- This topic has 3 replies, 2 voices, and was last updated 1 month, 1 week ago by Diego Pérez.
- AuthorPosts
- August 27, 2024 at 11:56 am #185893alexandrgriseParticipant
Hello Zaid,
First of all, thank you so much for your courses! I have plenty of them and enjoy them as never.
I have noticed some flaws I want to point out for you to potentially improve your course.
1. HTTPS downgrading to HTTP – hijacking does not work anymore, due to this in wireshark not visible login attempts
2. Xarp no longer available as application, only on unofficial websites
3. Metasploitable – first exlpoit from your video does not work. It’s been removedAugust 27, 2024 at 8:04 pm #186073Diego PérezModeratorHi!
The https downgrade is still working, as any other attack it has its own limitations but it’s definitively working. We can try to debug the issue, just open a new thread.
Yes, Xarp is only available in unofficial website but there’s nothing we can do about it, unfortunately there’s no good alternative for it.
Which exploit are you talking about? Also you can open a different thread so we can help to debug the issue.Greetings!
DiegoAugust 29, 2024 at 2:18 pm #186697alexandrgriseParticipant1. Flaw Report
after:
[KALI MACHINE]
1. writing “spoof.cap” script (= works perfectly fine)
2. enabeling: root> bettercap -iface eth0 -caplet /path/spoof.cap[WINDOWS 10]
3. deleting all browser data[KALI]
4. starting hstshijack/hstshijack capletnothing seemes to work.
———————————————————————2nd report:
while this downgrading is not available I couldn’t logically capture via Wireshark unencrypted logins (admin + password)
Thanks for your time Diego, bless you teacher!
Attachments:
You must be logged in to view attached files.August 29, 2024 at 6:49 pm #186791Diego PérezModeratorHi!
Can I see the result of ifconfig in Kali, ipconfig in the target machine, bettercap’s version, the command you used to start bettercap and the contents of the spoof caplet please?
Can you also show me Kali’s and Window’s network settings in VMware?Thanks!
Diego - AuthorPosts
- You must be logged in to reply to this topic.