Scribd
Upload
61 views1 page

Binca Beef Browser Exploitation Framework

BeEF is a Ruby-based framework that focuses on delivering payloads to exploit browsers. It uses a JavaScript hook file injected via XSS to control victims' browsers from a panel and send commands even when victims are offline. Modules allow stealing the clipboard, injecting JavaScript, initiating HTTP requests, and browsing history. Other capabilities include controlling zombies, port scanning through zombies, browser exploitation by injecting Metasploit payloads, and exploiting protocols by injecting payloads into HTTP requests.

Uploaded by

darknetbot307
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
61 views1 page

Binca Beef Browser Exploitation Framework

BeEF is a Ruby-based framework that focuses on delivering payloads to exploit browsers. It uses a JavaScript hook file injected via XSS to control victims' browsers from a panel and send commands even when victims are offline. Modules allow stealing the clipboard, injecting JavaScript, initiating HTTP requests, and browsing history. Other capabilities include controlling zombies, port scanning through zombies, browser exploitation by injecting Metasploit payloads, and exploiting protocols by injecting payloads into HTTP requests.

Uploaded by

darknetbot307
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

BeEF (Browser Exploitation Framework) Cheat Sheet

by binca via cheatography.com/44948/cs/13444/

Overview

Extensive Ruby based framework with interp​rotocol features that focuses on payload delivery.
Various panels control a victim's browser.
If a zombie is offline when a command is issues it is sent when the browser reconn​ects.

The far left panel lists zombies, the next panel contains modules and the far right has descri​ption and config​uration options for the selected
module.
Employs JavaSript file hook.js, which is generated on the fly, to hook a browser. This file is injected via a XSS attack. The hook.js file changes
based on the issues commands.

Note: hook.js does not exist locally on the file system but can be viewed when running BeEF by downlo​ading it: wget http:/​/19​2.1​68.1.8​:30​0/h​‐
ook.js**

Icon Color Codes

Green Works on victim


Orange Works but may be visible
Grey Not confirmed to work
Red Does not work

Modules

Auto​run
Clipboard Stealing Steals contents of clipboard
JavaScript Injection
Request Initia​tion Instructs the zombie browser to make HTTP requests as directed. Excellent for CRF attacks or t download
software to the victim. Does not return page content to the attacker.
History Browsing Retrieves history via brute forced and can be used to finger​print victim, map infras​tru​cture, and determine other
targets. It requires a word lists, that is only prepop​ulated with a few terms.

Other Capabi​lities

Controlling Zombies
Port Scanning Port scan a network through the zombie, with a distri​buted network of them there is a low risk of
detection.
Browser Exploitation Injects an iframe into the zombie to deliver a browser exploit. This requires a running instance of
Metasploit reachable by the BeEF server. While it supports AutoPWN it is not recomm​ended due to
instab​ility.
Interprotocol Exploitation Because many protocols are forgiving and ignore junk including HTTP Request headers, BeEF will inject
a payload of a servic​e-side exploit into an HTTP request to be delivered to the target server by the
hooked browser. A BindShell could be the payload giving the attacker acces throuhg the BeEF controller
applic​aiton.

By binca Not published yet. Sponsored by Readable.com


cheatography.com/binca/ Last updated 9th November, 2017. Measure your website readability!
Page 1 of 1. https://readable.com

You might also like