You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am using bettercap v2.32.0 (built for linux amd64 with go1.21.0)
my os is
Distributor ID: Kali
Description: Kali GNU/Linux Rolling
Release: 2024.1
Codename: kali-rolling
x86_64
I am using --caplet script.cap as a command line argument
script.cap contains:
net.probe on
set http.proxy.sslstrip true
http.proxy on
set arp.spoof.fullduplex true
set arp.spoof.targets 192.168.0.100
set net.sniff.local true
arp.spoof on
net.sniff on
Run the script.cap provided above make sure to change the IP address accordingly
Go into an HTTPS website on the victim machine
Expected behavior:
Successfully ARP spoof the victim
Successfully sniff data from http websites
Successfully downgrade HTTPS into HTTP
When downgraded successfully sniff data from HTTPS websites
Actual behavior:
Successfully ARP spoofed the victim
Successfully sniffed data from http websites
Couldn't downgrade HTTPS into HTTP
Since I could not downgrade HTTPS I was not able to sniff any data from HTTPS websites
--
Now as I final note I want to add my own interpretation of this; Generally when bettercap detects HTTPS websites while running SSLstrip it logs something like spoofing the domain or HTTPS detected downgrading etc. but in this instance it is not so maybe this is a bug where it is not correctly detecting HTTPS pages therefore not even trying to downgrade them???
BTW ofcourse I cleared all the web browser cache, I tried both chrome and edge, also I disabled secure DNS on both.
The text was updated successfully, but these errors were encountered:
The built-in sslstripping feature (
http.proxy.sslstrip
) is not working against HTTPS websites in this issue I will be using cygwin.com and winzip.com as an example, as we can see they are not HSTS preloaded https://hstspreload.org/?domain=cygwin.com https://hstspreload.org/?domain=winzip.com.I am using
bettercap v2.32.0 (built for linux amd64 with go1.21.0)
my os is
I am using
--caplet script.cap
as a command line argumentscript.cap contains:
Full Debug output: https://pastebin.com/qZF21fdY
Steps to Reproduce
Expected behavior:
Actual behavior:
--
Now as I final note I want to add my own interpretation of this; Generally when bettercap detects HTTPS websites while running SSLstrip it logs something like spoofing the domain or HTTPS detected downgrading etc. but in this instance it is not so maybe this is a bug where it is not correctly detecting HTTPS pages therefore not even trying to downgrade them???
BTW ofcourse I cleared all the web browser cache, I tried both chrome and edge, also I disabled secure DNS on both.
The text was updated successfully, but these errors were encountered: