I 've encountered the same issue.
Spoofing worked but the https downgrade failed.
At the moment I got everything to work, except for login and password capture in https-websites.
I set my spoof.cap to:
set arp.spoof.fullduplex true
set arp.spoof.target 192.168.0.217
set net.sniff.local true
set net.sniff.output stored_output.cap
I ran the spoof:
sudo bettercap iface eth0 -caplet /root/spoof.cap
Checked if it worked, using command help.
Then I already checked the connection by generation traffic on the Windows VM.
And after that traffic was captured in kali.
Then I entered the command:
And then suddenly it did work…
at first the hsts-downgrade failed, because f.i. Facebook.corm gave an error message, so I downgraded to Bettercap 2.23 as shown by AJS.
Then I restarted both Linux VM and Windows VM (target).
And after that also hsts-downgraded website loaded.
And I can capture login and password input.
Only problem is I can’t get the key capture to work for downgraded https websites.
I m gonna try putting some websites in the hstshijack file.