How do I accesss BeEF from outside the LAN

[Brolupyr777]

Hi, can someone please explain the solution to me in simple words, step by step since I am new in Linux and Github in general and would love that Thanks!

[Brolupyr777]

I can't exactly understand how to running externally, it works locally, but when I run it outside like on a different device, it says that the server is offline

[bcoles]

This question has been asked many many many times before. The good news is that one of the developers is working on writing some blog posts to assist with this. The bad news is that basic knowledge of networking fundamentals is required.

There are two approaches:

• Port Forwarding: https://github.com/beefproject/beef/wiki/FAQ#how-do-i-configure-beef-on-a-server-behind-nat
• Tunneling: https://github.com/beefproject/beef/wiki/FAQ#how-do-i-configure-beef-with-ngrok

Exposing BeEF to the Internet is easy. It is a network service like any other. A small change to the configuration file is required once you have your network routes configured correctly. Configuring your network is outside the scope of the BeEF project.

If you let us know where you get stuck then someone may help out.

If you would like to understand what you're doing rather than blindly copy/paste commands, I suggest reading about about NAT and port forwarding:

• https://en.wikipedia.org/wiki/Network_address_translation
• https://en.wikipedia.org/wiki/Port_forwarding

[Brolupyr777]

I got stuck on the phishing link, when I ran it locally on my kali virtual machine and it worked perfectly, I got a connection and could execute any command, I tried to open the link on my main machine and it gave out an error of the port refusing to connect.

[bcoles]

I got stuck on the phishing link

What phishing link? Do you mean the hook URL?

when I ran it locally on my kali virtual machine and it worked perfectly, I got a connection and could execute any command, I tried to open the link on my main machine and it gave out an error of the port refusing to connect.

What is your main machine? Do you mean the host operating system? Is Kali running in a virtual machine? Are you using the correct IP address for the network interface on the kali host?

[Brolupyr777]

Yes, the hook URL, my main machine is the (victim) that receives it, the Kali is running on a virtual machine, I think so. If you know any resources like a youtube video where I can learn the requiring knowledge to set it up, please let me know.

[bcoles]

Yes, the hook URL, my main machine is the (victim) that receives it, the Kali is running on a virtual machine, I think so. If you know any resources like a youtube video where I can learn the requiring knowledge to set it up, please let me know.

BeEF is a network service like any other. You must be able to establish a network route from one machine to the other.

I suggest using netcat nc to troubleshoot issues with your network configuration.

You can listen for a connection with netcat on one machine like so:

nc -lp 1337

Then try to connect to it from another machine using any connection capable of making a TCP connection, such as a web browser. For example, attempt to connect to the listening netcat service by browsing to http://your.ip.address:1337/hello. If the connection was successful, you should see the HTTP request in the listening netcat terminal window.

[Brolupyr777]

when I type 'nc -lp 1337', my terminal just freezes and in http://your.ip.address:1337/hello do I type in my public ip, and keep everything else the same?

[bcoles]

when I type 'nc -lp 1337', my terminal just freezes

It is waiting for a connection.

and in http://your.ip.address:1337/hello do I type in my public ip, and keep everything else the same?

You are trying to diagnose issues with your network configuration. From one host to another. To test whether you can connect to a port on an IP address you should use that port and that IP address.

[Brolupyr777]

So do I use a different IP, like my target IP?

[bcoles]

So do I use a different IP, like my target IP?

On Linux you can list your network interface IP addresses with ifconfig. If ifconfig is not installed you can list your IP addresses with ip addr.

[Brolupyr777]

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 08:00:27:54:10:fc brd ff:ff:ff:ff:ff:ff inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute eth0 valid_lft 75352sec preferred_lft 75352sec inet6 fe80::a00:27ff:fe54:10fc/64 scope link noprefixroute valid_lft forever preferred_lft forever

[Brolupyr777]

what do I do know?

[bcoles]

what do I do know?

Take a step back and think about what you're trying to do.

Based on the IP address 10.0.2.15 I presume your host is running in QEMU. That is going to make things harder. You'll need to configure network interfaces for the virtual machine so other hosts can access it.

[Brolupyr777]

Can you give me some instructions or a youtube vid to follow?

[bcoles]

Can you give me some instructions or a youtube vid to follow?

https://www.youtube.com/results?search_query=qemu+add+network+interface

[Brolupyr777]

https://www.youtube.com/watch?v=DYpaX4BnNlg?

[Brolupyr777]

just to make things clear I am using a VB

[bcoles]

just to make things clear I am using a VB

Virtual Box?

[Brolupyr777]

yes

[bcoles]

yes

Then don't bother with looking up QEMU.

Is the network adapter in the Virtual Box virtual machine configured in NAT mode or bridged mode?

[Brolupyr777]

I have no Idea

[bcoles]

I have no Idea

https://www.google.com/search?q=how+do+i+tell+if+a+virtual+box+is+nat+or+bridged

[Brolupyr777]

Mine says it's attached to nat

[bcoles]

Mine says it's attached to nat

Ok. That means it will be accessible only within the same NAT'd environment. Virtual Box has its own NAT'd virtual network, which consists of the host running Virtual Box and all virtual machines running on that host.

Is the host you're trying to hook with BeEF on the same virtual network? ie, is it the host running Virtual Box or all virtual machines running on that host.

[Brolupyr777]

No, I am trying to hook an external pc, does that mean that I can't hook anyone externally on vb?

[bcoles]

No, I am trying to hook an external pc, does that mean that I can't hook anyone externally on vb?

You can hook external browsers in Virtual Box but you will need to configure your network routes appropriately.

There are two approaches:

• Port Forwarding: https://github.com/beefproject/beef/wiki/FAQ#how-do-i-configure-beef-on-a-server-behind-nat
• Tunneling: https://github.com/beefproject/beef/wiki/FAQ#how-do-i-configure-beef-with-ngrok

Novices use the tunneling approach because it is apparently easier.

If you want to use the port forwarding approach you will need to either:

• forward ports from your border router to your host OS, then again from your host OS to the correct port on the virtual machine; or
• change the virtual machine network adapter from NAT to bridged then forward a port from your border router to the virtual machine.

[Brolupyr777]

i download ngrok, but how do I open it?

[bcoles]

i download ngrok, but how do I open it?

ngrok is a command line tool.

./ngrok

[Brolupyr777]

ngrok http 3000 Command 'ngrok' not found, did you mean: command 'grok' from deb grok Try: sudo apt install

[bcoles]

ngrok http 3000 Command 'ngrok' not found, did you mean: command 'grok' from deb grok Try: sudo apt install

./ngrok http 3000

[Brolupyr777]

I extracted it, when I try to use the command, it gives out an error

[Brolupyr777]

`ngrok by @inconshreveable (Ctrl+C to quit)

Session Status online
Session Expires 1 hour, 59 minutes
Version 2.3.40
Region United States (us)
Web Interface http://127.0.0.1:4040
Forwarding http://faa6-73-11-43-188.ngrok.io -> http://localh Forwarding https://faa6-73-11-43-188.ngrok.io -> http://local

Connections ttl opn rt1 rt5 p50 p90
0 0 0.00 0.00 0.00 0.00`

[bcoles]

Your ngrok host is faa6-73-11-43-188.ngrok.io. You will need to use this in the configuration file as per the instructions:

• https://github.com/beefproject/beef/wiki/FAQ#how-do-i-configure-beef-with-ngrok

[Brolupyr777]

    debug: false # Will print verbose message in BeEF console
    host: "localhost" # IP address of the web server
    port: "3000" # Port of the web server

    public: 
        host: "<your-id>.ngrok.io"      # public hostname/IP address
        port: "443"
        https: true

    # Reverse Proxy / NAT
    # If you want BeEF to be accessible behind a reverse proxy or NAT,
    #   set both the publicly accessible hostname/IP address and port below:
    # NOTE: Allowing the reverse proxy will enable a vulnerability where the ui/panel can be spoofed
    #   by altering the X-FORWARDED-FOR ip address in the request header.
    allow_reverse_proxy: true

[Brolupyr777]

what is all of this?

[bcoles]

what is all of this?

It is configuration data for the config.yaml configuration file, as per the description on the line immediately above it.

[Brolupyr777]

How do I access the config.yaml?

[bcoles]

How do I access the config.yaml?

It is a text file. Open it with a text editor.

[Brolupyr777]

what is the path to config.yaml?

[bcoles]

what is the path to config.yaml?

the beef directory

[Brolupyr777]

I had beef pre installed so I have no Idea where is it

[bcoles]

I had beef pre installed so I have no Idea where is it

On Kali it is probably here:

/etc/beef-xss/config.yaml

[Brolupyr777]

/etc/beef-xss/config.yaml cd: not a directory: /etc/beef-xss/config.yaml

[bcoles]

/etc/beef-xss/config.yaml cd: not a directory: /etc/beef-xss/config.yaml

Correct.

[Brolupyr777]

this is an error

[bcoles]

Open the config.yaml configuration file in a text editor.

[Brolupyr777]

I know how to cat, but I don't know how to use the text editor

[Brolupyr777]

Open the config.yaml configuration file in a text editor.

?

[bcoles]

Open the config.yaml configuration file in a text editor.

?

The default text editor on Kali is gedit You may also have leafpad.

[Brolupyr777]

It says that I don't have the permission