BeEF -- Control Any Browser Remotely

The Browser Exploitation Framework (BeEF) is a penetration testing tool focused on client-side attacks executed within a browser. Oh, Yes it includes lots of exploits.

BeEF Kali Linux

Previously BeEF comes pre-installed with Kali Linux, but now it doesn't comes pre-installed. But it is available in Kali Linux repository. We can install it on Kali Linux or other similar Linux distribution by applying following command:

sudo apt-get install beef-xss
The following screenshot shows the output of the preceding command:

installing beef on Kali Linux

It may consume our time depending on our internet speed and processing speed.

BeEF can be opened from the terminal using beef-xss command:

sudo beef-xss
If we are opening for the first time we need to set a new password to log in BeEF control panel.

setting up a new password for beef

After setting up a new password for default user beef the tool will be started as we can see in the following screenshot:


Now we can access the web based user interface (Web UI) in our browser. We don't know why but BeEF tries to open our browser automatically but failed (Hey BeEF, don't worry we can open it manually). We need to open our browser and navigate to http://127.0.0.1:3000/ui/panel and we are in the BeEF's login page.

BeEF log in page

Now here we type beef as default user and our chosen password and press login.

We are logged in in our BeEF control panel.

BeEF Dashboard


Now we need to "hook" a browser.


BeEF is providing us a basic demo page and a advanced page to hook a browser as we can see in the above screenshot.

Let's check it by clicking on the advanced version.

beef advanced hooking page

We can see in the above picture this is the advanced page to hook browser. Which browser opens this will be hooked  (even own browsers also) and we got control of the browser.

But this runs on localhost to send it another person in our local network we need to use 192.168.XX.XXX (Local IP address) in the place of 127.0.0.1. Local IP address can be found by typing ip address command in terminal.

ip address
local ip address

Now we need to send this to anyone in our local network with some juicy social engineering techniques. Whenever our target opens this link with a browser the browser will be hooked.

We have send our this hooking url http://192.168.225.51:3000/demos/butcher/index.html to our another PC and open this link their.

In our attacker machine we got one online hooked browser.

hooked browser

We need to click over the hooked browser's ip address.

clicking over hooked browser

Now we are on current browser section. Here we can see all the details about our browser and we can run exploits.

To run exploit commands we need to navigate on the commands tab.

run command on hoked browsers on commands section

For an example in this tutorial we run a basic exploit command on our hooked browser. We go social engineering menu and select the Google phishing and click on execute.

execute exploits on BeEF

After clicking on execute in our target PC the following page is automatically comes.
beef on attack

Now if we enter credentials on targeted PC we got them on our attacker machine.

Not only creating phishing page crating BeEF have lots of advanced exploits. It can take snaps from webcam, it is dangerous when attacker integrated BeEF with metasploit.

Browser Exploitation Framework hooks the browser by a JavaScript inside a normal HTML page, it exposes restful API that allow BeEF to be scripted through HTTP/JSON requests.

To use BeEF over internet we need to use our external ip in the place of our internal ip address. We also need to forward default 3000 port.


You rule!
Liked our tutorials ? Then follow us on Medium and Twitter to get notification about our recent articles. For any query or problem please feel free to comment down, we always replay.

No comments:

Please do not spam here. It is comment box not a spambox. Promotional links are not allowed.

Powered by Blogger.