- June 17, 2021 at 1:50 am #55817
I have two issues.
Firstly, in lecture 11.6, the following code saved under spoof.cap’s file doesn’t work.
set arp.spoof.fullduplex true
set arp.spoof.targets “Target IP”
set net.sniff.local true
In fact, it seems like it works up to the forth line. If I tape “help”, expecting services are on except arp.spoof. I have to set it up manually.
Forthemore, I can’t find “caplets” folder under /usr/share/bettercap/
Only ui file it showed.
Thanks,June 17, 2021 at 7:01 pm #55827diegoModerator
Can you sahre a screenshot with the results of running bettercap with the spoof caplet? Also share the exact content of the caplet please, I mean don’t remove any data from it.
Also the caplets folder is in /usr/local/share/bettercap/caplets, check the lecture carefully.
DiegoJune 17, 2021 at 7:34 pm #55829
Thanks for your reply.
I remove net.recon in my cap file since it’s already started using net.probe on. It seems like the cap file is running correctly now. Without using hstshijack, I only get the username on HTTP page (http://testhtml5.vulnweb.com). Please see https://imgur.com/CZcl4vC.
Moreover, even if I add the version 2 (V.2) of hstshijack in the /usr/local/share/bettercap/caplets I’m nothing neither username nor password.
Please check :
Thanks,June 17, 2021 at 7:37 pm #55830June 17, 2021 at 8:12 pm #55831
I’m sorry, everything works except when I’m trying a none HTTPS page such as vulweb (first link). I only see username=admin but not the password.June 18, 2021 at 6:23 pm #55857diegoModerator
Just look amog the results, it seems you are capturing the data, the issue is that you are not looking in the proper request but the credentials should be captured.
Can I see the result of ifconfig in Kali, ipconfig in the target machine, bettercap’s version, the command you used to start bettercap and the contents of the spoof caplet please?
Can you also show me Kali’s and Window’s network settings, so just right click the Kali machine from Virtual box >> Settings ?? Network, take a screenshot and post it here please.
- You must be logged in to reply to this topic.