Open | Linux
i am using bettercap on kali which the Kali machine am using is recommended by zsecurity on for this course which is the one have been using so far, he claim all the necessary bettercap and the caplets, configuration as been done on it including as a virtual machine. I want to sniff on the windows 10 machine. so i type these commands:
net.probe on
set arp.spoof.fullduplex true
set arp.spoof.targets 192.168.0.177
arp.spoof on
net.sniff on
and as soon as i put the last command i get the result on the screenshot below; and if you can see carefully at the screenshot it only show the target username only, not showing the password of the target client; i tried both on Chrome Mozilla FireFox browser, still the same.
Here is also the scan i did to discover the connected device and targeted IP
The image you shared doesn’t show the HTTP response with 200 code. You should be seeing Host header with your URL in it. Something similar to this response where ti shows the host along with proper POST response:
This means the website hasn’t yet completed the execution and hasn’t reached the point where you can see the proper HTTP response. What do you see when you scroll up and also down?
FIRSTLY
I tried it on window10 on my Virtual Machine and my network adapter was set on NAT and it
work fine and Sniff the Username and Password. Kindly find the screenshot below
Here is the command below:
bettercap -iface eth0
net.probe on
set arp.spoof.fullduplex true
set arp.spoof.targets 192.168.x.x
arp.spoof on
net.sniff on
SECONDLY
Then I try the same process, targeting another computer with window 10 on it, My Network Adapter was set on NAT, but when using bettercap is not sniffing any result or display any messages on the terminal, even aside setting my Network Adapter on NAT is not working with Netdiscover, Zenmap or Nmap; it wont discover any connected device on my network, i will have to bridge the network before I could work.
INCLUSION
Now I bright the network as usual from the Network Adapter and I try bettercap -iface wlan0 on my terminal targeting another computer on the same Wi-Fi network using the command below:
bettercap -iface wlan0
net.probe on
set arp.spoof.fullduplex true
set arp.spoof.targets 192.168.x.x.x
arp.spoof on
net.sniff on
Below is the screenshot of what I get, it only sniff the Username not include the password.
Please I believe with this explanation, you should be able t know why am not getting the right results by not sniffing me the password. how can I fix this problems?
Thanks for your response and cooperation, hope to hear from you soon
I dont understand the purpose of this forum anymore…i posted issue am having with bettercap, no reply how to fix it since four days ago. This is totally discouraging. @Zaid_Sabih @NathanHouse told us in his class that if we’re facing any challenges in the course we should complain at the forum that within 15hours someone will respond, now it going to four days now, no response
Your first case is working because you are just within your VM network that doesn’t have any security measures. Your second case most likely is not working as your traffic is going through a router which usually has security measures in place. There are two things that you can try here -
-
Install Wireshark on your Kali and check the traffic. You will get more in-depth info about your traffic in Wireshark. You can see where the packet is coming from and what data is in it.
-
Instead of making your traffic go through your router, use a Switch where the data will go through just the switch and most basic switches don’t have any security measures in place, so you should be able to see the password in your sniffed traffic.
Thanks s now working, it my router that cause the issue, when i try to use my phone hotspot is works…But the issue am having now is trying to redirect https to hsts on chrome is not redirecting but it work perfectly on firefox.
here is the command i use
net.probe on
net.recon on
set arp.spoof.fullduplex true
set arp.spoof.targets 192.168.xxx.xxx
arp.spoof. on
set net.spoof.local true
net.sniff on
hstshihack/hstshijack
but on chrome is not directing to http
Please how can i fix this?
Lastly my bettercap http-ui is not running properly, If i run it and paste the link on browser it redirecting me to Apache Server, how can i fix this error too
Read the solutions provided here - Bettercap hstshijack not working - #22 by Bert_Adriaensen
Also search hsts on the search bar and see different answers. It has been talked many times in this forum.
Most of the time hsts downgrade doesn’t work because of browser security implementation like https everywhere or similar.
