BeEF

Beef framework

cd /user/share/beef-xss

./beef

this will start the framework

In the example the interface panel was

http://127.0.2.4:3000

open a web browser and navigate there

http://127.0.2.4:3000/ui/panel

username and password: beef

beef

currently, folders are empty

You want to use the 'advanced version here' link

visit this in another browser

• you see the beef

• then you have been compromised

• this should show in the online browser tab

Viewing the details and attacks

• Click on the target

• Current Browser - details in the main panel

• Commands - tab has all the things to exploit

• Browser > Hooked domain

Examples

• Click on eg 'Get Cookie' and then 'Execute'

• Get page html - execute - then see all html code

• Replace hrefs = replace all https with http for session downgrade