BeEF – Browser Exploitation Framework

BeEF is a penetration tool that focuses on the web browser. It can be used to hook the browser by merely sending a link and asking to open the link using social engineering. As it is a browser exploit it is cross-platform. You might have seen some fraud videos in which the hacker asks the target to click on the link and then that takes you to the malicious webpage which may show a 404 Error. But in reality, the target has been hooked by the hacker and now the hacker can run any command that is available in the BeEF Tool some of which we will be covering.

The procedure to install BeEF is first you need ruby in your Linux Environment. To check whether the ruby is installed or not, type ruby -v in the terminal.

INSTALLATION

• Open the terminal and type apt-get install beef-xss. Make sure you are the root user.

BeEF Installation Command

During unpacking it will ask for some services to be restarted just select yes and continue. Once the installation is done it's ready for use.

USAGE

• Open a terminal and type sudo beef-xss. You will get the following output.

Initialize BeEF

• If you get this error don’t worry just go to the browser and type the URL i.e 127.0.0.1:3000/ui/panel. You will get an authentication page as shown.

Login Page

Default credentials are beef:beef

• After Login (You can change the password if you want). You will see this kind of web interface.

Dashboard of BeEF

• To start hooking the browsers you need to edit the index.html file and add a script tag to it as shown.

HTML Code

• Put your IP in place of <IP>.
• Start the web server using the command sudo service start apache2.

Start Apache web server

• Ask the target to visit the IP where you have the HTML code placed. It will be something like this.

Visit the website

• Once the target visits the link in the browser. You will get an IP in the Online Browsers folder with the target's IP.

Hooked Browsers in BeEF

• Now we can use the commands tab to execute. We will show you two of the commands. One is an alert dialogue and the other is a payload command. 
• Set the alert text you want to pop up and click on execute.

Alert Option in BeEF

• If you check the target's device. They will see something like this.

Target Device

• The fake notification bar command will help in delivering the payload. It takes two parameters, one is a text that you want to show, and the other your the payload file you want to get downloaded. You can add a URL having your payload in var/www/html. 
• Once you click to execute the target will get a notification to download a browser plugin and once the target downloads and run it you will get a connection.

Remember the above will work for the targets on your connected network for this to work over the internet you need to do port forwarding. BeEF is not limited to this it has many modules that can be explored by testing and learning.

While installing BeEF there were some errors that we came across like being Unable to locate the package. If you too get this type of error you can edit the sources.list file and add the source that is given below and then update. While updating if you get an error saying keys are not proper then type this command in terminal apt-key adv —keyserver hkp://keys.gnupg.net –recv-keys 7D8D0BF6

The repos that are used:

• deb https://mirrors.ocf.berkeley.edu/kali kali-rolling main non-free contrib
• deb-src https://mirrors.ocf.berkeley.edu/kali kali-rolling main non-free contrib

This is how Hackers can get access to your device with a simple URL. Please check the URL before opening them. 

We hope this helps. If any suggestions or doubts you can add a comment and we will reply as soon as possible.