BeEF - Browser Exploitation Framework

General technological topics without their own forum go here

BeEF - Browser Exploitation Framework

Post by -Ninjex- on Tue May 14, 2013 2:59 am
([msg=75586]see BeEF - Browser Exploitation Framework[/msg])

I decided that since I have not heard any talk about this, and I couldn't find any information on it in these forums, I would post a little something about it; for all of you who's curiosity it strikes.

So the first thing is first, what is BeEF?
BeEF, is short for [B]rosw[e]r [E]xploitation [F]ramework.

BeEF basically does as it says, it is used to perform penetration testing exploits on a web-browser. The way it does this, is by using client-side attack vectors. BeEF, will use one open door in which it will launch all of the attacks from, opposed to other software, which may run into road blocks due to hardened network restrictions on the machine. BeEF, is an attack that will require some social engineering. To exploit a victim, you need nothing more than to SE them into going to a forged link, and having common sense. After the user connects, the backdoor will become set, and the user will become a "hooked browser", which you can then try a list of exploits on.

So basic things are basic, this comes with Backtrack and I'm sure Kali Linux as well (however I am using BT at the time of this) BeEF should be located under:
Applications -> Backtrack -> Exploitation Tools -> Social Engineering Tools -> BEEF XSS FRAMEWORK -> BeEF Installer / BeEF
The first thing you will want to do is run the installer, so using the above path, you can find the BeEF Installer, just click it and let it do it's thing which will output somewhat similar to this:

http://i.imgur.com/DaauSNe.png

Next, using the path above, find and actually run BeEF:

http://i.imgur.com/DPlF9MF.png

After running BeEF, go to the control panel for the login, which should be on your local IP, port 3000 and under /ui/panel
e.g http://192.168.1.71:3000/ui/panel

The default login for BeEF is
Username : Password
beef : beef

After you log in, you will probably not have any "hooked browsers" to hook a browser, we have to do as said before, and SE them into clicking the link. By default and for simple demonstration, we will be showing local attacks, on our own browser, although this can be configured else wise. To begin the attack, have your browser visit the following link:

http://127.0.0.1:3000/demos/butcher/index.html

From their POV it should look like so:

http://i.imgur.com/W9KvvTj.png

This should automatically hook the browser into BeEF. Next, you can go down the list and define any type of attack to run on the victim.

http://i.imgur.com/I1HPfPE.png

The options are limited, and if you look at the color legend, you will see this:

Green Dot: The command module works against the target and should be invisible to the user
Orange Dot: The command module works against the target, but may be visible to the user
Grey Dot: The command module is yet to be verified against this target
Red Dot: The command module does not work against this target

It is important to take note of this while performing attacks on your victim.
If you're not willing to learn, no one can help you. If you're determined to learn, no one can stop you.⠠⠵
The absence of evidence is not evidence of absence.
I can explain it for you, but I can't understand it for you.
User avatar
-Ninjex-
Addict
Addict
 
Posts: 1303
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: BeEF - Browser Exploitation Framework

Post by e3cb on Tue May 14, 2013 10:02 am
([msg=75588]see Re: BeEF - Browser Exploitation Framework[/msg])

Very nice introductory explanation of BeEF. Two other way to make great use of this amazing framework is to use it in conjunction with Metasploit and Ettercap/SSLStrip. If you create a filter for iframe injection or any other form of XSS injection, you can use it in conjunction with BeEF and force a browser to get hooked. After which, you can perform a very simple Java Applet attack or any other attack via XSS and pop a shell.
<3 FF E4 <3
Do you even asm bruh?
User avatar
e3cb
Experienced User
Experienced User
 
Posts: 60
Joined: Fri Feb 15, 2013 11:32 pm
Location: Orange County
Blog: View Blog (0)


Re: BeEF - Browser Exploitation Framework

Post by Ismaililo on Wed Jun 18, 2014 2:30 pm
([msg=81529]see Re: BeEF - Browser Exploitation Framework[/msg])

Hi everyone !
I have just installed BeEF but after launching BeEF I was surprised by this :o :
DEFAULT USER/PASSWORD: beef/beef

/var/lib/gems/1.9.2/gems/gems/bundler-1.6.3/lib/bundler/constants.rb:2:in `<module:Bundler>': uninitialized constant Bundler::RbConfig (NameError)
from /var/lib/gems/1.9.2/gems/gems/bundler-1.6.3/lib/bundler/constants.rb:1:in `<top (required)>'
from /var/lib/gems/1.9.2/gems/gems/bundler-1.6.3/lib/bundler/shared_helpers.rb:4:in `require'
from /var/lib/gems/1.9.2/gems/gems/bundler-1.6.3/lib/bundler/shared_helpers.rb:4:in `<top (required)>'
from /var/lib/gems/1.9.2/gems/gems/bundler-1.6.3/lib/bundler/setup.rb:1:in `require'
from /var/lib/gems/1.9.2/gems/gems/bundler-1.6.3/lib/bundler/setup.rb:1:in `<top (required)>'
from /pentest/web/beef/core/loader.rb:18:in `require'
from /pentest/web/beef/core/loader.rb:18:in `<top (required)>'
from beef:42:in `require'
from beef:42:in `<main>'

I don't know what is the solution and I'm waiting for yours :)
Ismaililo
New User
New User
 
Posts: 1
Joined: Wed Jun 18, 2014 1:53 pm
Blog: View Blog (0)


Re: BeEF - Browser Exploitation Framework

Post by -Ninjex- on Thu Jun 19, 2014 9:18 am
([msg=81547]see Re: BeEF - Browser Exploitation Framework[/msg])

That is probably the result of an outdated version of bundler.
Try running this command

Code: Select all
apt-get update && apt-get upgrade; gem update bundler


If that doesn't work, try this snippet of code

Code: Select all
gem install bundler && bundler install


If both of these fail, you may need to check your Ruby path and rake path locations, and make sure Ruby can access the path it's located at.
If you're not willing to learn, no one can help you. If you're determined to learn, no one can stop you.⠠⠵
The absence of evidence is not evidence of absence.
I can explain it for you, but I can't understand it for you.
User avatar
-Ninjex-
Addict
Addict
 
Posts: 1303
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)



Return to General

Who is online

Users browsing this forum: No registered users and 0 guests