Facebook/gmail account

Question

Facebook/gmail account

user568989 opened this issue 6 years ago · 3 comments

Before i even start to use the new version of bettercap ( was dealing with other stuff ) i want to know everything about this tool and generally to know about SSL and prealoded hsts sites...
From what i see with the new caplets that can be stored in bettercap and u can use them to inject a fake facebook/gmail site that's the victim visit to grab his password is that right?
Or it still can't be done with these websites like gmail and facebook cause they always look for https and never start facebook/gmail if the page is starting wjth http (preloaded hsts)
Can u explain me more about how this work?
There is no way that stealing password from gmail/facebook is impossible....

Answer 1 · 2019-02-10T13:48:11.000Z

Welcome to bettercap.

The manual is here.

You can learn how HTTP, TLS and HSTS works here.

Answer 2 · 2019-02-10T14:04:16.000Z

The "here" represents google ... lol :)

Answer 3 · 2019-02-10T14:19:07.000Z

@user568989 exactly :)