1
00:00:01,090 --> 00:00:08,320
OK so now that we have the web interface installed and running let's see how we can use it to interact

2
00:00:08,320 --> 00:00:12,920
with better cap and launch all of the attacks that I showed you before.

3
00:00:13,000 --> 00:00:21,280
Without having to type any commands and as you can see we have a very simple and easy to use interface.

4
00:00:21,280 --> 00:00:26,410
There is no more commands that we have to run even though we can run commands here through the command

5
00:00:26,410 --> 00:00:27,960
line.

6
00:00:28,030 --> 00:00:30,150
Right here we have the event log.

7
00:00:30,190 --> 00:00:37,500
So this is similar to what you see in here and the terminal but it's in a much nicer interface.

8
00:00:37,660 --> 00:00:40,110
You can use the search bar here to filter.

9
00:00:40,150 --> 00:00:48,330
If you're looking for a specific log or for a specific event and you can actually click any event type

10
00:00:48,510 --> 00:00:56,360
too muted so you won't see any of that event on screen all of this is happening in here and the events

11
00:00:56,360 --> 00:01:03,470
menu the next useful page would be the land page right here which will show you all the devices connected

12
00:01:03,470 --> 00:01:04,570
to the network.

13
00:01:04,580 --> 00:01:10,880
So this is similar to when we used to do a net show as you can see right now we only have the Raptor

14
00:01:11,120 --> 00:01:18,890
which is a 10 0 to 1 and my current computer which is 10 0 to 15 This is Carly.

15
00:01:18,920 --> 00:01:27,200
Now as you know before we had to start the net dot recon and net dot probe to discover all of the devices

16
00:01:27,230 --> 00:01:29,090
on the same network.

17
00:01:29,120 --> 00:01:35,270
So in here instead of writing the commands all you have to do is click on display button to start the

18
00:01:35,270 --> 00:01:43,370
net dot probe and click on this play button to start the next three con you'll get nice notifications

19
00:01:43,370 --> 00:01:44,170
in here.

20
00:01:44,360 --> 00:01:49,430
And as you can see we managed to discover all of the connected devices.

21
00:01:49,440 --> 00:01:55,680
You can also see in here we have a nice tag to tell us that this is the gateway and a nice tag telling

22
00:01:55,680 --> 00:02:02,640
us that this is our computer and the devices that we discovered are these two devices and you can see

23
00:02:02,640 --> 00:02:04,930
this is my M.S. EDGE device.

24
00:02:05,040 --> 00:02:12,710
The windows machine that we have always been targeting again because this is a very simple web interface.

25
00:02:12,780 --> 00:02:19,040
You won't have to type anything you can click on this little arrow right here beside the machine beside

26
00:02:19,050 --> 00:02:20,700
the IP.

27
00:02:20,700 --> 00:02:27,930
You can either scan this machine for ports or add it to your spoofing targets so you won't have to set

28
00:02:28,020 --> 00:02:30,690
a piece poof the target's to this IP.

29
00:02:30,720 --> 00:02:36,900
All you have to do is literally click here and it's automatically added to the AARP spoof.

30
00:02:36,960 --> 00:02:42,150
Not only that but we'll see a nice little window in here to configure our AARP spoof.

31
00:02:42,450 --> 00:02:46,620
And remember we used to set this option to true the full duplex.

32
00:02:46,620 --> 00:02:52,590
So all I have to do now is just click here to check it and to start this spoof for all I have to do

33
00:02:52,590 --> 00:02:55,290
is click on Start spoofing and done.

34
00:02:55,290 --> 00:03:02,490
Now we should be spoofing the target as you can see we also see a nice icon in here beside this IP to

35
00:03:02,490 --> 00:03:08,670
tell us that at the moment we are spoofing this IP telling it that we are the gateway.

36
00:03:08,670 --> 00:03:17,640
So now if I go to my target and just do a sharpie A you can see that the rafters MAC address has changed

37
00:03:17,670 --> 00:03:21,140
to the MAC address of the Kelly machine which is this one.

38
00:03:21,150 --> 00:03:26,820
So that means that we are properly spoofing this device telling it that we are there outer and we managed

39
00:03:26,820 --> 00:03:33,160
to become the man in the middle now of actually showed you how to do all of this before in details.

40
00:03:33,160 --> 00:03:38,620
So if you don't remember any of this or if any of this feels strange then please go back and revise

41
00:03:38,620 --> 00:03:42,070
the lectures where I cover these things.

42
00:03:42,070 --> 00:03:50,650
Now I also showed you how to bypass hasty G.P.S. and partially bypass h as t as using a couplet.

43
00:03:50,890 --> 00:03:57,610
Again we have a nice menu here for couplets and as you can see we have all of the couplets currently

44
00:03:57,610 --> 00:04:03,990
available with better cap and all you have to do is just click on the couplet that you want to run.

45
00:04:04,090 --> 00:04:08,680
And in my case it's the H S T S hijack couplet.

46
00:04:08,680 --> 00:04:15,070
Also if you remember when we were modifying this couplet we used to have to open the location where

47
00:04:15,070 --> 00:04:21,850
the couplets are installed and then open the couplet in a text editor and then modify its options.

48
00:04:21,850 --> 00:04:28,440
Whereas in here you can literally modify any options you want with this within this menu click on the

49
00:04:28,440 --> 00:04:35,260
this icon right here to save and then click on play to on this couplet.

50
00:04:35,260 --> 00:04:41,920
And as you can see you get nice notifications telling you that everything got executed as expected.

51
00:04:41,920 --> 00:04:44,230
And right now we can go ahead and test this.

52
00:04:45,010 --> 00:04:54,330
So if I go here and just clear the browsing data as usual and then if I just go to a normal hasty TTP

53
00:04:54,480 --> 00:05:04,230
page such as Stack Overflow dot com you'll see that this will load over hash TTP so we can log in and

54
00:05:04,230 --> 00:05:10,570
we should be able to get the user name and password as I showed you before and we can test the partial

55
00:05:10,590 --> 00:05:12,250
HST yes bypass.

56
00:05:12,300 --> 00:05:19,520
So if I go to Google dot I E and search for Facebook.

57
00:05:19,790 --> 00:05:21,470
Click on the first result

58
00:05:24,430 --> 00:05:29,040
and perfect as you can see it's loading over a normal hash TTP here again.

59
00:05:29,050 --> 00:05:34,430
So if I log in the information will be captured by My sniffer.

60
00:05:34,510 --> 00:05:40,630
So as you can see it is very very easy to edit couplets and even run them through this web interface

61
00:05:42,170 --> 00:05:47,280
you can also run all of the other plugins through the advanced menu in here.

62
00:05:47,330 --> 00:05:53,030
So for example if you wanted to start the sniffer all you have to do is just scroll down here looking

63
00:05:53,030 --> 00:06:00,850
for the sniffer and we have it right here that dog sniff if I click on that as you can see on top it's

64
00:06:00,850 --> 00:06:02,670
telling us it's not running.

65
00:06:02,950 --> 00:06:07,720
And right here instead of running the commands all you have to do is just click on the commands that

66
00:06:07,720 --> 00:06:13,200
you want to run not only that but if you wanted to modify any of the options.

67
00:06:13,310 --> 00:06:19,100
Again all you have to do is just type whatever you want to modify in here click on this even here and

68
00:06:19,100 --> 00:06:22,070
then run the command that you want to run.

69
00:06:22,430 --> 00:06:28,370
So if I wanted to start the sniffer now all I have to do is just click on net dot sniff on and this

70
00:06:28,370 --> 00:06:29,800
will start the sniffer for me.

71
00:06:31,110 --> 00:06:37,290
Now the sniffer combined with the nice events that we can get in here makes it easier to filter through

72
00:06:37,290 --> 00:06:38,980
the data that we capture.

73
00:06:39,240 --> 00:06:46,870
But it's still not the best way to filter through the captured data I will cover how to properly sniff

74
00:06:46,870 --> 00:06:52,570
data and filter it using wire shark which is the best tool for sniffing and filtering data.

75
00:06:53,020 --> 00:07:00,810
But again this web interface right here provides a nicer way of interacting and using better cup.

76
00:07:00,900 --> 00:07:08,010
Now I want to show you how to use the Wi-Fi the BLT the idea and the poison menus because we actually

77
00:07:08,010 --> 00:07:10,800
did not use any of these modules previously.

78
00:07:11,070 --> 00:07:19,100
So I just wanted to focus on showing you how to do everything we have done so far using this interface.

79
00:07:19,310 --> 00:07:21,730
Like I said it it is easier to use.

80
00:07:21,740 --> 00:07:22,540
I agree.

81
00:07:22,610 --> 00:07:28,370
But once you get used to the terminal interface it will be just as easy as this one.

82
00:07:28,460 --> 00:07:30,280
To me it's more organized.

83
00:07:30,290 --> 00:07:33,440
It can be used to achieve my goals much quicker.

84
00:07:33,440 --> 00:07:36,340
It uses less resources and it's faster.

85
00:07:36,350 --> 00:07:40,280
That's why I prefer using it over the web interface.

86
00:07:40,340 --> 00:07:45,470
And if it wasn't for showing you how to use the web interface I wouldn't even install it.

87
00:07:46,490 --> 00:07:52,580
But at the end of the day I want to show you both options and obviously you're free to use whatever

88
00:07:52,580 --> 00:07:53,900
is easier for you.