Hey everybody, i just upgraded to R2, and I cannot get Beef to work. When I upgraded it gave me Beef-ng, then I apt-get install Beef to replace it. I started the Beef server, and the demos work from the same browser my ui is open, but if I try http://XXX.XXX.XXX.XXX:3000/hook.js in my host browser (IE8 and Forefox 10), there is no hook. IE gives me a page cannot be displayed, and firefox shows a whole page of code. I am pretty sure, you don't HAVE to put the script src in a XSS vuln. If the "victim" were to navigate to that url, it should still work. My Beef server is internet facing with no NAT or router in the way. I go back to my BT 5 vm and here is the Beef logs:
DEFAULT USER/PASSWORD: beef/beef
[16:11:19][*] Browser Exploitation Framework (BeEF)
[16:11:19] | Version 0.4.3.2-alpha
[16:11:19] | Website http://beefproject.com
[16:11:19] | Run 'beef -h' for basic help.
[16:11:19] |_ Run 'git pull' to update to the latest revision.
[16:11:19][*] Resetting the database for BeEF.
[16:11:19][*] BeEF is loading. Wait a few seconds...
[16:11:19][*] 9 extensions loaded:
[16:11:19] | Requester
[16:11:19] | Admin UI
[16:11:19] | Autoloader
[16:11:19] | Demos
[16:11:19] | Proxy
[16:11:19] | Console
[16:11:19] | Events
[16:11:19] | XSSRays
[16:11:19] |_ Initialization
[16:11:19][*] 77 modules enabled.
[16:11:19][*] 2 network interfaces were detected.
[16:11:19][+] running on network interface: 127.0.0.1
[16:11:19] | Hook URL: http://127.0.0.1:3000/hook.js
[16:11:19] |_ UI URL: http://127.0.0.1:3000/ui/panel
[16:11:19][+] running on network interface: XXX.XXX.XXX.XXX
[16:11:19] | Hook URL: http://XXX.XXX.XXX.XXX:3000/hook.js
[16:11:19] |_ UI URL: http://XXX.XXX.XXX.XXX:3000/ui/panel
[16:11:19][+] HTTP Proxy: http://127.0.0.1:6789
[16:11:19][*] BeEF server started (press control+c to stop)
[16:17:25][!] [INITIALIZATION] Invalid internal IP address returned from the hook browser's initial connection. (this is host browser)
[16:17:25][*] New Hooked Browser [ip:127.0.0.1, type:FF-10, os:Linux], hooked domain [127.0.0.1:3000] (this is the beef ui browser demo)
I would really like to get this working for a pen test my team is working on with a commercial client. Any help would be much appreciated.