BeEF – Browser Exploitation Framework

BeEF is the Browser Exploitation Framework. The BeEF is an powerful security Framework. It Mainly focuses on the browser based exploits.

If you want to see the real exploitaiton with the XSS(Cross Site Scripting) the beef can be good one. By using Beef we can see what we can do with the XSS Vulnerability.

How to start with BEEF

In Backtrack Beef is already there but before that you have to install it once

Applications –> Backtrack –> Exploitation Tools –> Social Engineering Tools –> Beef XSS Framework –> Beef installer

You will be getting this screen

Applications –> Backtrack –> Exploitation Tools –> Social Engineering Tools –> Beef XSS Framework –> Beef

Dont close this terminal place like that only

The default username/password is beef/beef

Copy the UI URL and paste that in the Attacker Browser

and we will get an beef authentication page

the username and password is beef/beef

After login we will get this page

For checking

http://192.168.0.107:3000/demos/basic.html

Just place this in another tab

and see in the hooked browser section

after that we will get all the details of the hooked browser and we can execute the scripts

In the next article we will see how to exploit the XSS Vulnerability using BeEF Framework

More information on BeEF

http://www.bindshell.net/tools/beef.html

http://beefproject.com/

Share Button

One thought on “BeEF – Browser Exploitation Framework

  • September 13, 2013 at 12:31 pm
    Permalink

    nice tut but i have a question is their are way like to mux beef with metasploit and obatain a meterpreter shell

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

15 − 2 =