BeEF -- Control Any Browser Remotely

The Browser Exploitation Framework (BeEF) is a penetration testing tool focused on client-side attacks executed within a browser. Oh, Yes it includes lots of exploits.

BeEF Kali Linux

Previously BeEF comes pre-installed with Kali Linux, but now it doesn't comes pre-installed. But it is available in Kali Linux repository. We can install it on Kali Linux or other similar Linux distribution by applying following command:

sudo apt-get install beef-xss
The following screenshot shows the output of the preceding command:

installing beef on Kali Linux

It may consume our time depending on our internet speed and processing speed.

BeEF can be opened from the terminal using beef-xss command:

sudo beef-xss
If we are opening for the first time we need to set a new password to log in BeEF control panel.

setting up a new password for beef

After setting up a new password for default user beef the tool will be started as we can see in the following screenshot:


Now we can access the web based user interface (Web UI) in our browser. We don't know why but BeEF tries to open our browser automatically but failed (Hey BeEF, don't worry we can open it manually). We need to open our browser and navigate to http://127.0.0.1:3000/ui/panel and we are in the BeEF's login page.

BeEF log in page

Now here we type beef as default user and our chosen password and press login.

We are logged in in our BeEF control panel.

BeEF Dashboard


Now we need to "hook" a browser.


BeEF is providing us a basic demo page and a advanced page to hook a browser as we can see in the above screenshot.

Let's check it by clicking on the advanced version.

beef advanced hooking page

We can see in the above picture this is the advanced page to hook browser. Which browser opens this will be hooked  (even own browsers also) and we got control of the browser.

But this runs on localhost to send it another person in our local network we need to use 192.168.XX.XXX (Local IP address) in the place of 127.0.0.1. Local IP address can be found by typing ip address command in terminal.

ip address
local ip address

Now we need to send this to anyone in our local network with some juicy social engineering techniques. Whenever our target opens this link with a browser the browser will be hooked.

We have send our this hooking url http://192.168.225.51:3000/demos/butcher/index.html to our another PC and open this link their.

In our attacker machine we got one online hooked browser.

hooked browser

We need to click over the hooked browser's ip address.

clicking over hooked browser

Now we are on current browser section. Here we can see all the details about our browser and we can run exploits.

To run exploit commands we need to navigate on the commands tab.

run command on hoked browsers on commands section

For an example in this tutorial we run a basic exploit command on our hooked browser. We go social engineering menu and select the Google phishing and click on execute.

execute exploits on BeEF

After clicking on execute in our target PC the following page is automatically comes.
beef on attack

Now if we enter credentials on targeted PC we got them on our attacker machine.

Not only creating phishing page crating BeEF have lots of advanced exploits. It can take snaps from webcam, it is dangerous when attacker integrated BeEF with metasploit.

Browser Exploitation Framework hooks the browser by a JavaScript inside a normal HTML page, it exposes restful API that allow BeEF to be scripted through HTTP/JSON requests.

To use BeEF over internet we need to use our external ip in the place of our internal ip address. We also need to forward default 3000 port.


You rule!
Liked our tutorials ? Then follow us on Medium and Twitter to get notification about our recent articles. For any query or problem please feel free to comment down, we always replay.

7 comments:

  1. We can do this, only if you are connected to the same network. What if your victim to connected to other network?

    ReplyDelete
    Replies
    1. Yah, we can do this over internet. In that case we need to use our public IP (Static IP preferred) and we also need to forward our port (according to this article port is 3000) from our router settings. And use the public IP in the place of our local IP.

      Delete
  2. http://127.0.0.1:3000/ui/panel its not opening says Unable to connect in Firefox

    ReplyDelete
    Replies
    1. Seems you did not started the web interface of beef-xss. Do you got screenshot like this.

      Share some more details with us, you also can show us the screenshot in our mail id or share the image by uploading the screenshot on imgur.

      Delete
    2. yes i got the same screenshot , but when i click on this link http://127.0.0.1:3000/ui/panel its redirect to browser i got that error "Unable to connect" ,,,,,help out sir

      Delete
    3. After you guys comment we check this on our 3 different machines(Kali 2020.3 primary installation) but everything is working perfectly. No errors occurred.

      Delete
    4. http://127.0.0.1:3000/ui/authentication

      Delete

Please do not spam here. It is comment box not a spambox. Promotional links are not allowed.

Powered by Blogger.