appsecben
  • AppSecBen
  • Awesome Links
  • tools
    • grep
    • netstat
    • nmap
    • h8mail
    • sherlock
    • BeEF
    • Wireshark
    • Scapy
    • ffuf
    • wafw00f
    • hCaptcha
    • sn1per
    • WPScan
    • searchsploit
    • Metasploit
    • wget
    • Bash Scripting
    • git
    • Docker
    • VSCode
    • Local web server
    • S3 Bucket
    • JWT
  • Links Úteis
    • Cursos
    • Ferramentas Online
    • Repositórios
    • Articles, Docs, Sites, etc
  • Infra
    • Email
    • DNS
    • Subdomain
    • Ferramentas
    • SSH
  • Tor
    • Links
    • Tor + ProxyChains Config
  • GoLang
    • Cheat Sheet
    • Install
    • Useful Links
    • Packages
    • VSCode
  • Vulns
    • Log4j
Powered by GitBook
On this page
  • Sobre
  • Kali
  • Como instalar:
  • Como executar
  • Docker
  • Install
  • Running
  • Exemplo de uso

Was this helpful?

  1. tools

BeEF

BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.

Sobre

https://beefproject.com/

Kali

Como instalar:

$ sudo apt-get update
$ sudo apt-get install beef-xss

Como executar

Nota: na primeira execução ele vai te pedir pra colocar uma nova senha. Se você estiver apenas testando a ferramenta, coloque admin e seja feliz.

$ sudo beef-xss

### OUTPUT ###
[-] You are using the Default credentials
[-] (Password must be different from "beef")
[-] Please type a new password for the beef user: 
[i] GeoIP database is missing
[i] Run geoipupdate to download / update Maxmind GeoIP database
[*] Please wait for the BeEF service to start.
[*]
[*] You might need to refresh your browser once it opens.
[*]
[*]  Web UI: http://127.0.0.1:3000/ui/panel
[*]    Hook: <script src="http://<IP>:3000/hook.js"></script>
[*] Example: <script src="http://127.0.0.1:3000/hook.js"></script>

● beef-xss.service - beef-xss
     Loaded: loaded (/lib/systemd/system/beef-xss.service; disabled; vendor preset: disabled)
     Active: active (running) since Thu 2021-04-15 10:06:32 EDT; 5s ago
   Main PID: 3562 (ruby)
      Tasks: 10 (limit: 6891)
     Memory: 160.3M
        CPU: 4.937s
     CGroup: /system.slice/beef-xss.service
             ├─3562 ruby /usr/share/beef-xss/beef
             └─3573 nodejs /tmp/execjs20210415-3562-ike2ibjs

Apr 15 10:06:35 kali beef[3562]: == 23 CreateIpecExploitRun: migrated (0.0006s) ================================
Apr 15 10:06:35 kali beef[3562]: == 24 CreateAutoloader: migrating =============================================
Apr 15 10:06:35 kali beef[3562]: -- create_table(:autoloader)
Apr 15 10:06:35 kali beef[3562]:    -> 0.0008s
Apr 15 10:06:35 kali beef[3562]: == 24 CreateAutoloader: migrated (0.0008s) ====================================
Apr 15 10:06:35 kali beef[3562]: == 25 CreateXssraysScan: migrating ============================================
Apr 15 10:06:35 kali beef[3562]: -- create_table(:xssrays_scan)
Apr 15 10:06:35 kali beef[3562]:    -> 0.0010s
Apr 15 10:06:35 kali beef[3562]: == 25 CreateXssraysScan: migrated (0.0011s) ===================================
Apr 15 10:06:35 kali beef[3562]: [10:06:34][*] BeEF is loading. Wait a few seconds...

[*] Opening Web UI (http://127.0.0.1:3000/ui/panel) in: 5... 4... 3... 2... 1...

Agora só abrir a url http://127.0.0.1:3000/ui/panel:

Coloque o user beef e a senha admin.

Docker

Install

Clone

git clone git://github.com/beefproject/beef.git

Change default credentials

Build image:

cd beef
docker build -t beef .

Running

docker run -p 3000:3000 -p 6789:6789 -p 61985:61985 -p 61986:61986 --name beef beef

Exemplo de uso

PrevioussherlockNextWireshark

Last updated 4 years ago

Was this helpful?