Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • June 17, 2021 at 1:50 am #55817
    xsonsy
    Participant

    Hello,

    I have two issues.

    Firstly, in lecture 11.6, the following code saved under spoof.cap’s file doesn’t work.

    net.probe on
    net.recon on
    set arp.spoof.fullduplex true
    set arp.spoof.targets “Target IP”
    arp.spoof on
    set net.sniff.local true
    net.sniff on

    In fact, it seems like it works up to the forth line. If I tape “help”, expecting services are on except arp.spoof. I have to set it up manually.

    Forthemore, I can’t find “caplets” folder under /usr/share/bettercap/
    Only ui file it showed.

    Thanks,

    June 17, 2021 at 7:01 pm #55827
    Diego PérezDiego Pérez
    Moderator

    Hi!
    Can you sahre a screenshot with the results of running bettercap with the spoof caplet? Also share the exact content of the caplet please, I mean don’t remove any data from it.

    Also the caplets folder is in /usr/local/share/bettercap/caplets, check the lecture carefully.

    Greetings!
    Diego

    June 17, 2021 at 7:34 pm #55829
    xsonsy
    Participant

    Hello,

    Thanks for your reply.

    I remove net.recon in my cap file since it’s already started using net.probe on. It seems like the cap file is running correctly now. Without using hstshijack, I only get the username on HTTP page (http://testhtml5.vulnweb.com). Please see https://imgur.com/CZcl4vC.

    Moreover, even if I add the version 2 (V.2) of hstshijack in the /usr/local/share/bettercap/caplets I’m nothing neither username nor password.
    Please check :

    View post on imgur.com

    View post on imgur.com

    Thanks,

    June 17, 2021 at 7:37 pm #55830
    xsonsy
    Participant

    Oups,

    First link should be

    View post on imgur.com

    June 17, 2021 at 8:12 pm #55831
    xsonsy
    Participant

    I’m sorry, everything works except when I’m trying a none HTTPS page such as vulweb (first link). I only see username=admin but not the password.

    June 18, 2021 at 6:23 pm #55857
    Diego PérezDiego Pérez
    Moderator

    Hi!
    Just look amog the results, it seems you are capturing the data, the issue is that you are not looking in the proper request but the credentials should be captured.

    ​Can I see the result of ​ifconfig ​in Kali, ​ipconfig ​in the target machine, bettercap’s version, the command you used to start bettercap and the contents of the spoof caplet please?
    Can you also show me Kali’s and Window’s network settings, so just right click the Kali machine from Virtual box >> Settings ?? Network, take a screenshot and post it here please.​​​

    Thanks!
    Diego

  • Author
    Posts
Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.