Closed DefinitlyEvil closed 5 years ago
I need the logs as requested by the issue template that you ignored.
@evilsocket ok, sorry sir but I got no errors.
root@raspberrypi:/home/pi# ./bettercap -iface br0 -caplet init
bettercap v2.17 (type 'help' for a list of commands)
[14:12:10] [sys.log] [war] Could not find mac for 192.168.0.1
[14:12:10] [endpoint.new] endpoint 192.168.0.3 detected as XXX (Apple, Inc.).
[14:12:10] [endpoint.new] endpoint 192.168.0.4 detected as XXX (Apple, Inc.).
[14:12:10] [endpoint.new] endpoint 192.168.0.5 detected as XXX (Apple, Inc.).
[14:12:10] [endpoint.new] endpoint 192.168.0.2 detected as XXX (Apple, Inc.).
[14:12:10] [endpoint.new] endpoint 192.168.0.1 detected as XXX.
[14:12:10] [sys.log] [inf] http.proxy started on 192.168.0.9:8080 (sslstrip enabled)
192.168.0.0/24 > 192.168.0.9 » [14:12:11] [net.sniff.upnp] upnp 192.168.0.1 -> DESKTOP-OAO5B0K : upnp:Location:http://192.168.0.1:1980/InternetGatewayDevice.xml upnp:Server:POSIX UPnP/1.0 UPnP Stack/1.11.0.0 upnp:St:urn:schemas-upnp-org:device:InternetGatewayDevice:1 upnp:Usn:uuid:00000000-0000-2f4d-0000-000000000000::urn:schemas-upnp-org:device:InternetGatewayDevice:1
Environment:
Raspberry Pi (with an extra USB net adapter):
eth0 <--> router
eth1 <--> my PC
br0: the bridge
oh, I finally fixed this problem by using the solution here: https://security.stackexchange.com/questions/165527/mitm-position-with-bridged-network-and-iptables
command:
# now ensure that netfilter works on the l2 bridge
modprobe br_netfilter
echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables
quote:
The reason it didn't work before is that iptables does not normally work on the second layer of the OSI model but on the third. Bridges are on the second layer and therefore don't care about PRE- or POSTROUTING activities. The br_netfilter kernel module enables exactly that. Afterwards you just have to turn on the functionality.
and also thank you sir so much for your fast reply! <3
:+1:
Hello community, I'm doing a experiment with Debian bridged interfaces, I set up the environment like this:
where
eth0
andeth1
are connected to a router and a client(in my caseeth1
is the client). I tried with following command with a caplet:I can see the traffics through the proxy but it can't intercept any of them, could anyone help? A big thanks to you all! <3