search

stormshadow07 / BeeF-Over-Wan

Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]
GNU General Public License v3.0
158 stars 90 forks source link

Can Authenticate But Unable to Access The Control Panel #53

Open jonyboi21 opened 2 years ago

jonyboi21 commented 2 years ago

https://user-images.githubusercontent.com/75004568/154834837-c1bd6613-8e9b-4a35-afeb-4f8056cd4124.mp4

Nothing is showing up in my localhost logs either

Des7royer commented 2 years ago

Same pls Help!

ahmishra commented 2 years ago

Same with me, please help @stormshadow07

jonyboi21 commented 2 years ago
  1. Make sure Node.js is installed
  2. Make sure you ngrok.yaml file permits the port you are using
  3. Make sure you're running without root privledges
ahmishra commented 2 years ago

@jonyboi21 I have node.js and ngrok.yaml permits the ports, but if i run the script without root priveleges it gives this error- cp: cannot create regular file '/var/www/html/beef.html': Permission denied chmod: changing permissions of '/var/www/html/hook.js': Operation not permitted

so i have to run it with root privellages

qaisss commented 2 years ago

SAME

ahmishra commented 2 years ago

@qaisss @stormshadow07 @jonyboi21

Edit: BeeF-Over-Wan sucks. So to get it working, these are the steps I figured out-

  1. Uninstall beef-xss
  2. Install beef from here https://github.com/beefproject/beef/
  3. $ ./install
  4. Get ngrok
  5. Configure ngrok (auth token)
  6. Make a test server
  7. Host it with ngrok, if it worked, then great, stop the server
  8. Once you closed the server, start a new server with ngrok http 3000
  9. Copy the random generated id <YOUR_ID>.ngrok.io
  10. Follow these steps- https://github.com/beefproject/beef/wiki/FAQ#how-do-i-configure-beef-with-ngrok (Common mistake: dont update the section in beef: update the section in http: located in config.yaml)
  11. In place of your-id replace it with your randomly generated id (ngrok)
  12. $ ./beef
  13. Forward the beef hook link with ngrok (https://YOUR_ID.ngrok.io/demos/butcher/index.html)
  14. Use 0.0.0.0:3000/ui/panel to view hooked links
  15. If you want to shorten the hooked link to not make it look suspicious use a url shortner
ahmishra commented 2 years ago

I would suggest closing the issue now :)