BeEF is the Browser Exploitation Framework. The BeEF is an powerful security Framework. It Mainly focuses on the browser based exploits.
If you want to see the real exploitaiton with the XSS(Cross Site Scripting) the beef can be good one. By using Beef we can see what we can do with the XSS Vulnerability.
How to start with BEEF
In Backtrack Beef is already there but before that you have to install it onceApplications --> Backtrack --> Exploitation Tools --> Social Engineering Tools --> Beef XSS Framework --> Beef installer
You will be getting this screen
Applications --> Backtrack --> Exploitation Tools --> Social Engineering Tools --> Beef XSS Framework --> Beef
Dont close this terminal place like that only
The default username/password is beef/beef
Copy the UI URL and paste that in the Attacker Browser
and we will get an beef authentication page
the username and password is beef/beef
After login we will get this page
For checking
http://192.168.0.107:3000/demos/basic.html
Just place this in another tab
and see in the hooked browser section
after that we will get all the details of the hooked browser and we can execute the scripts
In the next article we will see how to exploit the XSS Vulnerability using BeEF Framework
More information on BeEF
http://www.bindshell.net/tools/beef.html
http://beefproject.com/
1 comments:
nice tut but i have a question is their are way like to mux beef with metasploit and obatain a meterpreter shell
Post a Comment