass Facebooks hsts on a fb-country-domain once connected via https to Facebook.com→

How to bypass Facebooks HSTS on a fb-country-domain once connected via HTTPS to facebook.com?

Posted on September 22, 2017 by user159652

Setting: Bettercap HSTS bypassing

Victim: Some Facebook user

Issue: Once a victim connected to a https://...facebook.com, HSTS seems to apply to all Facebook domains, even to facebook.de.

I discovered that if you were once connected to a secured fb.com page you cannot do a hsts bypass with bettercap anymore.

With a fresh browser connecting to facebook.de I can get HTTP and thus beeing able to redirect the victim. But once he victim has been on https://de-de.facebook.com before the former approach doesn’t work anymore.

I cannot figure out what the special thing about their hsts header could be. Other pages like golem.de have HSTS too but the attack still works, even if I connected to the site before via HTTPS.

My guess: Once the browser was able to resolve facebook.de into
facebook.com the HSTS is set for facebook.com. Then the next time I try to get http://facebook.de the browser remembers the former resolve and thus instantly switches to https://de-de.facebook.com.
Can someone confirm this?

Next issue: As far as I could view it, facebook.com does not have the “subdomains” property set in the HSTS header. So why does it still work with subdomains like de-de.facebook.com or does this domain have its own HSTS header?

Continue reading How to bypass Facebooks HSTS on a fb-country-domain once connected via HTTPS to facebook.com?→

BetterCap – Modular, Portable MiTM Framework

Posted on March 14, 2016 by Darknet

BetterCAP is a powerful, modular, portable MiTM framework that allows you to perform various types of Man-In-The-Middle attacks against the network. It can also help to manipulate HTTP and HTTPS traffic in real-time and much more. BetterCap has some pr… Continue reading BetterCap – Modular, Portable MiTM Framework→