Beef Xss Authentication Page No Login Prompt
Every bit we promised you in our final Jour-Set up meeting there is new serial on hacking mobile devices, web applications, and even Facebook and Google hither in Pheniix, and nosotros intend to deliver you those in 2020. In this article, we endeavour to hack browsers with Beef.
In each of those topics, nosotros volition innovate y'all to new hacking tools and techniques, though, one tool that we will be using in all of those areas is called the Browser Exploitation Framework, or BeEF.
Introduction to BeEF:
BeEF is brusque for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the spider web browser.
Amid growing concerns most web-borne attacks confronting clients, including mobile clients, BeEF allows the professional penetration tester to assess the bodily security posture of a target environment by using customer-side assault vectors. Unlike other security frameworks, Beefiness looks past the hardened network perimeter and customer system and examines exploitability inside the context of the one open door: the web browser. Beefiness volition hook ane or more web browsers and utilize them as beachheads for launching directed command modules and further attacks against the system from inside the browser context.
Like to Metasploit, BeEF is a framework for launching attacks. Unlike Metasploit, it is specific to launching attacks confronting spider web browsers. In some cases, nosotros will be able to use BeEF in conjunction with Metasploit to launch specific attacks, so permit's jump in!
Beefiness was adult by a group of developers led by Wade Alcorn. Built on the familiar Ruby on Runway platform, BeEF was adult to explore the vulnerabilities in browsers and test them. In item, Beefiness is an fantabulous platform for testing a browser's vulnerability to cross-site scripting (XSS) and other OWASP vulnerabilities.
How to beginning Beef?
Beef is built into Kali Linux, and information technology tin can be started as a service and accessed via a spider web browser on your localhost. So permit's start jump into BeEF. Start the Beefiness service past going to "Applications" -> "Kali Linux" -> "System Services" -> "Beef" -> "beef outset."
Access BeEF via a browser:
The Beef server can be accessed via whatsoever browser on our localhost (127.0.0.one) webserver at port 3000. To access its authentication page, go to http://localhost:3000/ui/hallmark
The default credentials are "beefiness" for both username and countersign.
Awesome! Now you have successfully logged into BeEF and are ready to brainstorm using this powerful platform to hack web browsers.
Annotation that in the screenshot beneath that my local browser, 127.0.0.one, appears in the left hand "Hooked Browsers" explorer after I clicked on the link to the demo page. Beefiness also displays its "Getting Started" window to the correct.
Viewing Browser Details
If we click on the local browser, it will provide more choices to the right including a "Details" window where nosotros can get all the particulars of that browser. Since I am using the Iceweasel browser built into Kali, which is built upon Firefox, information technology shows me that the browser is Firefox.
It also shows me the version number (24), the platform (Linux i686), any components (Flash, web sockets, etc.), and more than information that nosotros will be able to use in later web application hacks.
Hooking a Browser
The fundamental to success with BeEF is to "claw" a browser. This basically means that nosotros need the victim to visit a vulnerable spider web app. This injected lawmaking in the "hooked" browser then responds to commands from the Beefiness server. From there, we can do a number of malicious things on the victim's computer.
BeEF has a JavaScript file called "hook.js," and if we are successful to get the victim to execute it in a vulnerable web app, we will hook their browser!
In the screenshot below, I have "hooked" an Internet Explorer 6 browser on an erstwhile Windows XP on my LAN at IP 192.168.89.191.
Executing Commands in the Browser
Now, that we take hooked the victim's browser, we tin can use numerous born commands that can be executed from the victim's browser. Below are just a few examples; at that place are many others.
- Get Visited Domains
- Webcam
- Go All Cookies
- Catch Google Contacts
- Screenshot
- Become Visited URLs
In the screenshot below, I chose the "Webcam" control that many of you may be interested in. As you can see, when I execute this command, an Adobe Flash dialog box will popular upward on the screen of the user asking, "Let Webcam?" If they click on "Allow," it will start to return pictures from the victim to you.
Of class, the user volition Not click on allow because fifty-fifty the most idiot PC user nowadays knows some basic security skills. Therefore yous can customize the text. For example, you could customize the button to say "A security update is bachelor for yous! Click here to secure your PC!" or "Your software is out of date. Click here to update and keep your reckoner secure." Other such letters might entice the victim to click on the box.
Getting Cookies
Once we have the browser hooked, at that place are most unlimited possibilities of what nosotros can do. If we wanted the cookies of the victim, we tin can become to "Chrome Extensions" and select "Get All Cookies" as shown in the screenshot below.
When we "Execute" it, it will brainstorm collecting all the cookies from the browser. Obviously, once you lot have the user's cookies, you are likely to have admission to their websites also.
Beefiness is an extraordinary and powerful tool for exploiting web browsers. In addition to what I have shown you here, it can also be used to leverage operating arrangement attacks.
Common bug:
If y'all accept problems in running BeEF then try this:
TRADEMARK LEGAL NOTICE
All product names, logos, and brands are the holding of their respective owners in Austria or other countries. All visitor, product and service names used in this website are for identification purposes simply. Pheniix is not affiliated with or an official partner of Cisco, CompTIA, Dimension Data, VMware, Amazon, Microsoft, Certified Upstanding Hacker, (ISC)², Juniper, Wireshark, Offensive Security, Google, GNS3, F5, Python, Linux, Java, OpenStack, Vagrant, Ansible, Docker, GIT, Blockchain or other companies. The use of these names, logos, and brands does non imply endorsement. The opinions expressed in Pheniix are personal perspectives and not those of Cisco, Dimension Information or any other company. Pheniix runs as an independent blog.
Source: https://www.linkedin.com/pulse/hack-browsers-beef-hook-mike-ghahremani