Forum Replies Created
- Posts
I am using custom hstshijack caplet:
1: the only website that worked now is likedin.com
2: zsecurity.org AND stackoverflow.com are now working whether I access them directly or not
3:i tried going to Facebook.com through the local google domain (google.ie) and it did not work
4: I cleared the browser’s cache for All times on the victim’s machine and LinkedIn worked but whenever I try to sign in the username and password doesn’t show up in bettercapI have done everything in the right way as you said but nothing is working except for LinkedIn and not all of it is working. should I show you the contents of the hstshijack file??
hey I think I fixed it and placed the files in the right path but there’s a small problem in here, after running the hstshijcak caplet I tried visiting LinkedIn in the target machine and the link of LinkedIn appears in bettercap that the target machine have visited it, but what appears in the target machine itself is ( http://www.linkedin.com refused to connect ) you can see new screenshots in here “hstshijack worked” and “LinkedIn refusing to connect” https://drive.google.com/drive/folders/1-_XQpmx4CRNhPnuA1y-MHGeFYv_sXTqB
well I downloaded the custom caplet from lecture 12.7 but the problem here is that in lecture 12.8 zaid talks about bypassing hsts not https, or do you at least know which minute of the video he starts talking about where to place the folder??
please help me with this it is such a distracting problem I can’t continue with things if I couldn’t fix this
hey so I saw lecture 12.8 and Zaid in this lecture talks about bypassing hsts not HTTP and I noticed that his hstshijack caplet is different from what i have, maybe this is why it’s not working for me, you can see a screenshot for it here https://drive.google.com/drive/folders/1-_XQpmx4CRNhPnuA1y-MHGeFYv_sXTqB name of the picture is hstshijack.cap.png , and this is the file that was already in the kali image I didn’t do or make any changes in it
did you mean I should add the hstshijack caplet in the same spoof caplet??? you can find a screenshot of what I mean here https://drive.google.com/drive/folders/1-_XQpmx4CRNhPnuA1y-MHGeFYv_sXTqB the picture is named “hstshijack caplet in the spoof caplet” , I would appreciate it if you provided a step by step instruction I am so beginner in this
Well i downloaded the custom kali again just to make sure everything is new, and I didn’t upgrade bettercap, and the resources is just a file I didn’t find instructions on how to do it. Do you have a video?
hey you can find the hstshijack result here https://drive.google.com/drive/folders/1-_XQpmx4CRNhPnuA1y-MHGeFYv_sXTqB , and 192.168.2.131 is the ip of the target machine and 192.168.2.128 is the ip of the kali machine
you find the picture here it’s ‘ non existent domain ‘ https://drive.google.com/drive/folders/1-_XQpmx4CRNhPnuA1y-MHGeFYv_sXTqB
and also beside the default gateway appears ” Non existent Domain ” what does that mean maybe it’s the problem, and it only appears if I run the command set net.sniff.local true
no I never did, also after this problem I deleted the kali image and downloaded it again just to make sure I downloaded the right one from the beginning. and nothing have changed at all
here I uploaded it in gdrive https://drive.google.com/drive/folders/1-_XQpmx4CRNhPnuA1y-MHGeFYv_sXTqB?usp=sharing
