Hello everyone and welcome back 🙂 First thing I wanna say is thank you for visiting my website and watching my video.
Today I will be using BETTERCAP to inject scripts and redirect or modify HTTP websites visited by users in my network. This attack that i have explained only works on HTTP, if you want it to work on HTTPS you need to sslstrip/hstshijack and hope that websites victim is visiting do not have HSTS set up well.
I can also make a video on this – explaining it and telling you options to bypass HTTPS.
If you want you can also visit my website at : hoxframework.com.hr 🙂
Or visit me at LBRY (@hoxframework).
Okay so in order to use bettercap you DONT have to ip forward or use iptables, all you have to do is start it using : bettercap -iface <yourInterface>
Once it is started run “help” to see whats running. You are going to need to run net.recon, net.probe and net.sniff but net.sniff goes after you run arp.spoof and modify and run http.proxy – How to modify http proxy to inject your script? Simple:
Great! Now you are ready. Visit some http websites 🙂
Thanks again, and Have a nice day. 😀