mumachenxi commented 8 years ago

我不能在beef里导入metasploit 。。。。。help i can not take metaspoit in beef
my kali is 2.0....

mumachenxi commented 8 years ago

我不能在beef里导入metasploit 。。。。。help i can not take metaspoit in beef

my kali is 2.0.

mumachenxi commented 8 years ago

353281411@qq.com help..

bcoles commented 8 years ago

@mumachenxi what error are you getting? Have you followed the instructions ? What are you trying to achieve?

mumachenxi commented 8 years ago

hey boy ...when i start the beef and connect metasploit... root@kali:/usr/share/beef-xss# ./beef [11:25:50][] Bind socket [imapeudora1] listening on [0.0.0.0:2000]. [11:25:50][] Browser Exploitation Framework (BeEF) 0.4.6.1-alpha [11:25:50] | Twit: @beefproject [11:25:50] | Site: http://beefproject.com [11:25:50] | Blog: http://blog.beefproject.com [11:25:50] |_ Wiki: https://github.com/beefproject/beef/wiki [11:25:50][] Project Creator: Wade Alcorn (@WadeAlcorn) [11:27:58][!] API Fire Error: authentication failed in {:owner=>BeEF::Extension::Metasploit::API::MetasploitHooks, :id=>13}.post_soft_load() [11:27:58][] BeEF is loading. Wait a few seconds... [11:28:01][] 12 extensions enabled. [11:28:01][] 241 modules enabled. [11:28:01][*] 2 network interfaces were detected.

and my kali is 2.0....what can i do .i can no use the metasploit in beef oh my god

mumachenxi commented 8 years ago

Can you give me a study manual or something like that. I am a rookie。。。。。。。but i want to learn that!!thank you thank you thank you thank you

bcoles commented 8 years ago

This error...

[11:27:58][!] API Fire Error: authentication failed in {:owner=>BeEF::Extension::Metasploit::API::MetasploitHooks, :id=>13}.post_soft_load()

... means BeEF --> RPC --> Metasploit is failing.

As per the instructions and the FAQ, you need to do the following:

Enable MSF integration by changing beef.extension.metasploit.enable to true in BeEF's main config.yaml file. It should look like this:

        metasploit:
            enable: true

Ensure you load the msgrpc interface in Metasploit before starting BeEF: msf > load msgrpc ServerHost=127.0.0.1 Pass=abc123 SSL=y It should look like this:

# cowsay++
 ____________
< metasploit >
 ------------
       \   ,__,
        \  (oo)____
           (__)    )\
              ||--|| *

       =[ metasploit v4.11.23-dev-93ce0fe                 ]
+ -- --=[ 1541 exploits - 893 auxiliary - 266 post        ]
+ -- --=[ 438 payloads - 38 encoders - 8 nops             ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]

msf > load msgrpc ServerHost=127.0.0.1 Pass=abc123 SSL=y
[*] MSGRPC Service:  127.0.0.1:55552  (SSL)
[*] MSGRPC Username: msf
[*] MSGRPC Password: abc123
[*] Successfully loaded plugin: msgrpc

Ensure that the IP address supplied to Metasploit with the ServerHost parameter is the same IP address as specified in beef.extension.metasploit.host in extensions/metasploit/config.yaml

            name: 'Metasploit'
            enable: true
            # Metasploit msgrpc connection options
            host: "127.0.0.1"
            port: 55552
            user: "msf"
            pass: "abc123"

Ensure that the IP address specified in beef.extension.metasploit.callback_host in extensions/metasploit/config.yaml is the publicly accessible IP address for victim connections to Metasploit. It should look like this:

            # Public connect back host IP address for victim connections to Metasploit
            callback_host: "<ATTACKER WAN IP ADDRESS>"

Ensure that if SSL=y was supplied to Metasploit when starting msgrpc then beef.extension.metasploit.ssl is set to true. It should look like this:

            ssl: true
            ssl_version: 'TLS1'
            ssl_verify: true

mumachenxi commented 8 years ago

oh dear first i am very very happy for look your answer..but my english is not good ....i take a lot of text for it .but unuseful. look my config.... 1.in usr share beef-xss config: key: "beef_key.pem" cert: "beef_cert.pem" metasploit: enable: true social_engineering: enable: true evasion: enable: false console: shell: enable: false

ifconfig like this wlan0 Link encap:Ethernet HWaddr cc:3d:82:8a:d3:92
inet addr:192.168.11.101 Bcast:192.168.11.255 Mask:255.255.255.0 so my ip is 192.168.11.101

in usr share beef-xss extensions metasploit config.yaml extension: metasploit: name: 'Metasploit' enable: true host: "192.168.11.101" port: 55552 user: "msf" pass: "abc123" uri: '/api'

if you need "ssl: true" make sure you start msfrpcd with "SSL=y", like:

        # load msgrpc ServerHost=IP Pass=abc123 SSL=y
        ssl: true
        ssl_version: 'TLSv1'
        ssl_verify: true
        callback_host: "192.168.11.101"
        autopwn_url: "autopwn"
        auto_msfrpcd: false
        auto_msfrpcd_timeout: 120
        msf_path: [ 
          {os: 'osx', path: '/opt/local/msf/'},
          {os: 'livecd', path: '/opt/metasploit-framework/'},
          {os: 'bt5r3', path: '/opt/metasploit/msf3/'},
          {os: 'bt5', path: '/opt/framework3/msf3/'},
          {os: 'backbox', path: '/opt/backbox/msf/'},
          {os: 'kali', path: '/usr/share/metasploit-framework/'},
          {os: 'pentoo', path: '/usr/lib/metasploit'},
          {os: 'win', path: 'c:\metasploit-framework\'},
          {os: 'custom', path: '/usr/share/metasploit-framework/'}
        ]

3.service postgresql start and msfconsole =[ metasploit v4.11.5-2016010401 ]

-- --=[ 1517 exploits - 875 auxiliary - 257 post ]
-- --=[ 436 payloads - 37 encoders - 8 nops ]
-- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]

msf > load msgrpc ServerHost=192.168.11.101 Pass=abc123 SSL=y [] MSGRPC Service: 192.168.11.101:55552 (SSL) [] MSGRPC Username: msf [] MSGRPC Password: abc123 [] Successfully loaded plugin: msgrpca and and i reboot the kali cd /usr/share/beef-xss/ ./beef

root@kali:/usr/share/beef-xss# ./beef [ 9:58:07][] Bind socket [imapeudora1] listening on [0.0.0.0:2000]. [ 9:58:07][] Browser Exploitation Framework (BeEF) 0.4.6.1-alpha [ 9:58:07] | Twit: @beefproject [ 9:58:07] | Site: http://beefproject.com [ 9:58:07] | Blog: http://blog.beefproject.com [ 9:58:07] |_ Wiki: https://github.com/beefproject/beef/wiki [ 9:58:07][] Project Creator: Wade Alcorn (@WadeAlcorn) [ 9:58:07][!] API Fire Error: authentication failed in {:owner=>BeEF::Extension::Metasploit::API::MetasploitHooks, :id=>14}.post_soft_load() [ 9:58:07][] BeEF is loading. Wait a few seconds... [ 9:58:10][] 13 extensions enabled. [ 9:58:10][] 241 modules enabled. [ 9:58:10][*] 2 network interfaces were detected. [ 9:58:10][+] running on network interface: 127.0.0.1

oh my god i want fuck dogs...日了狗。。。 and then have a goodnight for you ..

bcoles commented 8 years ago

It looks like you're using an old version of BeEF:

[ 9:58:07][*] Browser Exploitation Framework (BeEF) 0.4.6.1-alpha

This version was released in July 13, 2015 - almost a year ago.

Try downloading the latest version of BeEF from git:

git clone https://github.com/beefproject/beef.git
cd beef
gem install bundler
bundle install
./beef

mumachenxi commented 8 years ago

thank you .you are a good man!

8181war commented 5 years ago

You are using the Default credentials [-] Please change user and/or passwd in /etc/beef-xss/config.yaml Help me pls 😭😭

bcoles commented 5 years ago

@8181war You are using the Default credentials. Change the password in config.yaml.

elfnight0 commented 4 years ago

oad msgrpc ### serverHost=ip public Pass=abc1234 [] MSGRPC Service: 127.0.0.1 :55552 [] MSGRPC Username: msf [] MSGRPC Password: abc1234 [] Successfully loaded plugin: msgrpc hi how do not change MSGRPC Service plz help me

beefproject / beef

help....about kali2.0 metasploit with beef #1256

if you need "ssl: true" make sure you start msfrpcd with "SSL=y", like: