Skip to content

Using BETTERCAP to Inject Scripts and Redirect/Modify HTTP Websites visited – MITM – HOXFRAMEWORK

Posted in VIDEOS

Hello everyone and welcome back 🙂 First thing I wanna say is thank you for visiting my website and watching my video.

Today I will be using BETTERCAP to inject scripts and redirect or modify HTTP websites visited by users in my network. This attack that i have explained only works on HTTP, if you want it to work on HTTPS you need to sslstrip/hstshijack and hope that websites victim is visiting do not have HSTS set up well.
I can also make a video on this – explaining it and telling you options to bypass HTTPS.

If you want you can also visit my website at : hoxframework.com.hr 🙂
Or visit me at LBRY (@hoxframework).

Okay so in order to use bettercap you DONT have to ip forward or use iptables, all you have to do is start it using : bettercap -iface <yourInterface>

Once it is started run “help” to see whats running. You are going to need to run net.recon, net.probe and net.sniff but net.sniff goes after you run arp.spoof and modify and run http.proxy – How to modify http proxy to inject your script? Simple:

Firstly make a script using javascript – call it script.js – place it wherever you want, take that location and in bettercap do: set http.proxy.injectjs <full path to your script and script name> – it should look like this : http.proxy.injectjs /home/hox/Desktop/script.js -then press enter and do net.sniff on just so you can get some extra traffic.

Great! Now you are ready. Visit some http websites 🙂

Thanks again, and Have a nice day. 😀