bcoles
commented
2 years ago How do I fix it?
Do the opposite of whatever you did to break it.
Closed Brolupyr777 closed 2 years ago
bcoles
commented
2 years ago How do I fix it?
Do the opposite of whatever you did to break it.
Brolupyr777
commented
2 years ago ...
Brolupyr777
commented
2 years ago `#
beef: version: '0.5.4.0'
debug: false
# More verbose messages (client-side)
client_debug: false
# Used for generating secure tokens
crypto_default_value_length: 80
# Credentials to authenticate in BeEF.
# Used by both the RESTful API and the Admin interface
credentials:
user: "beef"
passwd: "<My Password>"
# Interface / IP restrictions
restrictions:
# subnet of IP addresses that can hook to the framework
permitted_hooking_subnet: ["0.0.0.0/0", "::/0"]
# subnet of IP addresses that can connect to the admin UI
#permitted_ui_subnet: ["127.0.0.1/32", "::1/128"]
permitted_ui_subnet: ["0.0.0.0/0", "::/0"]
# subnet of IP addresses that cannot be hooked by the framework
excluded_hooking_subnet: []
# slow API calls to 1 every api_attempt_delay seconds
api_attempt_delay: "0.05"
# HTTP server
http:
debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
host: "0.0.0.0"
port: "3000"
# Decrease this setting to 1,000 (ms) if you want more responsiveness
# when sending modules and retrieving results.
# NOTE: A poll timeout of less than 5,000 (ms) might impact performance
# when hooking lots of browsers (50+).
# Enabling WebSockets is generally better (beef.websocket.enable)
xhr_poll_timeout: 1000
# Host Name / Domain Name
# If you want BeEF to be accessible via hostname or domain name (ie, DynDNS),
# These settings will be used to create a public facing URL
# This public facing URL will be used for all hook related calls
# set the public setting below:
public:
host: "faa6-73-11-43-188.ngrok.io" # public hostname/IP address
port: "443" # public port will default to 80 if no https 443 if https
# and local if not set but there is a public host
https: true # true/false
# Reverse Proxy / NAT
# If you want BeEF to be accessible behind a reverse proxy or NAT,
# set both the publicly accessible hostname/IP address and port below:
# NOTE: Allowing the reverse proxy will enable a vulnerability where the ui/panel can be spoofed
# by altering the X-FORWARDED-FOR ip address in the request header.
allow_reverse_proxy: false
# Hook
hook_file: "/hook.js"
hook_session_name: "BEEFHOOK"
# Allow one or multiple origins to access the RESTful API using CORS
# For multiple origins use: "http://browserhacker.com, http://domain2.com"
restful_api:
allow_cors: false
cors_allowed_domains: "http://browserhacker.com"
# Prefer WebSockets over XHR-polling when possible.
websocket:
enable: false
port: 61985 # WS: good success rate through proxies
# Use encrypted 'WebSocketSecure'
# NOTE: works only on HTTPS domains and with HTTPS support enabled in BeEF
secure: true
secure_port: 61986 # WSSecure
ws_poll_timeout: 5000 # poll BeEF every x second, this affects how often the browser can have a command execute on it
ws_connect_timeout: 500 # useful to help fingerprinting finish before establishing the WS channel
# Imitate a specified web server (default root page, 404 default error page, 'Server' HTTP response header)
web_server_imitation:
enable: true
type: "apache" # Supported: apache, iis, nginx
hook_404: false # inject BeEF hook in HTTP 404 responses
hook_root: false # inject BeEF hook in the server home page
# Experimental HTTPS support for the hook / admin / all other Thin managed web services
https:
enable: false
# Enabled this config setting if you're external facing uri is using https
public_enabled: false
# In production environments, be sure to use a valid certificate signed for the value
# used in beef.http.public (the domain name of the server where you run BeEF)
key: "beef_key.pem"
cert: "beef_cert.pem"
database:
file: "beef.db"
# Autorun Rule Engine
autorun:
# this is used when rule chain_mode type is nested-forward, needed as command results are checked via setInterval
# to ensure that we can wait for async command results. The timeout is needed to prevent infinite loops or eventually
# continue execution regardless of results.
# If you're chaining multiple async modules, and you expect them to complete in more than 5 seconds, increase the timeout.
result_poll_interval: 300
result_poll_timeout: 5000
# If the modules doesn't return status/results and timeout exceeded, continue anyway with the chain.
# This is useful to call modules (nested-forward chain mode) that are not returning their status/results.
continue_after_timeout: true
# Enables DNS lookups on zombie IP addresses
dns_hostname_lookup: false
# IP Geolocation
geoip:
enable: true
# GeoLite2 City database created by MaxMind, available from https://www.maxmind.com
database: '/usr/share/GeoIP/GeoLite2-City.mmdb'
# Integration with PhishingFrenzy
# If enabled BeEF will try to get the UID parameter value from the hooked URI, as this is used by PhishingFrenzy
# to uniquely identify the victims. In this way you can easily associate phishing emails with hooked browser.
integration:
phishing_frenzy:
enable: false
# You may override default extension configuration parameters here
# Note: additional experimental extensions are available in the 'extensions' directory
# and can be enabled via their respective 'config.yaml' file
extension:
admin_ui:
enable: true
base_path: "/ui"
demos:
enable: true
events:
enable: true
evasion:
enable: false
requester:
enable: true
proxy:
enable: true
network:
enable: true
metasploit:
enable: false
social_engineering:
enable: true
xssrays:
enable: true `what is here to fix?
Brolupyr777
commented
2 years ago don't mind the ``
bcoles
commented
2 years ago what is here to fix?
Fix the whitespace preceding the public key.
Brolupyr777
commented
2 years ago can you fix it for me please?
bcoles
commented
2 years ago can you fix it for me please?
Brolupyr777
commented
2 years ago xhr_poll_timeout: 1000
# Host Name / Domain Name
# If you want BeEF to be accessible via hostname or domain name (ie, DynDNS),
# These settings will be used to create a public facing URL
# This public facing URL will be used for all hook related calls
# set the public setting below:
public:
host: "faa6-73-11-43-188.ngrok.io" # public hostname/IP address
port: "443" # public port will default to 80 if no https 443 if https
# and local if not set but there is a public host
https: true # true/false
# Reverse Proxy / NAT
# If you want BeEF to be accessible behind a reverse proxy or NAT,
# set both the publicly accessible hostname/IP address and port below:
# NOTE: Allowing the reverse proxy will enable a vulnerability where the ui/panel can be spoofed
# by altering the X-FORWARDED-FOR ip address in the request header.
allow_reverse_proxy: false It is exactly like yours
bcoles
commented
2 years ago It is exactly like yours
Align the public key.
Brolupyr777
commented
2 years ago Can you at least be more helpful?
bcoles
commented
2 years ago Can you at least be more helpful?
Brolupyr777
commented
2 years ago It looks just like yours.
bcoles
commented
2 years ago It looks just like yours.
Yes. It is wrong. The public key must be aligned like all the others. There is a gap.
Brolupyr777
commented
2 years ago gap between what?
bcoles
commented
2 years ago gap between what?
There is a gap between the public key and the red line. The public key needs to be vertically aligned with the other keys.
Brolupyr777
commented
2 years ago xhr_poll_timeout: 1000
# Host Name / Domain Name
# If you want BeEF to be accessible via hostname or domain name (ie, DynDNS),
# These settings will be used to create a public facing URL
# This public facing URL will be used for all hook related calls
# set the public setting below:
public:
host: "faa6-73-11-43-188.ngrok.io" # public hostname/IP address
port: "443" # public port will default to 80 if no https 443 if https
# and local if not set but there is a public host
https: true # true/false
# Reverse Proxy / NAT
# If you want BeEF to be accessible behind a reverse proxy or NAT,
# set both the publicly accessible hostname/IP address and port below:
# NOTE: Allowing the reverse proxy will enable a vulnerability where the ui/panel can be spoofed
# by altering the X-FORWARDED-FOR ip address in the request header.
allow_reverse_proxy: false ?
Brolupyr777
commented
2 years ago It still dosen't work
jcrew99
commented
2 years ago Especially relevant comments https://github.com/beefproject/beef/issues/2366#issuecomment-1073467088 https://github.com/beefproject/beef/issues/2366#issuecomment-1073406625 https://github.com/beefproject/beef/issues/2366#issuecomment-1073466478
bcoles has repetitively said what the issue is, as well as outlined the section that is incorrectly aligned.
Please refer to the comment that contains the extract from the wiki (bear in mind the comments are removed for brevity) or as bcoles posted again here: https://github.com/beefproject/beef/wiki/FAQ#how-do-i-configure-beef-with-ngrok
At first i believe he was trying to help you help yourself but then he gave you the answer and then he has repeated the answer multiple times.
First, have a read of this to help you understand what type of file you are working with. https://phoenixnap.com/blog/what-is-yaml-with-examples
Then with that context, take in mind what bcoles said before:
"Align the public key"
Have a look how yours may differ from what is in the wiki that was posted before. The comments don't matter. The positioning does. https://github.com/beefproject/beef/issues/2366#issuecomment-1073489382
https://github.com/beefproject/beef/issues/2366#issuecomment-1073406625
I agree that this should be closed and unless there is a different but relevant issue, shouldn't be reopened.
Can you at least be more helpful?
I disagree with this take, bcoles provided a lot of support here.
Brolupyr777
commented
2 years ago I am sorry If I wasted your time bcoles, I am a slow learner and just getting started with Linux.
CONNEXAFR
commented
1 month ago hi! sorry for the inconvenience, I noticed that the forum is closed. but I allow myself to comment because I want to know how to get in touch with bécoles. I am new to this field I had some problems with the installation of beef-xss and Ngrok fortunately some research on the internet helped me to solve the problem. but I am a little lost at the level of port redirection or tunneling to allow beef-xss to run on the internet. after taking the time to read the comment in the forum I understood that bécoles has a big heart ❤️ he can also be useful to me because given the number of times he answered the same question with patience 😂 he can also help me to solve my problem despite a little skills that I have. Thank you in advance. I also want to tell you that did not take too much into account my way of writing English, I come from a French-speaking country I make the effort to pass the message to you. 🙏
bcoles
commented
1 month ago hi! sorry for the inconvenience, I noticed that the forum is closed. but I allow myself to comment because I want to know how to get in touch with bécoles. I am new to this field I had some problems with the installation of beef-xss and Ngrok fortunately some research on the internet helped me to solve the problem. but I am a little lost at the level of port redirection or tunneling to allow beef-xss to run on the internet. after taking the time to read the comment in the forum I understood that bécoles has a big heart ❤️ he can also be useful to me because given the number of times he answered the same question with patience 😂 he can also help me to solve my problem despite a little skills that I have. Thank you in advance. I also want to tell you that did not take too much into account my way of writing English, I come from a French-speaking country I make the effort to pass the message to you. 🙏
Hi, can someone please explain the solution to me in simple words, step by step since I am new in Linux and Github in general and would love that Thanks!