Closed maddoctor87 closed 7 years ago
Hi @maddoctor87
This error message means that BeEF cannot communicate with Metasploit.
Firstly, you should consider updating BeEF to the latest version from GitHub. This should pull in the latest version of the msfrp-client
gem. The advantage of using the new gem is that it gives more accurate error messages. This will help you diagnose why the connection is failing.
Secondly, your metasploit config looks ok, however I notice you're using a public IP address for the host
and callback_host
. That's fine, however if you started msfrpc with interface of 127.0.0.1
then it will only bind to that interface which will make it inaccessible via
Thirdly, you're using ssl_version: 'TLSv1'
. This is mostly the cause of your problem. The correct format is TLS1
not TLSv1
. Its' a long story, which you can find in previously closed issues if you're interested.
I realise TLSv1
is the default, however this has been changed. It would be a good idea to use the latest version of BeEF from GitHub for a number of reasons; in particular, bug fixes such as this.
Verify first that your issue/request has not been posted previously:
Ensure you're using the latest version of BeEF.
Environment
What version/revision of BeEF are you using? 0.4.7.0-alpha
On what version of Ruby? 1:2.3.3 On what browser?
On what operating system?
Configuration
Are you using a non-default configuration?
Have you enabled or disabled any BeEF extensions?
Summary
I'm trying to integrate beef-xss and metasploit but I get this error = API Fire Error: authentication failed in {:owner=>BeEF::Extension::Metasploit::API::MetasploitHooks, :id=>20}.post_soft_load()
the config.yal are #
Copyright (c) 2006-2015 Wade Alcorn - wade@bindshell.net
Browser Exploitation Framework (BeEF) - http://beefproject.com
See the file 'doc/COPYING' for copying permission
#
BeEF Configuration file
beef: version: '0.4.7.0-alpha'
More verbose messages (server-side)
and
Please note that the ServerHost parameter must have the same value of host and callback_host variables here below.
Also always use the IP of your machine where MSF is listening.
beef: extension: metasploit: name: 'Metasploit' enable: true host: "79.21.173.84" port: 55552 user: "msf" pass: "abc123" uri: '/api'
if you need "ssl: true" make sure you start msfrpcd with "SSL=y", like:
please help