 attack that allows an attacker to intercept communications){kind=link}
Install bettercap tool – Bettercap is used to a man-in-the-middle (MitM) attack that allows an attacker to intercept communications between network devices. The working principle of the attack is as follows:
1. The attacker must have access to the network. They analyze the network to find the IP addresses of at least two devices-such as workstations and routers.
2. Attackers use spoofing tools such as Arpspoof or Driftnet to send fake ARP responses.
3. The solid responses market it that the best MAC deal with for each IP address, belonging to the router and computing device, is the attacker’s MAC deal with. This fools each router and computing device to connect with the attacker’s machine, in preference to each other.
4. The two devices update their ARP cache entries and then communicate with the attacker instead of directly communicating with each other.
5. The attacker is now secretly in the middle of all communications
Install bettercap tool in Linux
1. First of all we need to update the Linux operating system so execute the below command in your terminal
sudo apt-get update
2. After completing the update, now we install the Bettercap tool so run the below command in your Linux
sudo apt-get install bettercap
Usage of Bettercap
After completing the Bettercap installation, Type the below command to know the Bettercap usage.
sudo bettercap –help
This Bettercap tool has 30 modules. all that module special for a specific attack
| PARAMETER | USAGEhi |
|---|---|
| -autostart string | 09.00 - 10.00Comma separated list of modules to auto start. (default "events.stream") |
| -caplet string | Read commands from this file and execute them in the interactive session. |
| -caplets-path string | Specify an alternative base path for caplets. |
| -cpu-profile file | Write cpu profile file. |
| -debug | Print debug messages. |
| -env-file string | Load environment variables from this file if found, set to empty to disable environment persistence. |
| -eval string | Run one or more commands separated by ; in the interactive session, used to set variables via command line. |
| -gateway-override string | Use the provided IP address instead of the default gateway. If not specified or invalid, the default gateway will be used. |
| -iface string | Network interface to bind to, if empty the default interface will be auto selected. |
| -mem-profile file | Write memory profile to file. |
| -no-colors | Disable output color effects. |
| -no-history | Disable interactive session history file. |
| -pcap-buf-size int | PCAP buffer size, leave to 0 for the default value. (default -1) |
| -script string | Load a session script. |
| -silent | Suppress all logs which are not errors. |
| -version | Print the version and exit. |
If you need to run a Bettercap tool, type the below command on your Linux terminal
Now type the “help” command, so you can see all options and modules
Select module
Already I spoke to you more than 30 modules are there in the Bettercap tool. now we are going to see how select those modules for attack
You can choose any module but at my convenience, I choose the first module. That’s called “any.proxy“
any.proxy on
After that execute the “help” command on the Bettercap terminal to know the usage of the selected module
help any.proxy
Very nice 👌👌👌👌👌