What attacks can I do with Bettercap?
Bettercap is a very powerful tool that comes by default installed in operating systems such as Kali Linux, an operating system specifically oriented to wired and wireless audits, in addition, thanks to the incorporation of Bettercap by default, we will not have to install it manually. and properly configure all the dependencies you need, it will just work as expected.
This program allows us to perform target recognition and also attack wireless WiFi networks, not only can it scan WiFi networks, but also perform deauthentication attacks, make PMKID association attacks without clients and even capture the handshake automatically without the need to execute an order ourselves. It is also able to check the Bluetooth Low Energy devices that we have around, and collect information about them. Other attacks that can be carried out with this program are attacking wireless mice that use the 2.4GHz band, we can perform MouseJacking attacks easily and quickly.
The core of Bettercap is that we can carry out Man in the Middle attacks, both on IPv4 and IPv6 networks. In addition, it is capable of performing ARP Poisoning attacks and ARP Spoofing to compromise computers on the local network, it also allows attacks against DNS, NDP and even DHCPv6. One of the most interesting features is the possibility of raising a proxy at the TCP level, making use of HTTP and HTTPS at the application level, with the aim of lifting the connections encrypted by HTTPS and converting them to HTTP, in RedesZone we have a complete tutorial on how to perform SSLstrip attacks to decrypt HTTPS connections. The sniffer incorporated in Bettercap allows us to obtain user credentials easily and quickly, without having to analyze all the packets it captures ourselves, it will provide us with the users and keys easily and quickly.
Finally, other interesting features of Bettercap is the incorporation is a port scanner, and a really good graphical user interface, from where we can control all the modules very efficiently.
What’s new in Bettercap 2.32.0
Bettercap 2.32 is loaded with new features, two new attacks related to wireless WiFi networks have been added. The first attack that has been added is a fake WiFi authentication attack, the channel hopping attack has also been added. We must remember that these two new attacks are in addition to those that we already had so far, in addition, the possibility of installing this program in any path on Windows systems has been added.
Taking advantage of the launch of this new version, problems have also been solved, such as in the arp.spoof module that did not send responses, this module allows us to carry out ARP Spoofing or ARP Poisoning attacks, with the aim of deceiving the victim and making us pass by the main router, so that it automatically sends all the packets to us, to later forward them to the router that we have in the local network. In this way, we will be carrying out a Man in the Middle attack to steal all the data. Of course, better support for scanning WiFi channels has also been added.
We can already do this new version of Bettercap download from its official GitHub, where we can find the versions for the different operating systems.