DeezyE
commented
2 years ago Looks like you are using ngrok. Can you post the config.yml settings?
Closed Claonyx closed 2 years ago
DeezyE
commented
2 years ago Looks like you are using ngrok. Can you post the config.yml settings?
Claonyx
commented
2 years ago Looks like you are using ngrok. Can you post the config.yml settings?
Sorry I'm like literally really new, where can I find this file?
DeezyE
commented
2 years ago If you look at item 1 from your submitted issue it tells you where the config.yaml is for different installs.
On that topic are you using kali?
Claonyx
commented
2 years ago im gonna assume that .yml can also be written as yaml, as i only have one file that looks to be of any use. Yes, i am using kali, but would it be a problem if i am using a virtual machine? everything to do with beEfOverWan i have kept on the virtual machine.
idk how to post the file so i will just copy and paste the contents:
#
#
beef: version: '0.5.4.0'
debug: true
# More verbose messages (client-side)
client_debug: true
# Used for generating secure tokens
crypto_default_value_length: 80
# Credentials to authenticate in BeEF.
# Used by both the RESTful API and the Admin interface
credentials:
user: "abc"
passwd: "abc"
# Interface / IP restrictions
restrictions:
# subnet of IP addresses that can hook to the framework
permitted_hooking_subnet: ["0.0.0.0/0", "::/0"]
# subnet of IP addresses that can connect to the admin UI
#permitted_ui_subnet: ["127.0.0.1/32", "::1/128"]
permitted_ui_subnet: ["0.0.0.0/0", "::/0"]
# subnet of IP addresses that cannot be hooked by the framework
excluded_hooking_subnet: []
# slow API calls to 1 every api_attempt_delay seconds
api_attempt_delay: "0.05"
# HTTP server
http:
debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
host: "0.0.0.0"
port: "3000"
# Decrease this setting to 1,000 (ms) if you want more responsiveness
# when sending modules and retrieving results.
# NOTE: A poll timeout of less than 5,000 (ms) might impact performance
# when hooking lots of browsers (50+).
# Enabling WebSockets is generally better (beef.websocket.enable)
xhr_poll_timeout: 1000
# Host Name / Domain Name
# If you want BeEF to be accessible via hostname or domain name (ie, DynDNS),
# These settings will be used to create a public facing URL
# This public facing URL will be used for all hook related calls
# set the public setting below:
# public:
# host: "" # public hostname/IP address
# port: "" # public port will default to 80 if no https 443 if https
# and local if not set but there is a public host
# https: false # true/false
# Reverse Proxy / NAT
# If you want BeEF to be accessible behind a reverse proxy or NAT,
# set both the publicly accessible hostname/IP address and port below:
# NOTE: Allowing the reverse proxy will enable a vulnerability where the ui/panel can be spoofed
# by altering the X-FORWARDED-FOR ip address in the request header.
allow_reverse_proxy: false
# Hook
hook_file: "/hook.js"
hook_session_name: "BEEFHOOK"
# Allow one or multiple origins to access the RESTful API using CORS
# For multiple origins use: "http://browserhacker.com, http://domain2.com"
restful_api:
allow_cors: false
cors_allowed_domains: "http://browserhacker.com"
# Prefer WebSockets over XHR-polling when possible.
websocket:
enable: false
port: 61985 # WS: good success rate through proxies
# Use encrypted 'WebSocketSecure'
# NOTE: works only on HTTPS domains and with HTTPS support enabled in BeEF
secure: true
secure_port: 61986 # WSSecure
ws_poll_timeout: 5000 # poll BeEF every x second, this affects how often the browser can have a command execute on it
ws_connect_timeout: 500 # useful to help fingerprinting finish before establishing the WS channel
# Imitate a specified web server (default root page, 404 default error page, 'Server' HTTP response header)
web_server_imitation:
enable: true
type: "apache" # Supported: apache, iis, nginx
hook_404: false # inject BeEF hook in HTTP 404 responses
hook_root: false # inject BeEF hook in the server home page
# Experimental HTTPS support for the hook / admin / all other Thin managed web services
https:
enable: false
# Enabled this config setting if you're external facing uri is using https
public_enabled: false
# In production environments, be sure to use a valid certificate signed for the value
# used in beef.http.public (the domain name of the server where you run BeEF)
key: "beef_key.pem"
cert: "beef_cert.pem"
database:
file: "beef.db"
# Autorun Rule Engine
autorun:
# this is used when rule chain_mode type is nested-forward, needed as command results are checked via setInterval
# to ensure that we can wait for async command results. The timeout is needed to prevent infinite loops or eventually
# continue execution regardless of results.
# If you're chaining multiple async modules, and you expect them to complete in more than 5 seconds, increase the timeout.
result_poll_interval: 300
result_poll_timeout: 5000
# If the modules doesn't return status/results and timeout exceeded, continue anyway with the chain.
# This is useful to call modules (nested-forward chain mode) that are not returning their status/results.
continue_after_timeout: true
# Enables DNS lookups on zombie IP addresses
dns_hostname_lookup: false
# IP Geolocation
geoip:
enable: true
# GeoLite2 City database created by MaxMind, available from https://www.maxmind.com
database: '/usr/share/GeoIP/GeoLite2-City.mmdb'
# Integration with PhishingFrenzy
# If enabled BeEF will try to get the UID parameter value from the hooked URI, as this is used by PhishingFrenzy
# to uniquely identify the victims. In this way you can easily associate phishing emails with hooked browser.
integration:
phishing_frenzy:
enable: false
# You may override default extension configuration parameters here
# Note: additional experimental extensions are available in the 'extensions' directory
# and can be enabled via their respective 'config.yaml' file
extension:
admin_ui:
enable: true
base_path: "/ui"
demos:
enable: true
events:
enable: true
evasion:
enable: false
requester:
enable: true
proxy:
enable: true
network:
enable: true
metasploit:
enable: false
social_engineering:
enable: true
xssrays:
enable: true
bcoles
commented
2 years ago The screenshot shows an error page for an Apache 2.4.53 web server - not BeEF. You've opening an ngrok tunnel to your local Apache server - not BeEF.
Refer to:
DeezyE
commented
2 years ago Also suggest changing your credentials now you've posted the endpoint :)
redstonepro109
commented
2 years ago The screenshot shows an error page for an Apache 2.4.53 web server - not BeEF. You've opening an ngrok tunnel to your local Apache server - not BeEF.
Refer to:
Hey, do you have discord so i can contact you im having trouble with the instructions.
bcoles
commented
2 years ago Hey, do you have discord so i can contact you im having trouble with the instructions.
luckysingh070
commented
2 years ago my beef ui is not running can anybody please help me
bcoles
commented
2 years ago my beef ui is not running can anybody please help me
Please create a new issue and complete the issue template.
bcoles
commented
2 years ago Closing due to inactivity.
luckysingh070
commented
2 years ago beef authantication 404 not found problem
bcoles
commented
2 years ago beef authantication 404 not found problem
Please create a new issue and complete the issue template.
Provide a log. Provide screenshots. "beef authantication 404 not found problem" means nothing.
tfimaoun
commented
9 months ago The screenshot shows an error page for an Apache 2.4.53 web server - not BeEF. You've opening an ngrok tunnel to your local Apache server - not BeEF.
Refer to:
I am having the 404 error and i want to talk to you on discord can you give me your id?
Submit Issue
Verify first that your issue/request has not been posted previously:
Ensure you're using the latest version of BeEF.
Please do your best to provide as much information as possible. It will help substantially if you can enable and provide debugging logs with your issue. Instructions for enabling debugging logs are below:
config.yamlfile of your BeEF root folder set debug and client_debug (lines 11 & 13 respectively) totruebeef-xssthe root folder will typically be/usr/share/beef-xss~/.beef/beef.logbeef-xss: Retrieve your service logs usingjournalctl -u beef-xssThank you, this will greatly aid us in identifying the root cause of your issue :)
If we request additional information and we don't hear back from you within a week, we will be closing the ticket off. Feel free to open it back up if you continue to have issues.
Summary
Q: Please provide a brief summary of the issue that you experienced. A:I have everything working, but when i open the link to open up the beEF panel, it gives me a 404 not found error. im sorry if this is very easy to fix or obvius, i am new to coding so please bare with me.
Environment
Please identify the environment in which your issue occurred.
1 0.5.4.0
Ruby Version:3.1.1
Browser Details (e.g. Chrome v81.0):firefox v98.0.2
Operating System (e.g. OSX Catalina):kali linux
Configuration
Q: Have you made any changes to your BeEF configuration?
A:no
Q: Have you enabled or disabled any BeEF extensions? A:no
Expected vs. Actual Behaviour
Expected Behaviour:
to load up beef login page Actual Behaviour:
shows 404 error
Steps to Reproduce
Please provide steps to reproduce this issue.
1.i did everything correctly so i do not know
Additional Information
Please provide any additional information which may be useful in resolving this issue, such as debugging output and relevant screen shots. Debug output can be retrieved by following the instructions towards the top of the issue template.