Closed sawce7 closed 6 years ago
What is the problem? What are you expecting to achieve with that config? What happens instead? What output are you getting, if any?
Are these entries commented out in your config, or just in the config you pasted?
#public: "ngork host name" # public hostname/IP address
#public_port: "80" # experimental
Are you testing locally, or with ngrok?
Testing with ngork, problem is that I am not receiving a hook back from the butcher site when a user opens the link. Not getting a hook error anymore either but still not retrieving a hook.
Make sure the public
and public_port
entries are not commented out.
What do you exactly mean by commented out?
Do this:
public: "ngork host name" # public hostname/IP address
public_port: "80" # experimental
Not this:
#public: "ngork host name" # public hostname/IP address
#public_port: "80" # experimental
Ohh ok got you.
Did that, ran beef again with ./beef
3: from /root/beef/extensions/proxy/api.rb:20:in `new'
2: from /root/beef/extensions/proxy/proxy.rb:21:in `initialize'
1: from /root/beef/extensions/proxy/proxy.rb:21:in `new'
/root/beef/extensions/proxy/proxy.rb:21:in `initialize': Address already in use - bind(2) for "127.0.0.1" port 6789 (Errno::EADDRINUSE)
Saw this in the terminal.
That's probably not a big deal. Something is already listening on port 6789..... Make sure you didn't leave the beef-xss
service running.
SO what I have noticed so far is that If I just use the beef application on kali thats pre installed. The hook always gives an error. Cloning it worked but I dont know why I didnt get the hooked ip in my UI.
Yes
GET /hook.js 500 Internal Serve Error
AGAIN ;x
When I added the script to the butcher index.html I never included the UI path, maybe thats why I am getting this error???
Make sure the beef-xss
service is not running (service beef-xss stop
). Make sure you run ./beef
from the cloned BeEF repository.
Paste the error log.
Clone BeEF. Change the public and public_port properties. Change nothing else. Run BeEF.
Ok after stopping the service I didn't get any errors, I'm going to test to see if i get the hook error now.
root@kali:~/beef# service beef-xss stop
root@kali:~/beef# ./beef
[16:30:16][] Browser Exploitation Framework (BeEF) 0.4.7.0-alpha
[16:30:16] | Twit: @beefproject
[16:30:16] | Site: https://beefproject.com
[16:30:16] | Blog: http://blog.beefproject.com
[16:30:16] |_ Wiki: https://github.com/beefproject/beef/wiki
[16:30:16][] Project Creator: Wade Alcorn (@WadeAlcorn)
[16:30:16][] BeEF is loading. Wait a few seconds...
[16:30:20][] 8 extensions enabled.
[16:30:20][] 302 modules enabled.
[16:30:20][] 2 network interfaces were detected.
[16:30:20][] running on network interface: 127.0.0.1
[16:30:20] | Hook URL: http://127.0.0.1:3000/hook.js
[16:30:20] |_ UI URL: http://127.0.0.1:3000/ui/panel
[16:30:20][] running on network interface: 10.0.2.15
[16:30:20] | Hook URL: http://10.0.2.15:3000/hook.js
[16:30:20] | UI URL: http://10.0.2.15:3000/ui/panel
[16:30:20][!] Warning: Default username and weak password in use!
[16:30:20] | New password for this instance: c4a4145fa900d2c1f889db14a8a9dea3
[16:30:20][] RESTful API key: 6f877bf379722a396567e82e78c4b27a937f78a2
[16:30:20][] HTTP Proxy: http://127.0.0.1:6789
[16:30:20][*] BeEF server started (press control+c to stop)
2018-09-29 16:31:42 - NameError - uninitialized constant Rack::File::Iterator:
/var/lib/gems/2.5.0/gems/sinatra-2.0.4/lib/sinatra/base.rb:261:in body' /var/lib/gems/2.5.0/gems/sinatra-2.0.4/lib/sinatra/base.rb:1085:in
invoke'
/var/lib/gems/2.5.0/gems/sinatra-2.0.4/lib/sinatra/base.rb:1094:in dispatch!' /var/lib/gems/2.5.0/gems/sinatra-2.0.4/lib/sinatra/base.rb:924:in
block in call!'
/var/lib/gems/2.5.0/gems/sinatra-2.0.4/lib/sinatra/base.rb:1076:in block in invoke' /var/lib/gems/2.5.0/gems/sinatra-2.0.4/lib/sinatra/base.rb:1076:in
catch'
/var/lib/gems/2.5.0/gems/sinatra-2.0.4/lib/sinatra/base.rb:1076:in invoke' /var/lib/gems/2.5.0/gems/sinatra-2.0.4/lib/sinatra/base.rb:924:in
call!'
/var/lib/gems/2.5.0/gems/sinatra-2.0.4/lib/sinatra/base.rb:913:in call' /var/lib/gems/2.5.0/gems/rack-2.0.5/lib/rack/null_logger.rb:9:in
call'
/usr/lib/ruby/vendor_ruby/rack/head.rb:13:in call' /var/lib/gems/2.5.0/gems/sinatra-2.0.4/lib/sinatra/base.rb:194:in
call'
/var/lib/gems/2.5.0/gems/sinatra-2.0.4/lib/sinatra/base.rb:1957:in call' /usr/lib/ruby/vendor_ruby/rack/urlmap.rb:66:in
block in call'
/usr/lib/ruby/vendor_ruby/rack/urlmap.rb:50:in each' /usr/lib/ruby/vendor_ruby/rack/urlmap.rb:50:in
call'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:86:in block in pre_process' /usr/lib/ruby/vendor_ruby/thin/connection.rb:84:in
catch'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:84:in pre_process' /usr/lib/ruby/vendor_ruby/thin/connection.rb:53:in
process'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:39:in receive_data' /var/lib/gems/2.5.0/gems/eventmachine-1.0.9.1/lib/eventmachine.rb:193:in
run_machine'
/var/lib/gems/2.5.0/gems/eventmachine-1.0.9.1/lib/eventmachine.rb:193:in run' /usr/lib/ruby/vendor_ruby/thin/backends/base.rb:73:in
start'
/usr/lib/ruby/vendor_ruby/thin/server.rb:162:in start' /root/beef/core/main/server.rb:161:in
start'
./beef:220:in `
Ok, you can probably fix that by following the instructions here #1593
#
#
diff --git a/Gemfile b/Gemfile index 029b0d52..a5d1a2e9 100644 --- a/Gemfile +++ b/Gemfile @@ -8,8 +8,8 @@
gem 'eventmachine' gem 'thin' -gem 'sinatra', '~> 2.0' -gem 'rack', '~> 2.0' +gem 'sinatra', '~> 1.2' +gem 'rack', '~> 1.6.8' gem 'rack-protection', '~> 2.0' gem 'em-websocket' # WebSocket support gem 'uglifier'
gem 'eventmachine' gem 'thin' gem 'sinatra', '~> 2.0' gem 'rack', '~> 2.0' gem 'rack-protection', '~> 2.0' gem 'em-websocket' # WebSocket support gem 'uglifier' gem 'mime-types' gem 'execjs' gem 'ansi' gem 'term-ansicolor', :require => 'term/ansicolor' gem 'dm-core' gem 'json' gem 'data_objects' gem 'rubyzip', '>= 1.2.2' gem 'espeak-ruby', '>= 1.0.4' # Text-to-Voice gem 'nokogiri', '>= 1.7' gem 'rake'
group :sqlite do gem 'dm-sqlite-adapter' end
group :postgres do
end
group :mysql do
end
group :geoip do gem 'geoip' end
gem 'parseconfig' gem 'erubis' gem 'dm-migrations'
group :ext_msf do gem 'msfrpc-client' gem 'xmlrpc' end
group :ext_notifications do
gem 'rushover'
gem 'slack-notifier'
gem 'twitter', '>= 5.0.0' end
group :ext_dns do gem 'rubydns', '~> 0.7.3' end
group :ext_network do gem 'dm-serializer' end
group :ext_qrcode do gem 'qr4r' end
group :test do if ENV['BEEF_TEST'] gem 'test-unit' gem 'test-unit-full' gem 'rspec' gem 'rdoc'
# sudo apt-get install libcurl4-openssl-dev
gem 'curb'
# selenium-webdriver 3.x is incompatible with Firefox version 48 and prior
gem 'selenium'
gem 'selenium-webdriver', '~> 2.53.4'
# nokogirl is needed by capybara which may require one of the below commands
# sudo apt-get install libxslt-dev libxml2-dev
# sudo port install libxml2 libxslt
gem 'capybara'
# RESTful API tests/generic command module tests
gem 'rest-client', '>= 2.0.1'
gem 'byebug'
end end
source 'https://rubygems.org'
How do I got fourth removing GemFile.lock
rm Gemfile.lock
You horribly mess up your Gemfile. You need to apply the diff properly.
Yea, I got errors after bundling.
How do I apply the diff to the gemfile?
Nevermind found a site.
root@kali:/beef# bundle install
Don't run Bundler as root. Bundler can ask for sudo if it is needed, and
installing your bundle as root will break this application for all non-root
users on this machine.
Using rake 12.3.1
Using public_suffix 3.0.3
Using addressable 2.5.2
Using ansi 1.5.0
Using buftok 0.2.0
Using bundler 1.16.1
Using chunky_png 1.3.10
Using daemons 1.2.6
Using data_objects 0.10.17
Using dm-core 1.2.1
Using dm-do-adapter 1.2.0
Using dm-migrations 1.2.0
Using dm-serializer 0.10.0
Using do_sqlite3 0.10.17
Using dm-sqlite-adapter 1.2.0
Using unf_ext 0.0.7.5
Using unf 0.1.4
Using domain_name 0.5.20180417
Using eventmachine 1.0.9.1
Using http_parser.rb 0.6.0
Using em-websocket 0.5.1
Using equalizer 0.0.11
Using erubis 2.7.0
Using espeak-ruby 1.0.4
Using execjs 2.7.0
Using filesize 0.2.0
Using geoip 1.6.4
Using http-cookie 1.0.3
Using http-form_data 2.1.1
Using http 3.3.0
Using rkelly-remix 0.0.7
Using jsobfu 0.4.2
Using json 2.1.0
Using thread_safe 0.3.6
Using memoizable 0.4.2
Using metasm 1.0.3
Using mime-types-data 3.2018.0812
Using mime-types 3.2.2
Using mini_portile2 2.3.0
Using mojo_magick 0.5.6
Using msgpack 1.2.4
Using nokogiri 1.8.4
Using rb-readline 0.5.5
Using rex 2.0.12
Using msfrpc-client 1.1.1
Using multipart-post 2.0.0
Using mustermann 1.0.3
Using naught 1.1.0
Using netrc 0.11.0
Using parseconfig 1.0.8
Using rqrcode 0.10.1
Using qr4r 0.4.1
Using rack 2.0.5
Using rack-protection 2.0.4
Using rainbow 3.0.0
Using rest-client 2.0.2
Using rexec 1.6.3
Using rubydns 0.7.3
Using rubyzip 1.2.2
Using rushover 0.3.0
Using simple_oauth 0.3.1
Using tilt 2.0.8
Using sinatra 2.0.4
Using slack-notifier 2.3.2
Using tins 1.16.3
Using term-ansicolor 1.6.0
Using thin 1.7.2
Using twitter 6.2.0
Using uglifier 4.1.19
Using xmlrpc 0.3.0
Bundle complete! 31 Gemfile dependencies, 70 gems now installed.
Gems in the groups test and development were not installed.
Use bundle info [gemname]
to see where a bundled gem is installed.
root@kali:/beef#
root@kali:~# service beef-xss stop root@kali:~# cd beef root@kali:~/beef# ./beef
[!] There was an error parsing Gemfile
: syntax error, unexpected tCONSTANT, expecting keyword_do or '{' or '(' - diff --git Beef/Gemfile Beef/Gemfile
^~~~
/root/beef/Gemfile:9: syntax error, unexpected tCONSTANT, expecting keyword_do or '{' or '('
diff --git Beef/Gemfile Beef/Gemfile
^~~~
/root/beef/Gemfile:10: Invalid octal digit
index 029b0d52..a5d1a2e9 100644
^~~
/root/beef/Gemfile:10: syntax error, unexpected tIDENTIFIER, expecting end-of-input
index 029b0d52..a5d1a2e9 100644
^~~~~. Bundler cannot continue.
diff --git Beef/Gemfile Beef/Gemfile
index 029b0d52..a5d1a2e9 100644
-------------------------------------------
root@kali:~/beef#
You messed up your Gemfile. Apply the diff properly.
If I just reinstall kali linux, will this be fixed?
Only takes 5 minutes to get back up and running for me.
The BeEF package is broken on Kali due to a broken Ruby environment on Kali.
Applying the diff is much easier than reinstalling Kali. Use your eyes.
How do I apply the diff properly, this is the first time using kali. Coming from C++.
glhf
Site I was on basically told me to just insert the prject name into a/ and a/b and thats it.
Here you go
# BeEF's Gemfile
#
# Copyright (c) 2006-2018 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
gem 'eventmachine'
gem 'thin'
gem 'sinatra', '~> 1.2'
gem 'rack', '~> 1.6.8'
gem 'rack-protection', '~> 2.0'
gem 'em-websocket' # WebSocket support
gem 'uglifier'
gem 'mime-types'
gem 'execjs'
gem 'ansi'
gem 'term-ansicolor', :require => 'term/ansicolor'
gem 'dm-core'
gem 'json'
gem 'data_objects'
gem 'rubyzip', '>= 1.2.2'
gem 'espeak-ruby', '>= 1.0.4' # Text-to-Voice
gem 'nokogiri', '>= 1.7'
gem 'rake'
# SQLite support
group :sqlite do
gem 'dm-sqlite-adapter'
end
# PostgreSQL support
group :postgres do
#gem dm-postgres-adapter
end
# MySQL support
group :mysql do
#gem dm-mysql-adapter
end
# Geolocation support
group :geoip do
gem 'geoip'
end
gem 'parseconfig'
gem 'erubis'
gem 'dm-migrations'
# Metasploit Integration extension
group :ext_msf do
gem 'msfrpc-client'
gem 'xmlrpc'
end
# Notifications extension
group :ext_notifications do
# Pushover
gem 'rushover'
# Slack
gem 'slack-notifier'
# Twitter
gem 'twitter', '>= 5.0.0'
end
# DNS extension
group :ext_dns do
gem 'rubydns', '~> 0.7.3'
end
# network extension
group :ext_network do
gem 'dm-serializer'
end
# QRcode extension
group :ext_qrcode do
gem 'qr4r'
end
# For running unit tests
group :test do
if ENV['BEEF_TEST']
gem 'test-unit'
gem 'test-unit-full'
gem 'rspec'
gem 'rdoc'
# curb gem requires curl libraries
# sudo apt-get install libcurl4-openssl-dev
gem 'curb'
# selenium-webdriver 3.x is incompatible with Firefox version 48 and prior
gem 'selenium'
gem 'selenium-webdriver', '~> 2.53.4'
# nokogirl is needed by capybara which may require one of the below commands
# sudo apt-get install libxslt-dev libxml2-dev
# sudo port install libxml2 libxslt
gem 'capybara'
# RESTful API tests/generic command module tests
gem 'rest-client', '>= 2.0.1'
gem 'byebug'
end
end
source 'https://rubygems.org'
root@kali:~/beef# patch < gemfilepatch.patch patching file Gemfile patch unexpectedly ends in middle of line Hunk #1 succeeded at 8 with fuzz 1. root@kali:~/beef#
There we go, this looking better?
root@kali:~/beef# patch < gemfilepatch.patch
patching file Gemfile
patch unexpectedly ends in middle of line
Hunk #1 succeeded at 8 with fuzz 1.
root@kali:~/beef# bundle install
Don't run Bundler as root. Bundler can ask for sudo if it is needed, and
installing your bundle as root will break this application for all non-root
users on this machine.
Fetching gem metadata from https://rubygems.org/..........
Fetching gem metadata from https://rubygems.org/.
Resolving dependencies....
Using rake 12.3.1
Using public_suffix 3.0.3
Using addressable 2.5.2
Using ansi 1.5.0
Using buftok 0.2.0
Using bundler 1.16.1
Using chunky_png 1.3.10
Using daemons 1.2.6
Using data_objects 0.10.17
Using dm-core 1.2.1
Using dm-do-adapter 1.2.0
Using dm-migrations 1.2.0
Using dm-serializer 0.10.0
Using do_sqlite3 0.10.17
Using dm-sqlite-adapter 1.2.0
Using unf_ext 0.0.7.5
Using unf 0.1.4
Using domain_name 0.5.20180417
Using eventmachine 1.0.9.1
Using http_parser.rb 0.6.0
Using em-websocket 0.5.1
Using equalizer 0.0.11
Using erubis 2.7.0
Using espeak-ruby 1.0.4
Using execjs 2.7.0
Using filesize 0.2.0
Using geoip 1.6.4
Using http-cookie 1.0.3
Using http-form_data 2.1.1
Using http 3.3.0
Using rkelly-remix 0.0.7
Using jsobfu 0.4.2
Using json 2.1.0
Using thread_safe 0.3.6
Using memoizable 0.4.2
Using metasm 1.0.3
Using mime-types-data 3.2018.0812
Using mime-types 3.2.2
Using mini_portile2 2.3.0
Using mojo_magick 0.5.6
Using msgpack 1.2.4
Using nokogiri 1.8.4
Using rb-readline 0.5.5
Using rex 2.0.12
Using msfrpc-client 1.1.1
Using multipart-post 2.0.0
Using naught 1.1.0
Using netrc 0.11.0
Using parseconfig 1.0.8
Using rqrcode 0.10.1
Using qr4r 0.4.1
Fetching rack 1.6.10
Installing rack 1.6.10
Using rack-protection 2.0.4
Using rainbow 3.0.0
Using rest-client 2.0.2
Using rexec 1.6.3
Using rubydns 0.7.3
Using rubyzip 1.2.2
Using rushover 0.3.0
Using simpleoauth 0.3.1
Fetching tilt 1.4.1
Installing tilt 1.4.1
Fetching sinatra 1.2.8
Installing sinatra 1.2.8
Using slack-notifier 2.3.2
Using tins 1.16.3
Using term-ansicolor 1.6.0
Using thin 1.7.2
Using twitter 6.2.0
Using uglifier 4.1.19
Using xmlrpc 0.3.0
Bundle complete! 31 Gemfile dependencies, 69 gems now installed.
Gems in the groups test and development were not installed.
Use bundle info [gemname]
to see where a bundled gem is installed.
root@kali:~/beef# ./beef
[17:50:56][*] Browser Exploitation Framework (BeEF) 0.4.7.0-alpha
[17:50:56] | Twit: @beefproject
[17:50:56] | Site: https://beefproject.com
[17:50:56] | Blog: http://blog.beefproject.com
[17:50:56] | Wiki: https://github.com/beefproject/beef/wiki
[17:50:56][] Project Creator: Wade Alcorn (@WadeAlcorn)
[17:50:56][] BeEF is loading. Wait a few seconds...
[17:51:00][] 8 extensions enabled.
[17:51:00][] 302 modules enabled.
[17:51:00][] 2 network interfaces were detected.
[17:51:00][] running on network interface: 127.0.0.1
[17:51:00] | Hook URL: http://127.0.0.1:3000/hook.js
[17:51:00] | UI URL: http://127.0.0.1:3000/ui/panel
[17:51:00][*] running on network interface: 10.0.2.15
[17:51:00] | Hook URL: http://10.0.2.15:3000/hook.js
[17:51:00] | UI URL: http://10.0.2.15:3000/ui/panel
[17:51:00][!] Warning: Default username and weak password in use!
[17:51:00] |_ New password for this instance: 10c07b4661df5e16c8225ed76e3c2b36
[17:51:00][] RESTful API key: 4f0f6321cb324f5c098a3cba88f1aa3a802117c3
[17:51:00][] HTTP Proxy: http://127.0.0.1:6789
Traceback (most recent call last):
6: from /root/beef/extensions/proxy/api.rb:19:in block in pre_http_start' 5: from /root/beef/extensions/proxy/api.rb:19:in
synchronize'
4: from /root/beef/extensions/proxy/api.rb:20:in block (2 levels) in pre_http_start' 3: from /root/beef/extensions/proxy/api.rb:20:in
new'
2: from /root/beef/extensions/proxy/proxy.rb:21:in initialize' 1: from /root/beef/extensions/proxy/proxy.rb:21:in
new'
/root/beef/extensions/proxy/proxy.rb:21:in `initialize': Address already in use - bind(2) for "127.0.0.1" port 6789 (Errno::EADDRINUSE)
[17:51:00][*] BeEF server started (press control+c to stop)
[17:51:00][!] Another process is already listening on port 3000, or you're trying to bind BeEF to an invalid IP.
[17:51:00][!] Is BeEF already running? Exiting...
root@kali:~/beef#
It does, except that something is already listening on port 3000. Is another instance of BeEF already running? Is the beef-xss
service still running?
You can discover what is already listening on port 3000
with: lsof -i :3000
root@kali:~/beef# lsof -i :3000 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME ruby 20760 root 13u IPv4 71700 0t0 TCP *:3000 (LISTEN)
You can kill a process with kill -9 <PID>
You can stop a service with service <service name> stop
So in this case I would need to end ruby. So "kill -9 20760"
yes
hmmm, beef is still giving me ERROR: invalid username or password
Read the console output
Ahh I feel so stupid, I'm over thinking because I have been at this for so long. I really appreciate your help.
Still getting hook.js error :(
What error are you getting. I can't read your mind or see your screen. Provide output.
500 Internal Server Error
What error are you getting in console. If you are getting no error in console, set debug: true
in config.yaml
.
Verify first that your issue/request has not been posted previously:
Ensure you're using the latest version of BeEF.
Environment
What version/revision of BeEF are you using? (0.4.7.0-0kali4). On what version of Ruby? Not sure what Ruby is used for. But before I had ngrof, BeEF would open. On what browser? Firefox On what operating system? Kali Linux 64bit
Configuration
Are you using a non-default configuration? Yes, Just changed "dns_host" and "db_host" in the "/usr/share/beef-xss# leafpad config.yaml" to my public IP. For the "cd extensions/metasploit/config.yaml I changed "host" and "callback_host" to my public IP. I also changed:
HTTP server
http: debug: false #Thin: :Logging.debug, very verbose. Prints Also full exception stack trace. host: "0.0.0.0" port: "80"
I changed the default port above to "80" instead of "3000" because I am using ngrof and If I kept it at 3000, I wouldn't get a hook back from BeEF. I followed these:
https://github.com/beefproject/beef/issues/1489 https://null-byte.wonderhowto.com/how-to/beef-browser-exploitation-framework-project-over-wan-0168022/
Have you enabled or disabled any BeEF extensions? No
Summary
Please provide a summary of the issue. BeEF says its "Unable to connect" after launching it. Also, I cant receive hooks while using ngrof. Literally read every article on this and I cant figure it out. Please help me, I've been researching this problem all day.
Expected Behaviour
What was the expected result? To be able to receive hooks using ngrof and BeEF.
Actual Behavior
What was the actual result? BeEF not being able to load and not recieving hooks.
Steps to Reproduce
Please provide steps to reproduce this issue. N/A
Additional Information
Please provide any additional information which may be useful in resolving this issue, such as debugging output and relevant screen shots.
https://gyazo.com/d39c19b0ccc3794a1c42e885c10cc7cc