Open in app

Sign in

Write

Sign in

BeEF!: take browser control

Sebastián Vidal Aedo
4 min readDec 24, 2022

--

This is why you should never click on an unknown link

NEVER DO THIS, just for proof of concept or entertainment with friends. NEVER, I repeat, NEVER, because it is incorrect and also a crime.

Ok, again, never do it, but what is a BeEF?

Browser Exploitation Framework (BeEF), en pocas palabras, es apoderarse de la informacion del navegador mediante el acceso a una url.

El objetivo de este post es mostrar lo sencillo que podriamos ser hackeados medainte una url maliciosa (incluso cuenta un certificado seguro).

Configuration

We will use Linode, because give us a lot of tools to make this even easier.

Go to https://www.linode.com/ and create and account. Go to Linode and Create Linode (something like create instance on AWS).

Then:

  • Go to Market. Search “BeEF” and select it.
  • Go down and setup BeEF assigning a Password (pass-beff-user) and an email for the encrypting, then the sudo user password.
  • The kind of Linode Plan, shared are cheaper.
  • Linode Label: the “name”.
  • Set a root password.

Thats all (mandatory), of course we leave some fields as it was but you can experiment assigning some values.

We need to wait a few minutes to our “instance” or “linode” is Running.

When it finishes configuring and starts correctly, we connect through the terminal by accessing ssh (the info appears in our linode panel, in the upper right corner)

Inside the machine, we type

cat /root/beef.info

and we will see 2 things, one will be a message that everything went ok, something like

##############################
# BEEF INSTALLATION COMPLETE #
##############################

and an endpoint-panel 😈 to access the BeEF Dashboard

Here we use the username beef and the password we entered at the beginning (pass-beff-user). Inside, we see 2 urls in the first paragraph

  • demo
  • advanced (this is the one we will use)

Go to hack ourselves

Let’s copy the “advanced” link and open a dummy browser. Let’s go to the link! we will see something like this

Nothing strange, BUT if we go back to the BeEF panel…

We did it!, but what can we do from now on? lots of things… as the goal of this is to learn how important it is not to click on an unknown link (and have fun).

Let’s go to Commands > Browser > Create Alert Dialog. We add a text and…. a pop-up appears in the browser hacked.

Scary, but amazing (and very easy).

Now, something more creepy. Go to Social Engineering > Google Phishing and execute

In the dummy-browser we will see…

If wee add, for example the user and password, another page will open as an error, and the main page will show us the correcto google auth windows (as if we make a mistake). But, in BeEF panel Module Results History, we see in raw way the data.

Some things that would be interesting to be able to do? maybe see the Browsing History or capture the LocalStorage… but that for another time.

Remember never enter links you don’t know

Beef
Hacking
Web Safe
Browser Security

--

--

Sebastián Vidal Aedo
Sebastián Vidal Aedo

Written by Sebastián Vidal Aedo

33 Followers
41 Following

🇨🇱 Code and Beer

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams