BeEF Browser Exploitation Framework

BeEF Browser Exploitation Framework

exploitation framework. Its purposes in life is to provide an easily integratable framework to demonstrate the impact of browser and cross-site scripting issues in real-time. The modular structure has focused on making module development a trivial process with the intelligence existing within BeEF. Some of the basic functionality includes Keylogging and Clipboard Theft.

Though BeEF can be used to exploit computers located anywhere on the Internet (by setting up a malicious site) and on the local LAN (use a simple MITM to send the payload)

CLICK HERE TO DOWNLOAD

INSTRUCTION

Install
Standard
Standard Install Instructions
Extract the BeEF tar file to the webroot
Check BeEF directory permissions and ownership of BeEF directories and files
Open a browser and connect to http://beefsite/beef/
Follow install instructions
BackTrack
BackTrack Install Instructions
Set ServerName
Edit ServerName in '/usr/local/apache/conf/httpd.conf'.
ServerName <your domain/IP>
Extract BeEF to HTTP Server
cp beef-v*.tgz /usr/local/apache/htdocs
cd /usr/local/apache/htdocs
tar xzvf beef-v*.tgz
Setup BeEF from Browser
Browse to http://<your domain/IP>/beef/
Follow Instructions
Click 'Finished'
Verifying Install
Use a browser to connect to 'http://beefsite/beef/hook/example.php'. Now a zombie will appear in the zombie section of the BeEF UI.
After a zombie has connected, select the 'alert' module. Enter an 'Alert String' and click send. Now check the target browser and you will see that an alert dialog box is shown.