Gameplay

3/Gameplay/grid-small

 People use browsers for all types of things, and in general, we trust a lot of personal information to them. That's why browsers are a perfect attack surface for a hacker, because the target may not even know they are infected and feed you all of the information you could want.

To do this, you need to first trick the user into clicking a link. To generate the link, you can use a tool called BeEF, which used to be preinstalled on Kali Linux.

Similar to Metasploit, BeEF, which stands for Browser Exploitation Framework, is a framework for launching attacks. Unlike with Metasploit, it's specific to launching attacks against web browsers. In some cases, we could use BeEF in conjunction with Metasploit to start more advanced attack scenarios.




BeEF can generate a link that can track the target and even run modules to both escalate permissions and gather more information about the person behind the computer. It can even scan behind the network the person's on, which is pretty impressive since you can take pictures with their webcam, see what they're typing, and launch phishing pages to try and get credentials.


Step 1Install BeEF

BeEF is built right into Kali Linux 2019.2 and older, so you shouldn't have to install anything if you're running one of those versions on your computer.

In mid-2019, Kali removed BeEF as a preinstalled exploitation tool, moving it from "kali-linux-default" to the "kali-linux-large" metapackage. That means that if you installed a fresh version of Kali, you would no longer have BeEF, though, you may retain it if you simply updated your older version of Kali to 2019.3 or higher.

If you already have it, use the following command to update everything. And if you don't have it, the same command will install it. Just make sure to use beef-xss and not "beef" because the latter is a programming language interpreter, which is different. (We made that mistake in our video above, so don't do the same.

 sudo apt install beef-xss

Whether you had it preinstalled from before or had to install it, the rest is the same.

Step 2Open the BeEF Service

Once BeEF is installed, you can find it under Applications –> System Services, then click on "beef start." It will open a terminal window to start the service.If you don't see any beef-related tools in that folder, or if you don't see that folder at all, you may have installed "beef" and not "beef-xss" so make sure to do the latter. (You can also start BeEF from the Exploitation Tools folder where it's "beef xss framework.)

If you run into errors where your browser fails to load, you can bypass the issue by opening up your preferred web browser, like Firefox or Chrome, and going to the following URL, which is for the localhost (127.0.0.1) web server at port 3000.

http://127.0.0.1:3000/ui/panel

Step 3Log in to the BeEF Service

Once the browser interface opens, you'll need to log in to the BeEF service. The default credentials are beef for the username and beef for the password. However, you may have been prompted to create a password for your beef session (as seen above), and in that case, you would use beef as the username and whatever password you chose.


After logging in successfully, you should see the "Getting Started" page with information about how BeEF works. On the left, there's the Hooked Browsers column, which is where all the browsers you control will end up.



Step 4Hook the Target Browser

The key to success with BeEF is to "hook" a browser. This basically means that we need the target to visit a vulnerable web app with the "hook.js" JavaScript file. To practice, BeEF provides a webpage for your localhost with the payload in it, so visit that to see how it works.

http://127.0.0.1:3000/demos/basic.html

The injected code in the hooked browser responds to commands from the BeEF server that we control. From there, we can do many mischievous things on the target's computer.

Step 5View the Browser Details

I've got a few hooked browsers, but I'm going to look at the Chrome one. Click on your hooked browser, and it will jump you to the "Details" tab, which provides information about the hooked browser. Mine shows up as Chrome in the values.

This tab will show you a lot more than that. For me, I see that the platform is Linux x86_64; that it has the Chrome PDF Plugin, Chrome PDF Viewer, and Native Client plugins; the components include webgl, webrtc, and websocket; and other interesting information.



0 Comments:

Post a Comment