How to install and configure Bettercap with Web UI on Apple Mac with macOS

11 min read

Updated: January 15, 2024

Bettercap is a key tool for anyone interested in network analysis and security, offering robust features for real-time network monitoring and manipulation. Whether you’re a cybersecurity enthusiast or a professional, the knowledge of effectively using the Bettercap with its Web UI on your modern macOS device will enhance your network analysis capabilities, making it easier to monitor and analyze networks. This article aims to guide you through the installation and configuration of Bettercap with its Web UI on a macOS, enhancing your network analysis capabilities on a modern macOS platform. For this demonstration, I utilized an Apple MacBook Pro equipped with the latest Apple Silicon, running on macOS 14 Sonoma.

Prerequisites

Before delving into the installation and configuration of Bettercap on your macOS device, it’s important to have the following prerequisites ready:

Apple Mac with macOS: Ensure you are using a Mac device and it’s running macOS, as this guide is tailored for this platform. But Hackintosh is fine.
Homebrew Installed: Homebrew, the package manager for macOS, is required for installing Bettercap. It simplifies the installation process significantly.
Basic Command Line Knowledge: Familiarity with macOS’s Terminal and basic command line operations is necessary, as the installation and configuration involve several Terminal commands.
Network Interface Information: Know your device’s network interface details (like en0 for Wi-Fi), as it’s essential for configuring Bettercap correctly.
Administrator Access: You’ll need administrator rights on your macOS device to install and configure software components.

Once these prerequisites are in place, you’ll be well-prepared to successfully install and configure Bettercap on your macOS device.

What is Bettercap?

Bettercap is a versatile and powerful tool used in cybersecurity for network monitoring and analysis. It offers a wide range of functionalities for network reconnaissance, including sniffing of credentials, traffic analysis, and various network attacks. Its capabilities extend to both wired and wireless networks, making it an essential tool for professionals in network security and ethical hacking. Bettercap’s flexibility and extensive feature set allow users to deeply explore and test the security of network environments.

Why you may need it

Bettercap can be crucial for individuals and organizations aiming to strengthen their network security. It’s useful for identifying vulnerabilities, monitoring network traffic, and detecting potential intrusions. Ethical hackers and security professionals use it for testing and reinforcing network defenses. Moreover, it’s valuable for educational purposes, helping users understand network protocols and security mechanisms. Whether you’re safeguarding a corporate network or enhancing your personal cybersecurity knowledge, Bettercap provides the tools necessary for a detailed and proactive approach to network security.

Issue in Bettercap on macOS

While using Bettercap (CLI or Web UI) on macOS, I personally encountered a situation where executing wifi.show after starting wifi.recon on yielded no results. This issue related to channel hopping not working by default. However, this issue, which I experienced firsthand, can be effectively resolved by manually setting the WiFi channels for scanning. For an in-depth explanation and solution to this issue, check out my dedicated article here. This comprehensive guide provides step-by-step instructions on how to effectively resolve this specific challenge.

Installing Homebrew

Before installing Bettercap, you need to install Homebrew, a package manager for macOS.

Open Terminal app: Launch your terminal application. You can find it by navigating to Applications → Utilities → Terminal, or simply by searching Terminal in Spotlight (Cmd + Space).
Install Homebrew: Begin the installation of Homebrew, macOS’s essential package manager, by executing the command below in your terminal:
```
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
```
This command fetches and runs the Homebrew installation script directly from its official GitHub repository. For more information and updates, visit Homebrew’s official website.

Installing Bettercap

Update Homebrew: Keep your Homebrew installations current by updating the package list:
```
brew update
```
This command synchronizes your local Homebrew installation with the latest packages and versions available.
Install Bettercap: With Homebrew updated, install Bettercap, a versatile network analysis and security tool, using:
```
brew install bettercap
```
This command fetches and installs the latest version of Bettercap directly from Homebrew’s repositories, ensuring you have the most recent features and security updates.
Verify Installation: After installing, it’s important to confirm that Bettercap is correctly installed on your system. This can be achieved by checking the version of Bettercap installed. In your terminal, type:
```
bettercap -v
```
This command will display the current version of Bettercap, indicating a successful installation. If you encounter any issues, you may need to revisit the installation steps or consult Bettercap’s documentation for troubleshooting tips.
Launching the Bettercap CLI: To start an interactive Bettercap session in your terminal, use the following command:
```
sudo bettercap -iface en0
```
This initiates Bettercap with a user-interactive mode, similar to the Metasploit framework, where you can execute various commands, manage modules, and configure settings. For the list of command line arguments, visit Bettercap’s official documentation.

The en0 specifically refers to the Wi-Fi interface on macOS systems. This designation is used to ensure that Bettercap’s Web UI operates over the Wi-Fi network connection. If your setup utilizes a different interface, you can replace en0 with the appropriate interface identifier to match your system configuration.

If you’re only looking to use Bettercap via the command line (in Terminal), you can stop following the steps in this guide at this point. However, if you’re interested in utilizing Bettercap’s Web UI for a more graphical interaction, please continue with the upcoming steps for configuration.

Setting Up the Web UI for Bettercap

Initial Setup: Start by installing and updating the predefined caplets (hosted in this repository) and Web UI using:
```
sudo bettercap -eval "caplets.update; ui.update; q"
```
Caution! Execute the caplets.update only once at the beginning. Repeated usage might reset any customizations you’ve made in Bettercap, as it replaces the existing caplets in the system folder with new ones from GitHub. To safeguard your personalized settings or credentials, consider backing them up or relocating your modified caplet files to Bettercap’s working directory. This way, your changes will take precedence over the default system-wide settings.
Launching the Web UI: Activate the web interface of Bettercap on your local machine with this command:
```
sudo bettercap -caplet http-ui -iface en0
```
The en0 specifically refers to the Wi-Fi interface on macOS systems. This designation is used to ensure that Bettercap’s Web UI operates over the Wi-Fi network connection. If your setup utilizes a different interface, you can replace en0 with the appropriate interface identifier to match your system configuration.
Access the Web UI: After executing the previous command, the Web UI for Bettercap is activated and can be accessed through http://127.0.0.1/ in your web browser, such as Safari. Upon navigating to this address, you’ll be prompted to enter the username and password. By default, these are set to user and pass, respectively, as found in the /usr/local/share/bettercap/caplets/http-ui.cap configuration file. This allows for easy and direct access to Bettercap’s web interface.

Adjusting the Web UI configuration

This section focuses on the configuration of Bettercap’s Web UI, distinct from the initial installation process of Bettercap itself, ensuring a smooth and personalized user experience. These settings are located in the /usr/local/share/bettercap/caplets/http-ui.cap configuration file in the Bettercap’s system directory. Here are several key points you can adjust for a more secure and personalized Web UI configuration:

Change login credentials: As a critical security measure, it’s important to change the default username and password under the CHANGE THESE section. This prevents unauthorized access and ensures that only authorized users can interact with the Web UI.
Change API and Server ports: Change the API and server ports by adjusting api.rest.port and http.server.port settings. This is particularly useful for avoiding port conflicts with other services running on your system.
Set WiFi Recon Channels: To resolve the channel hopping issue with the wifi.recon on module and enable effective monitoring of network traffic across different frequency bands using the wifi.show command, it’s beneficial to add the wifi.recon on and the wifi.recon.channel to define the WiFi channels for both 2.4 GHz and 5 GHz bands, ensuring the WiFi reconnaissance feature functions correctly.
```
wifi.recon on
wifi.recon.channel 1,2,3,4,5,6,7,8,9,10,11,36,40,44,48,52,56,60,64,100,104,108,112,116,120,124,128,132,136,140,144,149,153,157,161,165
```
The wifi.recon.channel followed by the numbers of the desired channels, separated by commas, to specify the channels for scanning.
Adjust Wi-Fi Region settings: For optimal performance and compliance with local wireless regulations, you can set the Wi-Fi card’s region. Add the command set wifi.region, followed by your desired region code. For example, use set wifi.region DE to set the region to Germany (DE). This adjustment ensures your Wi-Fi operates within the correct frequency ranges and power levels for your location.
Change Wireless Interface MAC Address for Anonymity: To enhance your anonymity while using Bettercap, you can change the MAC address of your wireless interface. This step effectively disguises your device’s physical address, providing an additional layer of anonymity and helping you remain unidentifiable or untraceable during network reconnaissance and analysis. This can be done by adding the following commands:
```
set wifi.interface [your_interface]
set mac.changer.iface [your_interface]
set mac.changer.address [new_MAC_address]
mac.changer on
```
Replace [your_interface] with your actual Wi-Fi interface name (e.g., en0) and [new_MAC_address] with the desired new MAC address. This block must be added before the wifi.recon on line to work.

These adjustments enhance the security and functionality of Bettercap’s Web UI, tailored to your specific requirements and system setup.

Alias for the Bettercap’s Web UI

Creating an alias for launching Bettercap’s Web UI can significantly streamline your workflow. Here’s a step-by-step guide to set it up:

Open the Profile File: Start by opening your Zsh configuration file (~/.zshrc) in a text editor, like nano.
```
nano ~/.zshrc
```
Add the Alias: Insert the following line in the .zshrc file:
```
alias bettercap_ui="sudo /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -z; open -a Safari http://127.0.0.1:80/#/wifi; sudo bettercap -caplet http-ui -iface en0"
```
This command creates an alias named bettercap_ui. It first disconnects Wi-Fi (using the airport -z command) to prevent potential conflicts, then opens Safari at the Bettercap Web UI’s URL, and finally, starts Bettercap with the specified interface.
Activate the Changes: After saving the file, source your profile to activate the changes.
```
source ~/.zshrc
```

Now, by simply typing bettercap_ui in the terminal, you can quickly launch Bettercap’s Web UI, making the process more efficient and user-friendly.

Conclusion

That’s all there is to it! You’ve successfully configured Bettercap with its Web UI on your macOS device. It’s straightforward, right?

Setting up Bettercap on macOS, particularly on the latest Apple Silicon MacBooks, is more than just a technical exercise. It marks a leap into the realms of ethical hacking, network monitoring and analysis. It’s a step towards enhancing your network security, giving you valuable insights and control over your network environment. With the Web UI, this tool becomes even more accessible and user-friendly, allowing for real-time network monitoring and analysis in public spaces without unnecessary glances from people around you.

This guide aimed to simplify the process, breaking down each step to make Bettercap accessible to both beginners and advanced users. I hope you find this resource useful in your cybersecurity endeavors.

Your thoughts and experiences with Bettercap on macOS are welcome in the comment section

Thank you for reading, and here’s to empowering your cybersecurity skills with Bettercap!

Additional resources:

Bettercap and Bettercap Official Documentation: Comprehensive information on Bettercap’s features, usage, and configuration options.
Homebrew and Homebrew Official Documentation: Key resource for using Homebrew on macOS, essential for installing Bettercap.

Hope that Helped!

If this post helped you out and you'd like to show your support, please consider fueling future posts by buying me a coffee cup!