Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Provide Internet access to the victims #270

Closed
sophron opened this issue May 30, 2016 · 4 comments

Comments

@sophron
Copy link
Member

@sophron sophron commented May 30, 2016

We should give the option to provide Internet access to the victims. Then, we can either:

  1. Grab cleartext credentials (e.g. by leveraging net-creds).

  2. Throw the phishing page at an unsuspecting time. (#263, #198).

@sophron sophron added this to the Future milestone May 30, 2016
@sophron sophron modified the milestones: Release v2.0, Future Dec 5, 2016
@laozi999

This comment has been minimized.

Copy link
Contributor

@laozi999 laozi999 commented Jan 6, 2017

This would open the gates to crazy MITM attacks.

We should add -nI (net interface) to assign an interface that has internet access and set up iptables for that interface. I'm still trying to figure out the easiest way to only enable internet access after the wifi password has been entered, as it would be nice to get both the victim's WPA key and sniff the traffic.

Once the user is allowed internet access, it's simply a matter of running bettercap + DNS forwarding the more 'secure' websites.

@sophron

This comment has been minimized.

Copy link
Member Author

@sophron sophron commented Jan 7, 2017

Hi @laozi999,

Regarding the phishing part, I would like users to be able to edit the config.ini file and adjust where and when the phishing page should come out. For example, a user should be able to set the script to show the phishing page after 300 HTTP requests or after 15 minutes of normal Internet browsing or only when the victim is requesting specific pages. I believe this will cover many different use cases.

@sophron

This comment has been minimized.

Copy link
Member Author

@sophron sophron commented Feb 5, 2017

I pushed a commit yesterday that introduces --internetinterface option. By using that option you specify an Internet connected interface that will provide Internet access to the connected victims.

For the time being, this interface cannot be wireless. I'm still trying to figure out the best way to isolate NetworkManager.

@sophron

This comment has been minimized.

Copy link
Member Author

@sophron sophron commented Mar 14, 2017

I'm closing this. For providing Internet from a wireless interface see #511.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.