All great things are simple, and many can be expressed in single words: freedom, justice, honor, duty, mercy, hope

Saturday, August 3, 2013

How to use Browser Exploitation Framework?

The Browser Exploitation Framework (BeEF) is a penetration testing tool written in Ruby and designed to both showcase browser weaknesses as well as perform attacks both on and through the web browser. BeEF consists of a server application that manages the connected clients, known as “zombies”, and JavaScript “hooks” which run in the browser of target hosts.

Traditionally, the JavaScript hook is injected by the attacker into HTML code either through an attack such as Cross Site Scripting (XSS) or SQL Injection. Once the hook is processed by the browser, it beacons back home to the BeEF server, and will process JavaScript based commands sent from the BeEF server to the client.

The commands sent to the browser are triggered through modules running within the BeEF server. These modules send commands that do everything from fingerprinting browsers and plug-ins to allowing the attacker to proxy web traffic through the browser. Additional modules exist to perform tasks such as network scanning, browser keystroke logging, and cross protocol exploitation where HTTP requests can be sent to non-HTTP services with exploit payloads that will execute and return shells back to an attacker.

In backtrack Beef  has been installed.But it`s not latest version , so you have to clone git repository for latest installation.

git clone https://github.com/beefproject/beef.git

cd beef

gem install bundler

bundle install

./beef

beef


Open user interface URL in brwoser & enter username & password which is beef. On the right side you can see getting started text & log.


beef

Now what you have to do is just send link http://your I.P:3000/demos/butcher/index.html or http://your I.p.:3000/demos/basic.html to victim

You can also put it in iframe and make some fake website & send link of fake website to victim like Metasploit Browser Exploitation method.

As soon as victim click on your link ; you can see victim I.P. on online browser in left side of panel.

Now click on I.P. & then command tab on righ side . There is list of command which you can execute on victim browser as long as he has open our link in his browser.

Here you can see three section module tree ; result history & details about module .

Select module & click on execute button & then view command result in module history.

There is lots of module available ; you can test it one by one & find some intresting info about victim.But our main requirement is victim should keep open our link.

No comments:

Post a Comment

UA-35960349-1