Bolder Security: Installing and Running BeEF on ... http://stephanietan.boldersecurity.com/2012/03/r...

T h u r s d a y, M a r c h 2 9 , 2 0 1 2 Pages

Installing and Running BeEF on Linux Home

Public-speaking
Publications
What is BeEF? Coding
BeEF = Browser Exploitation Framework @BolderSecurity
Github > BolderSecurity

Its purpose is primarily for Security Awareness Training. It is a great tool (website)
to show the impact of a single seemingly innocent vulnerability - reflective or About Me
persistent cross-site scripting - caused by a lack of input validation and/or output
escaping. Stephanie Tan

View my complete profile

About BeEF
Excerpt from http://beefproject.com/ : Blog Archive

► 2014 (1)
BeEF is a Security Tool The Browser Exploitation Framework (BeEF) ► 2013 (2)
is a powerful professional security tool. BeEF is pioneering techniques
▼ 2012 (1)
that provide the experienced penetration tester with practical client
▼ March (1)
side attack vectors.
Installing and Running BeEF
Unlike other security frameworks, BeEF focuses on leveraging on Linux
browser vulnerabilities to assess the security posture of a target. This
► 2011 (1)
project is developed solely for lawful research and penetration testing.
► 2010 (5)
BeEF hooks one or more web browsers as beachheads for the
launching of directed command modules. Each browser is likely to be
within a different security context, and each context may provide a set
of unique attack vectors.

Instructions to Setup BeEF on Linux

These instructions are for Red Hat Linux but much of it will likely extend to your
environment.
In order to install BeEF, you will need to get the latest BeEF source from git. Our
Linux builds do not come with "git" so we will need to install it. BeEF also requires
Ruby so we will also obtain, compile, and install the latest version of Ruby. Our
Linux builds already have sqllite so no need to install there.

Install git on Linux

Step Linux Command

1 of 5 Saturday 05 November 2016 11:30 PM

Bolder Security: Installing and Running BeEF on ... http://stephanietan.boldersecurity.com/2012/03/r...

Go to the root directory (or wherever you would like to install

cd /root/
git)

Download the latest version of git (you can go the website to wget http://git-core.googlecode.com
find out if there is a version newer than what i have here) /files/git-1.7.9.5.tar.gz

Unzip the download gunzip git-1.7.9.5.tar.gz

Untar the download tar xvf git-1.7.9.5.tar

Delete the tar file since it is no longer needed rm git-1.7.9.5.tar

Go into the new git folder cd git-1.7.9.5

Build git make prefix=/usr all

Once install completes, verify it is working ./git --version

Install Ruby on Linux

Ruby is required to run BeEF. Most versions of Red Hat Linux do not come
with this. This will show you how to download, compile, and install the
latest version of Ruby.

Step Linux Command

Go to where you would like to install

cd /root/
ruby (e.g. root folder)
Download the latest version of ruby.
You can go to the website to see if wget http://ftp.ruby-lang.org
there is a newer version available. /pub/ruby/1.9/ruby-1.9.3-
This is the latest version at the time p125.tar.gz
of this blog post
Unzip the download gunzip ruby-1.9.3-p125.tar.gz
Untar the download tar xvf ruby-1.9.3-p125.tar
Remove the tar file since you no
rm ruby-1.9.3-p125.tar
longer need it
Go to the new directory cd ruby-1.9.3-p125
Compiling ruby: run configure ./configure
Compiling ruby: run make make
Compiling ruby: install make install
ruby -v

[root@server
ruby-1.9.3-p125]#
Verify the installation was successful
ruby -v
by checking the version number
ruby 1.9.3p125
(2012-02-16 revision
34643) [x86_64-
linux]

Obtain BeEF via git

Step Linux Command

Go to the folder you would want the latest

d /root/
beef code to be downloaded to (e.g. /root)
Run the git command (you may need to
/root/git-1.7.9.5/git clone
tailor this to wherever you installed git and
http://github.com
the version number you installed). This will
/beefproject/beef
download the latest version of beef.

Install BeEF on Linux

2 of 5 Saturday 05 November 2016 11:30 PM

Bolder Security: Installing and Running BeEF on ...
Step Linux Command
Go to wherever you
installed beef (e.g. cd /root/beef/)
/root/beef)
gem install bundler
Install the bundler tool,
which will be used to
install beef in the next
step
bundle install
Install beef using
"bundler"
3 of 5
http://stephanietan.boldersecurity.com/2012/03/r...
[root@server beef]# gem install
bundler
/usr/local/lib/ruby/1.9.1
/yaml.rb:56:in `':
It seems your ruby installation is
missing psych (for YAML output).
To eliminate this warning, please
install libyaml and reinstall your
ruby.
Fetching: bundler-1.1.3.gem
(100%)
Successfully installed
bundler-1.1.3
1 gem installed
Installing ri documentation for
bundler-1.1.3...
Installing RDoc documentation for
bundler-1.1.3...
[root@server beef]# bundle install
/usr/local/lib/ruby/1.9.1
/yaml.rb:56:in `<top (required)>':
It seems your ruby installation is
missing psych (for YAML output).
To eliminate this warning, please
install libyaml and reinstall your
ruby.
Fetching gem metadata from
http://rubygems.org/.........
Installing addressable (2.2.7)
Installing ansi (1.4.2)
Installing daemons (1.1.8)
Installing data_objects (0.10.8)
Installing dm-core (1.2.0)
Installing dm-do-adapter (1.2.0)
Installing dm-migrations (1.2.0)
Installing do_sqlite3 (0.10.8) with
native extensions
Installing dm-sqlite-adapter (1.2.0)
Installing erubis (2.7.0)
Installing eventmachine (0.12.10)
with native extensions
Installing json (1.6.6) with native
extensions
Installing librex (0.0.65)
Installing msgpack (0.4.6) with
native extensions
Installing msfrpc-client (1.0.1)
Installing parseconfig (0.5.2)
Saturday 05 November 2016 11:30 PM
Bolder Security: Installing and Running BeEF on ... http://stephanietan.boldersecurity.com/2012/03/r...

Installing rack (1.4.1)

Installing rack-protection (1.2.0)
Installing tilt (1.3.3)
Installing sinatra (1.3.2)
Installing term-ansicolor (1.0.7)
Installing thin (1.3.1) with native
extensions
Using bundler (1.1.3)
Your bundle is complete! Use
`bundle show [gemname]` to see
where a bundled gem  

Configure BeEF
Configure BeEF to run on port 80 and also start directly from the server
you have it installed on. Otherwise, you have to enter http://server
/ui/authentication thus making it easier to access the site.
Note: I could not get the path to access beef reduced from http://server
/ui/authentication to http://server/ -- perhaps this is an issue with the
version of BeEF I installed with

Step Linux Command

vi /root/beef/config.yaml

http:
debug: false #Thin::Logging.debug,
very verbose. Prints also full
exception stack trace.
host: "0.0.0.0"
port: "80" <-----CHANGED
Modify the
# if running behind a nat set the
configuration file.
public ip address here
Change port: "3000"
#public: ""
to "80"
dns: "localhost"
panel_path: "/ui/panel" <-----I'D LIKE
TO CHANGE THIS BUT IT ISN'T
TAKING EFFECT
hook_file: "/hook.js"
hook_session_name: "BEEFHOOK"
session_cookie_name:
"BEEFSESSION"

Run BeEF in Background

Step Linux Command

Go to beef installation folder (e.g. /root/beef) cd /root/beef/

Start beef in background (by adding &) ./beef &

Start BeEF by Default on Linux

Linux
Step
Command

Modify the /etc/rc.d/rc.local file. This file is for add-on

vi /etc/rc.d
startup scripts that run when the system reboots. This is
/rc.local
important to ensure beef is always running
Add two lines: one to tell it to go inside the beef directory
cd
(for some reason you can't run it directly since it has
/root/beef
hard-coded relative links thus must already be inside that
./beef &
directory) and then run beef in the background

4 of 5 Saturday 05 November 2016 11:30 PM

Bolder Security: Installing and Running BeEF on ... http://stephanietan.boldersecurity.com/2012/03/r...

Update BeEF on Linux

Step Linux Command

Go to directory beef is installed in (e.g. /root/beef). cd /root/beef

Run 'git pull' to update to the latest revision. You may
/root/git-
need to alter this to wherever you installed git and the
1.7.9.5/git pull
specific version

Posted by Stephanie Tan at 3/29/2012 07:23:00 PM

Labels: beef, browser, exploitation, ruby, security, xss

1 comment:

C3PO April 17, 2012 at 9:10 AM

I ran into the same problem "panel_path: "/ui/panel" <-----I'D LIKE TO

CHANGE THIS BUT IT ISN'T TAKING EFFECT" because I use BeEF in my
demo system behind a reverse proxy...

Do you found a solution for this?

Chris

Reply

Enter your comment...

Comment as: Anthonee Gonsalves (Google) Sign out

Publish Preview Notify me

Newer Post Home Older Post

Subscribe to: Post Comments (Atom)

Powered by Blogger.

5 of 5 Saturday 05 November 2016 11:30 PM