BeEF stands for The Browser Exploitation Framework. It is a penetration testing tool focusing on the web browser.
BeEF works on the principle of hooking. BeEF hooks one or more web browsers and uses them as beachheads for launching command modules and attacks to get control of the target.
There are many ways to implement BeEF, notably being:
- DNS SPOOFING
- Injection of code (need to be MITM)
- Using XSS Exploit
- Social Engineering
Kali Linux comes preinstalled with the BeEF framework. Search ‘BeEF’ in all applications and you’ll find three-
- BeEF Start: To start the Framework
- BeEF Stop: To stop the Framework
- BeEF XSS framework
Open BeEF start. You are prompted to set a password. Once set, press enter, and you will be redirected to the BeEF website on your browser.
Enter your credentials. The default username is beef.
Under hooked browsers, the Online Browsers will contain the browsers you are currently hooking.
While the Offline Browsers will show all the browsers which you had hooked previously.
Return to the terminal and execute the following:
#service apache2 start
As you can see, the address of my Virtual machine which just connected to my Kali’s address, is now shown under ‘Online Browsers’.
Now there are a variety of options offered by BeEF for us to use:Details:
Here the details of the browser hooked and information about the host machine are shown.
Logs:
This tab shows all the commands which have taken place on the hooked browser recently.
Proxy:
This tab can be used to configure and use the hooked browser as a proxy.
XSSRays:
Shows whether the hooked browser has any sort of XSS vulnerabilities.
Network:
Shows a graphical overview of the current network.
Commands:
This was a basic overview of BeEF and its capabilities. Once you manage to hook a browser, the possibilities are endless for the post connection phase!
Also, do note that after using BeEF, make sure to open ‘BeEF stop’, which you’ll find under all applications.
1 Comments
Mega Clean is designed to get rid of as many toxins as possible while also replenishing lost vitamins and minerals for better health. This strong drink is usually taken for detoxing from THC by diluting it. Mega Clean contains vitamins and herbs that help to balance electrolytes and specific gravity in diluted urine. This is a liquid herbal supplement that helps the urinary, circulatory, and digestive systems remove dangerous pollutants. It is a healthy way to purify your body while also getting the essential vitamins and minerals. Half-fill the Mega Clean bottle with water, give it a good shake and drink. Allow 15 minutes for the process to complete, and your odds of passing the test will increase by large margins. Passing a drug test with drug detox beverages like the Mega Clean detox is all about staying as clear of toxins as possible before the test. Each hour of sleep lowers the toxin level in the body, and the Mega Clean solution handles the rest. The immunoassay (ELISA) test is followed by the GC-MS test. The first inch and half of a strand of hair are screened for the test. This test works slower than the urine test and might also end up showing false positives.A blood test for weed can be highly effective, as long the authorities have the right equipment for it. Your blood starts storing traces of THC right after smoking weed.This test produces accurate and quick results but is rarely used by companies looking to hire you as it would throw up positive results only if you’ve just recently consumed weed.Q: What is the best way to detox before a drug test?A: There is no single foolproof trick that will ensure the best results every time.
ReplyDelete