Forum Replies Created
- Posts
Hi!
In the listener on reliable_receive function you are missing “json_data” before the + symbol. Compare your code with Zaid’s code and ake sure both are exactly the same.Greetings!
DiegoHi!
Can you share the modified code? It would be better to use pastebin.com so I can read it with the proper format.
Are you using the windows virtual machine? Did you change the language?Greetings!
DiegoHi!
I suggest to write the backdoor just as Zaid does. I mean use connection.send instead of connection.sendall and with python 2 there’s no need to add .encode()Let me know how it goes!
DiegoHi!
Cool, are you able to reach kali’s web server from your phone?
You can also try to use a different payload, try with the tcp one. Or even use a different APK.Greetings!
DiegoHi!
As mentioned before you can jump to the Gaining Access sections, just look at the course index, the first lecture should be 14.1.Greetings!
DiegoHi!
Make sure that you’re using the same payload when generating the backdoor and when using multi handler, if you’re already doing that then try using a different port, if you’re still having issues then please show me the following please:
1. Result of ifconfig and route -n in Kali.
2. ip of the device.
3. The result of options before generating the malicious APK.
4. The result of show options before running the multi handler.Let me know.
DiegoHi!
Well, you need a wireless adapter because a mobile phone can’t connect to the virtual network created by VMware hence we need to connect kali to the real network and that’s the use of the wireless adapter. So, connect the adapter to the network and create a malicious APK using the ip of the wireless adapter interface (usually wlan0) as LHOST.Greetings!
DiegoHi!
It’s not possible to tell if the files in the screenshot are the correct ones, both original and custom hstshijack caplet files have the exact same name, there’s no way for me to tell if they are correct. As mentioned you need to replace the whole directory, if you have done so then yes, the files are correct.
Bettercap is the latest public tool to run mitm attacks that works well, I tested it and is still working fine.
Yes, you can skip this section by now and maybe come back to it later.Greetings!
DiegoHi!
As mentioned in the lecture download the hstshijack caplet archive from resources, uncompress it and replace the whole hstshijack directory inside the caplets directory, then try it again.Basically, if the page gets downgraded to http then the password will be captured, if you don’t see it it’s just because bettercap was not able to filter it, or the credentials are buried between all of the other data that bettercap displays on screen.
Look carefully through all of the results you got, if you’re sure it’s not there then just use Wireshark as shown in lectures 46 – 49 to find the username and password.LinkedIn is not in the HSTS hijack list because LinkedIn is not preloaded in Chrome or Firefox, what means by its not preloaded is that it is not in the HSTS list that is stored at the local target computer, therefore you should be able to downgrade it just like any other https website.
In edge however LinkeIn is pre-loaded so you’ll have to add it to the list as shown in the course.Greetings!
DiegoHi!
You need to replace the whole hstshijack directory not only the .cap file.
The computer that Zaid used is an intel-based machine as well.
You can try to use firefox instead.Greetings!
DiegoHi!
What exactly do you mean by I think i tried to make everything in the file the same as the one shown by zaid? Can you elaborate much more?
Also, can you answer: Did you replace the whole hstshijack directory or only the .cap file?Greetings!
DiegoHi!
No, bettercap version is ok, that’s an old answer.
Did you replace the whole hstshijack directory or only the .cap file?
And, for some reason the M1/M2 chip computers seems to have problems with this attack, I don’t have one of those machines so can’t replicate it. I use an intel-based mac and the attacks work just as expected.Let me know.
Diego