Exam 312-50v12 topic 1 question 210 discussion

A. Hetty: is primarily used for HTTP and HTTPS proxy and session manipulation, but it is not specifically designed for session hijacking in wireless networks. B. bettercap: is a comprehensive and flexible network attack and monitoring tool that supports a wide range of attacks. It is well-suited for performing attacks on various network protocols and can be used to capture and manipulate traffic, making it effective for session hijacking in a WPA-PSK network. C. DroidSheep: is an Android application used for session hijacking on unencrypted Wi-Fi networks. D. FaceNiff: is another tool designed for session hijacking but is specifically tailored for capturing sessions over unsecured (HTTP) networks.

The difference here is between trying to compromise the network or devices on the network. Bettercap is for the network, most others here are for compromising devices.

I would go with B, because it is in the labs and EC likes to put questions about the tools they talk in detail about

B. bettercap CEHv12. 1026 bettercap is a portable framework written in Go that allows security researchers, red teamers, and reverse engineers to perform reconnaissance and various attacks on Wi-Fi networks, Bluetooth low energy devices, wireless HID devices, and IPv4/IPv6 networks. key here is and subsequent security analysis

ChatGPT: B. bettercap Explanation: bettercap: is a powerful, flexible, and portable tool designed for network attacks and monitoring. It is well-suited for a wide range of network attack scenarios, including session hijacking on wireless networks. bettercap is capable of performing Man-in-the-Middle (MitM) attacks, which are essential for session hijacking. It can sniff network traffic, capture cookies, and exploit various network protocols to hijack sessions. Its capabilities make it a suitable choice for attacking networks with WPA-PSK security, as it can work after gaining access to the network or when conducting attacks within the network perimeter.

Bettercap - is a comprehensive network attack and monitoring framework suitable for various types of attacks, including session hijacking, on wireless networks with WPA-PSK security protocols. Hetty is a tool for wireless network analysis and auditing but does not specialize in session hijacking attacks. DroidSheep and FaceNiff are Android applications designed for session hijacking attacks targeting mobile devices, specifically over Wi-Fi networks.

B. bettercap

i think the key WORD is SESSION HIJACKING -The DroidSheep tool is used for session hijacking on Android devices connected to a common wireless network. It obtains the session ID of active users on the Wi-Fi network and uses it to access a website as an authorized user. A DroidSheep user can easily observe the activities of authorized users on websites. It can also hijack social accounts by obtaining the session ID.

DroidSheep

FaceNiff is an Android app that allows a user to sniff and intercept web-session profiles over the WiFi network that the user’s mobile device is connected to. Although FaceNiff can hijack sessions only when the WiFi network does not use the Extensible Authentication Protocol (EAP), it works on any private network, including open, Wired Equivalent Privacy (WEP), Wi-Fi Protected Access–pre-shared key (WPA-PSK), and WPA2-PSK networks.

DroidSheep is a simple Android tool for web session hijacking

Could someone help me confirm the accuracy of this data

B. bettercap