Zombies Not Showing Online, and I cannot access my hook page from my VM OS

[LordxSnow]

Right, so, I wanna use BeEF over WAN instead of LAN. A relative of mine has given me written permission to do a Pentest using BeEF against their system. However, I cannot seem to get it to give me a URL that anyone outside my network can access. I've already set both my VM-Machine on (Bridged) and then set the VM-Machine's IP in DMZ-Mode on My Router/Modem so all ports are open. Yet, she gets nothing when trying to access http://(MyIP):3000/demos/basic.html any help getting this to work over WAN would be great. I even went into the config below and set the Host to my public ip and it still doesn't work. I even tried the NAT Public ip option. Got nothing.

Copyright (c) 2006-2014 Wade Alcorn - wade@bindshell.net

Browser Exploitation Framework (BeEF) - http://beefproject.com

See the file 'doc/COPYING' for copying permission

BeEF Configuration file

beef: version: '0.4.5.0-alpha'

More verbose messages (server-side)

debug: false
# More verbose messages (client-side)
client_debug: false

restrictions:
    # subnet of browser ip addresses that can hook to the framework
    permitted_hooking_subnet: "0.0.0.0/0"
    # subnet of browser ip addresses that can connect to the UI
    # permitted_ui_subnet: "127.0.0.1/32"
    permitted_ui_subnet: "0.0.0.0/0"

http:
    debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
    host: "0.0.0.0"
    port: "3000"
    # Decrease this setting up to 1000 if you want more responsiveness when sending modules and retrieving results.
    # It's not advised to decrease it with tons of hooked browsers (more than 50),
    # because it might impact performance. Also, enable WebSockets is generally better.
    xhr_poll_timeout: 5000
    # if running behind a nat set the public ip address here
    #public: ""
    #public_port: "2333" # port setting is experimental
    # DNS
    dns_host: "localhost"
    dns_port: 53
    web_ui_basepath: "/ui"
    hook_file: "/hook.js"
    hook_session_name: "BEEFHOOK"
    session_cookie_name: "BEEFSESSION"

    # Allow one or multiple origins to access the RESTful API using CORS
    # For multiple origins use: "http://browserhacker.com, http://domain2.com"
    restful_api:
        allow_cors: false
        cors_allowed_domains: "http://browserhacker.com"

    # Prefer WebSockets over XHR-polling when possible.
    websocket:
      enable: false
      secure: true # use 'WebSocketSecure' works only on HTTPS domains and with HTTPS support enabled in BeEF
      port: 61985 # WS: good success rate through proxies
      secure_port: 61986 # WSSecure
      ws_poll_timeout: 1000 # poll BeEF every second

    # Imitate a specified web server (default root page, 404 default error page, 'Server' HTTP response header)
    web_server_imitation:
        enable: true
        type: "apache" #supported: apache, iis

    # Experimental HTTPS support for the hook / admin / all other Thin managed web services
    https:
        enable: false
        # In production environments, be sure to use a valid certificate signed for the value
        # used in beef.http.dns_host (the domain name of the server where you run BeEF)
        key: "beef_key.pem"
        cert: "beef_cert.pem"

database:
    # For information on using other databases please read the
    # README.databases file

    # supported DBs: sqlite, mysql, postgres
    # NOTE: you must change the Gemfile adding a gem require line like:
    # gem "dm-postgres-adapter"
    # or
    # gem "dm-mysql-adapter"
    # if you want to switch drivers from sqlite to postgres (or mysql).
    # Finally, run a 'bundle install' command and start BeEF.
    driver: "sqlite"

    # db_file is only used for sqlite
    db_file: "beef.db"

    # db connection information is only used for mysql/postgres
    db_host: "localhost"
    db_port: 5432
    db_name: "beef"
    db_user: "beef"
    db_passwd: "beef123"
    db_encoding: "UTF-8"

# Credentials to authenticate in BeEF. Used by both the RESTful API and the Admin_UI extension
credentials:
    user: "beef"
    passwd: "beef"

# Autorun modules as soon the browser is hooked.
# NOTE: only modules with target type 'working' or 'user_notify' can be run automatically.
autorun:
    enable: true
    # set this to FALSE if you don't want to allow auto-run execution for modules with target->user_notify
    allow_user_notify: true

crypto_default_value_length: 80

# You may override default extension configuration parameters here
extension:
    requester:
        enable: true
    proxy:
        enable: true
    metasploit:
        enable: false
    social_engineering:
        enable: true
    evasion:
        enable: false
    console:
         shell:
            enable: false
    ipec:
        enable: true
    # this is still experimental, we're working on it..
    dns:
        enable: false

[bcoles]

@LordxSnow thanks for ninja-editing your issue - it's now easier to understand what you're trying to achieve.

Your issues are most likely due to your network configuration rather than BeEF.

It could be due to an issue with DMZ mode on your router or perhaps the ISP filtering the ports. Try forwarding the ports instead.

To verify, try opening another service on a standard port unlikely to be filtered by an ISP (try 80 or 8080) then port scanning your WAN IP address from a remote host.

In regards to the public option in the config, it MUST be set if you're behind NAT, for example:

        public: "<WAN IP>"
        public_port: "3000"

BeEF should now be accessible from :3000.

Note that while you're testing the configuration, if you hook a browser on the LAN, even if you use the WAN IP address, then the hooked browser will be shown as connecting from the LAN IP and not your WAN IP.

[wadealcorn]

No response from @LordxSnow. Closing