Closed Brolupyr777 closed 2 years ago
I can't exactly understand how to running externally, it works locally, but when I run it outside like on a different device, it says that the server is offline
This question has been asked many many many times before. The good news is that one of the developers is working on writing some blog posts to assist with this. The bad news is that basic knowledge of networking fundamentals is required.
There are two approaches:
Exposing BeEF to the Internet is easy. It is a network service like any other. A small change to the configuration file is required once you have your network routes configured correctly. Configuring your network is outside the scope of the BeEF project.
If you let us know where you get stuck then someone may help out.
If you would like to understand what you're doing rather than blindly copy/paste commands, I suggest reading about about NAT and port forwarding:
I got stuck on the phishing link, when I ran it locally on my kali virtual machine and it worked perfectly, I got a connection and could execute any command, I tried to open the link on my main machine and it gave out an error of the port refusing to connect.
I got stuck on the phishing link
What phishing link? Do you mean the hook URL?
when I ran it locally on my kali virtual machine and it worked perfectly, I got a connection and could execute any command, I tried to open the link on my main machine and it gave out an error of the port refusing to connect.
What is your main machine? Do you mean the host operating system? Is Kali running in a virtual machine? Are you using the correct IP address for the network interface on the kali host?
Yes, the hook URL, my main machine is the (victim) that receives it, the Kali is running on a virtual machine, I think so. If you know any resources like a youtube video where I can learn the requiring knowledge to set it up, please let me know.
Yes, the hook URL, my main machine is the (victim) that receives it, the Kali is running on a virtual machine, I think so. If you know any resources like a youtube video where I can learn the requiring knowledge to set it up, please let me know.
BeEF is a network service like any other. You must be able to establish a network route from one machine to the other.
I suggest using netcat nc
to troubleshoot issues with your network configuration.
You can listen for a connection with netcat on one machine like so:
nc -lp 1337
Then try to connect to it from another machine using any connection capable of making a TCP connection, such as a web browser. For example, attempt to connect to the listening netcat service by browsing to http://your.ip.address:1337/hello
. If the connection was successful, you should see the HTTP request in the listening netcat terminal window.
when I type 'nc -lp 1337', my terminal just freezes and in http://your.ip.address:1337/hello do I type in my public ip, and keep everything else the same?
when I type 'nc -lp 1337', my terminal just freezes
It is waiting for a connection.
and in http://your.ip.address:1337/hello do I type in my public ip, and keep everything else the same?
You are trying to diagnose issues with your network configuration. From one host to another. To test whether you can connect to a port on an IP address you should use that port and that IP address.
So do I use a different IP, like my target IP?
So do I use a different IP, like my target IP?
On Linux you can list your network interface IP addresses with ifconfig
. If ifconfig
is not installed you can list your IP addresses with ip addr
.
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 08:00:27:54:10:fc brd ff:ff:ff:ff:ff:ff inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute eth0 valid_lft 75352sec preferred_lft 75352sec inet6 fe80::a00:27ff:fe54:10fc/64 scope link noprefixroute valid_lft forever preferred_lft forever
what do I do know?
what do I do know?
Take a step back and think about what you're trying to do.
Based on the IP address 10.0.2.15
I presume your host is running in QEMU. That is going to make things harder. You'll need to configure network interfaces for the virtual machine so other hosts can access it.
Can you give me some instructions or a youtube vid to follow?
Can you give me some instructions or a youtube vid to follow?
https://www.youtube.com/results?search_query=qemu+add+network+interface
just to make things clear I am using a VB
just to make things clear I am using a VB
Virtual Box?
yes
yes
Then don't bother with looking up QEMU.
Is the network adapter in the Virtual Box virtual machine configured in NAT mode or bridged mode?
I have no Idea
Mine says it's attached to nat
Mine says it's attached to nat
Ok. That means it will be accessible only within the same NAT'd environment. Virtual Box has its own NAT'd virtual network, which consists of the host running Virtual Box and all virtual machines running on that host.
Is the host you're trying to hook with BeEF on the same virtual network? ie, is it the host running Virtual Box or all virtual machines running on that host.
No, I am trying to hook an external pc, does that mean that I can't hook anyone externally on vb?
No, I am trying to hook an external pc, does that mean that I can't hook anyone externally on vb?
You can hook external browsers in Virtual Box but you will need to configure your network routes appropriately.
There are two approaches:
Novices use the tunneling approach because it is apparently easier.
If you want to use the port forwarding approach you will need to either:
i download ngrok, but how do I open it?
i download ngrok, but how do I open it?
ngrok
is a command line tool.
./ngrok
ngrok http 3000
Command 'ngrok' not found, did you mean:
command 'grok' from deb grok
Try: sudo apt install
ngrok http 3000 Command 'ngrok' not found, did you mean: command 'grok' from deb grok Try: sudo apt install
./ngrok http 3000
I extracted it, when I try to use the command, it gives out an error
`ngrok by @inconshreveable (Ctrl+C to quit)
Session Status online
Session Expires 1 hour, 59 minutes
Version 2.3.40
Region United States (us)
Web Interface http://127.0.0.1:4040
Forwarding http://faa6-73-11-43-188.ngrok.io -> http://localh
Forwarding https://faa6-73-11-43-188.ngrok.io -> http://local
Connections ttl opn rt1 rt5 p50 p90
0 0 0.00 0.00 0.00 0.00`
Your ngrok host is faa6-73-11-43-188.ngrok.io
. You will need to use this in the configuration file as per the instructions:
debug: false # Will print verbose message in BeEF console
host: "localhost" # IP address of the web server
port: "3000" # Port of the web server
public:
host: "<your-id>.ngrok.io" # public hostname/IP address
port: "443"
https: true
# Reverse Proxy / NAT
# If you want BeEF to be accessible behind a reverse proxy or NAT,
# set both the publicly accessible hostname/IP address and port below:
# NOTE: Allowing the reverse proxy will enable a vulnerability where the ui/panel can be spoofed
# by altering the X-FORWARDED-FOR ip address in the request header.
allow_reverse_proxy: true
what is all of this?
what is all of this?
It is configuration data for the config.yaml
configuration file, as per the description on the line immediately above it.
How do I access the config.yaml?
How do I access the config.yaml?
It is a text file. Open it with a text editor.
what is the path to config.yaml?
what is the path to config.yaml?
the beef directory
I had beef pre installed so I have no Idea where is it
I had beef pre installed so I have no Idea where is it
On Kali it is probably here:
/etc/beef-xss/config.yaml
/etc/beef-xss/config.yaml cd: not a directory: /etc/beef-xss/config.yaml
/etc/beef-xss/config.yaml cd: not a directory: /etc/beef-xss/config.yaml
Correct.
this is an error
Open the config.yaml configuration file in a text editor.
I know how to cat, but I don't know how to use the text editor
Open the config.yaml configuration file in a text editor.
?
Open the config.yaml configuration file in a text editor.
?
The default text editor on Kali is gedit
You may also have leafpad
.
It says that I don't have the permission
Hi, can someone please explain the solution to me in simple words, step by step since I am new in Linux and Github in general and would love that Thanks!