Results 1 to 5 of 5

Thread: Where's the BeEF?

Hybrid View

  1. #1
    Member
    Join Date
    May 2006
    Posts
    119

    Default Where's the BeEF?

    Anyone have BeEF working on Backtrack 3 release? I followed the instructions and can access the BeEF server from a different machine on my local net, but the process of turning that other machine into a zombie doesn't happen. There must be something basic I'm missing here. Looks like a very interesting program but cannot get it to do anything.

  2. #2
    Member imported_pynstrom's Avatar
    Join Date
    May 2008
    Posts
    143

    Default

    Check out these videos:
    http://vimeo.com/1554155
    http://vimeo.com/1983922
    BeEF works fine for me. You can also use an ettercap filter to place the beef script tag into the target browser without redirecting it.
    When hungry, eat your rice; when tired, close your eyes. Fools may laugh at me, but wise men will know what I mean. -- Lin-Chi
    - - - - - - - -
    I slept once, it was a Tuesday.

  3. #3
    Member
    Join Date
    May 2006
    Posts
    119

    Default

    Pynstrom - thank you for those links to John Strands enlightening videos. They straightened me up and now I can fly right. In other words, I got it working on my local net thanks to those links.

    The problem was there was no explicit instruction at the web site to actually enable the alert module so I was just following the directions to attach to 192.168.1.101 (machine running BeEF) without first enabling the actual alert module which is critical to make it work. That needs to be more clear on the instruction page at bindshell.net (I will email the appropriate people about that).

    My question is when I run the bindshell exploit I'm getting a small blank box in the zombie window -- is that normal or what? The attacking BeEF machine wants input for the target machine (i.e., 192.168.1.100 and port, 4444), so am I now supposed to be able to connect to the on on port 4444? Indeed, a netstat -ant does not show port 4444 listening on the compromised machine but there is now a blank window/frame showing up on the zombie. Normally would you use netcat to bind to it?

    Thanks!

  4. #4
    Senior Member BigMac's Avatar
    Join Date
    Jan 2008
    Posts
    213

    Default

    you have to edit the file located /var/www/htdocs/beef/hook/xss-example.html

    src="http://youripaddress . . . . . . .

    then have your target connect to yourip/beef/hook/xss-example.html

  5. #5
    Member
    Join Date
    May 2006
    Posts
    119

    Default

    Thanks BigMac -- that helped. Now, the method to communicate with the zombie when using the bindshell. Any suggestions? How do you communicate with it in the iframe window that pops up on the zombie when running that exploit? Do you have any ideas? I just seem to get a pop up iframe window in the zombie and no directions on what to do next. The inter-protocol communication bindshell module looks like it's working properly but are those "commands" in the commands box on the BeEF server linux-specific or how does one get them to run, if you don't mind my asking.

    Thank you.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •