Table of Contents
Caplets, or .cap
files are a powerful way to script bettercap's interactive sessions, think about them as the .rc
files of Metasploit. You will find updated caplets and modules in this repository, you're strongly invited to check it out in order to fully understand the features of this tool.
How to Install / Update
Caplets can be installed and updated using the caplets module.
From the command line
sudo bettercap -eval "caplets.update; q"
From bettercap itself
> caplets.update
How to Use
Caplets can be used in two ways.
From the interactive session
Whenever you type a command which is not recognized by the interactive session, bettercap will try to load the relative caplet file, let's see an example.
> reload arp.spoof
Normally, this would print the following error due to reload
not being a recognized command:
Unknown or invalid syntax "reload arp.spoof", type help for the help menu.
Let's try to create the file reload.cap
in our current folder, with the following lines:
$0 off
$0 on
If we try to execute reload arp.spoof
again, we will see how the session won't print the same error message again, but instead it's executing the lines:
arp.spoof off
arp.spoof on
As you can imagine, you can define custom commands this way, $0
will be replaced with the first argument, $1
with the second and so on.
The loading order is:
./reload.cap
./caplets/reload.cap
- Any folder in the environment variable
$CAPSPATH
if defined (values are separated by:
like in$PATH
).
From the command line
Using the -caplet
command line argument, for example:
$ sudo bettercap -caplet ./example.cap
Will load the example.cap
file for the current folder. Additional parameters can be used to configure caplets, for instance, while the following command line with spoof and print HTTP request for the whole network:
$ sudo bettercap -caplet path/to/caplets/http-req-dump.cap
This will only target a specific ip by overriding the arp.spoof.targets
variable:
$ sudo bettercap -caplet path/to/caplets/http-req-dump.cap -eval "set arp.spoof.targets 192.168.1.5"
- Known Issues
- Using with Docker
- Compilation
- Interactive Mode and Command Line Arguments
- Changing the Prompt
- Caplets
Modules
- Core
- HID on 2.4Ghz (mousejacking)
- Bluetooth Low Energy
- 802.11
- Ethernet and IP
- Servers
- Rogue Servers
- Utils