Difference between revisions of "BeEF"

Summary

Browser Exploitation Framework (BeEF) allows the user to start client-side-attacks, assess the security of the browser and the possible effects on the network to be tested.

Requirements

As part of this guide, I used Kali (Kali GNU/Linux Rolling 5.10.0-kali3-amd64) as the OS, so it was already preinstalled. I installed Kali on a Virtual machine (VMware® Workstation 15 Pro 15.5.5 build-16285975).

Example

For example, we only have just the domain information of the target system. And we would like to know more about this system, like name server, etc.

Let's use fh-campuswien.ac.at as our example domain:

Login to BeEF service

Start: Open the BeEF service and authenticate

After the beef service has started, you have to log into the service. Default credentials are 'beef' for username and 'beef' for the password.

localhost

Hook Target Browser

For practicing purposes BeEF provides a localhost webpage.

details of hooked browser (chrome)

To see the details of hooked Browser

If you click on the hooked browser, under "Details" you can see information about the browser.

modules

Command execution in the Browser

There are hundreds of modules under "Commands", which include from social engineering to browser hacks. The desired module can be selected by clicking and executed with the "Execute" button at the bottom right. I choosed the "Google Phishing" module under the "Social Engineering" Folder and clicked to "Execute".

result

Result

After executing the "Google Phishing" module, the victim is asked to "Sign in". Victims entered credentials are visible under "Logs".

Courses

• WFP-1

References

• https://beefproject.com