I decided that since I have not heard any talk about this, and I couldn't find any information on it in these forums, I would post a little something about it; for all of you who's curiosity it strikes.
So the first thing is first, what is BeEF?
BeEF, is short for [B]rosw[e]r [E]xploitation [F]ramework.
BeEF basically does as it says, it is used to perform penetration testing exploits on a web-browser. The way it does this, is by using client-side attack vectors. BeEF, will use one open door in which it will launch all of the attacks from, opposed to other software, which may run into road blocks due to hardened network restrictions on the machine. BeEF, is an attack that will require some social engineering. To exploit a victim, you need nothing more than to SE them into going to a forged link, and having common sense. After the user connects, the backdoor will become set, and the user will become a "hooked browser", which you can then try a list of exploits on.
So basic things are basic, this comes with Backtrack and I'm sure Kali Linux as well (however I am using BT at the time of this) BeEF should be located under:
Applications -> Backtrack -> Exploitation Tools -> Social Engineering Tools -> BEEF XSS FRAMEWORK -> BeEF Installer / BeEF
The first thing you will want to do is run the installer, so using the above path, you can find the BeEF Installer, just click it and let it do it's thing which will output somewhat similar to this:http://i.imgur.com/DaauSNe.png
Next, using the path above, find and actually run BeEF:http://i.imgur.com/DPlF9MF.png
After running BeEF, go to the control panel for the login, which should be on your local IP, port 3000 and under /ui/panel
The default login for BeEF is
Username : Password
beef : beef
After you log in, you will probably not have any "hooked browsers" to hook a browser, we have to do as said before, and SE them into clicking the link. By default and for simple demonstration, we will be showing local attacks, on our own browser, although this can be configured else wise. To begin the attack, have your browser visit the following link: http://127.0.0.1:3000/demos/butcher/index.html
From their POV it should look like so:http://i.imgur.com/W9KvvTj.png
This should automatically hook the browser into BeEF. Next, you can go down the list and define any type of attack to run on the victim. http://i.imgur.com/I1HPfPE.png
The options are limited, and if you look at the color legend, you will see this:
Green Dot: The command module works against the target and should be invisible to the user
Orange Dot: The command module works against the target, but may be visible to the user
Grey Dot: The command module is yet to be verified against this target
Red Dot: The command module does not work against this target
It is important to take note of this while performing attacks on your victim.