SlideShare a Scribd company logo

BeEF

A
AlexandraLacatus

Initial assessment presentation about the Browser Exploitation Framework

Technology
1 of 15
Download to read offline
BeEF The Browser Exploitation Framework alexandra.lacatus@info.uaic.ro FCS Iasi, Software Security
Overview What is BeEF Installation and requirements How it works Case studies & examples Advantages 2 Software Security, FCS Iasi, 2013-2014
What is BeEF? http://beefproject.com/ open-source penetration testing tool used to test and exploit web application and browser-based vunerabilities. Main developer: Wade Alcorn, security expert Last stable release: 0.4.4.7 / August 2013 3 Software Security, FCS Iasi, 2013-2014
Installation and requirements OSX 10.5.0 or higher, Modern Linux, Windows XP or higher Ruby 1.9.2 RVM or higher SQLite 3.x A list of ruby gems [...] 4 Software Security, FCS Iasi, 2013-2014
How it works BeEF uses a javascript file hook.js that will hook one or more browsers and will use them for launching directed command modules and further attacks against the system though a open door: the web browser context Uses a web interface to manage and send commands (attacks) to the browser zombies 5 Software Security, FCS Iasi, 2013-2014
BeEF Architecture 6 Software Security, FCS Iasi, 2013-2014 [3]
BeEF Features The official page lists 128 modules (exploits) Modular framework, can be easily extended with custom browser exploitation commands Provides RESTFul API that allows to control BeEF throuth HTTp requests (in JSON format) Can be configured to be integrated with Metasploit 7 Software Security, FCS Iasi, 2013-2014
BeEF Commands Modify the target's page html content (all the content, or alter only the hrefs) redirect the victim's browser to an arbitrary site generate dialog boxes/ fake notifications / request missing plugin installation as a context for placing and executing malicious code browser fingerprinting, detect plugins (ActiveX, Java, Flash, etc.) detect valid sessions of applications such as Twitter, Facebook and GMail. 8 Software Security, FCS Iasi, 2013-2014
Ex 1 - Malicious code injection Fake Notification Bar (e.g. Firefox) Displays a fake notification bar at the top of the screen. If the user clicks the notification they will be prompted to download a malicious Firefox extension (by default). Raw Javascript Sends the code to the selected hooked browsers where it will be executed. Code is run inside an anonymous function and the return value is passed to the framework. Multiline scripts are allowed, no special encoding is required. 9 Software Security, FCS Iasi, 2013-2014
Ex 2 - Web page defacement Replace content (Deface webpage) Overwrite the page, title and shortcut icon on the hooked page. Replace HREFs Rewrite all the href attributes of all matched links. TabNabbing This module redirects to the specified URL after the tab has been inactive for a specified amount of time. 10 Software Security, FCS Iasi, 2013-2014
Ex 3 - Keystroke Logging iFrame Event Logger Creates a 100% by 100% iFrame overlay with event logging. Fake LastPass Displays a fake LastPass user dialog which will log all the user's key strokes. 11 Software Security, FCS Iasi, 2013-2014
Ex 4 – Exporing the network Detect Social Networks This module will detect if the Hooked Browser is currently authenticated to GMail, Facebook and Twitter. (specify detection timeout) Network / Port Scanner Scan ports in a given hostname, using WebSockets, CORS and img tags. It uses the three methods to avoid blocked ports or Same Origin Policy. 12 Software Security, FCS Iasi, 2013-2014
Ex 5 – Browser fingerprinting Spider Eye Creates a snapshot of the victim's window Detect Firebug Detect Silverlight Detect Windows Media Player Detect ActiveX Detect toolbars Etc.. 13 Software Security, FCS Iasi, 2013-2014
Metasploit / w3af / BeEF Metasploit w3af BeEF Language Perl → Ruby Python Ruby Supported OS cross-platform cross-platform cross-platform Pen-testing target network Web applications browser $ Open source + paid Open source Open source Firewall 14 Software Security, FCS Iasi, 2013-2014
Bibliography [1] BeEF project main page: http://beefproject.com/ [2] BeEF project Github page: https://github.com/beefproject/beef [3] BeEF achitecture diagram: https://github.com/beefproject/beef/wiki/Architecture

Recommended

Advanced Client Side Exploitation Using BeEF
Advanced Client Side Exploitation Using BeEFAdvanced Client Side Exploitation Using BeEF
Advanced Client Side Exploitation Using BeEF1N3
 
Unrestricted file upload CWE-434 - Adam Nurudini (ISACA)
Unrestricted file upload CWE-434 - Adam Nurudini (ISACA)Unrestricted file upload CWE-434 - Adam Nurudini (ISACA)
Unrestricted file upload CWE-434 - Adam Nurudini (ISACA)Adam Nurudini
 
Burp suite
Burp suiteBurp suite
Burp suiteSOURABH DESHMUKH
 
Burp Suite Starter
Burp Suite StarterBurp Suite Starter
Burp Suite StarterFadi Abdulwahab
 
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)Marco Balduzzi
 
Burp suite
Burp suiteBurp suite
Burp suitehamdi_sevben
 
Pentesting Using Burp Suite
Pentesting Using Burp SuitePentesting Using Burp Suite
Pentesting Using Burp Suitejasonhaddix
 
Linux and firewall
Linux and firewallLinux and firewall
Linux and firewallMhmud Khraibene
 

Recommended

Advanced Client Side Exploitation Using BeEF
Advanced Client Side Exploitation Using BeEFAdvanced Client Side Exploitation Using BeEF
Advanced Client Side Exploitation Using BeEF1N3
 
Unrestricted file upload CWE-434 - Adam Nurudini (ISACA)
Unrestricted file upload CWE-434 - Adam Nurudini (ISACA)Unrestricted file upload CWE-434 - Adam Nurudini (ISACA)
Unrestricted file upload CWE-434 - Adam Nurudini (ISACA)Adam Nurudini
 
Burp suite
Burp suiteBurp suite
Burp suiteSOURABH DESHMUKH
 
Burp Suite Starter
Burp Suite StarterBurp Suite Starter
Burp Suite StarterFadi Abdulwahab
 
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)Marco Balduzzi
 
Burp suite
Burp suiteBurp suite
Burp suitehamdi_sevben
 
Pentesting Using Burp Suite
Pentesting Using Burp SuitePentesting Using Burp Suite
Pentesting Using Burp Suitejasonhaddix
 
Linux and firewall
Linux and firewallLinux and firewall
Linux and firewallMhmud Khraibene
 
Dive in burpsuite
Dive in burpsuiteDive in burpsuite
Dive in burpsuiteNadim Kadiwala
 
Zed Attack Proxy (ZAP)
Zed Attack Proxy (ZAP)Zed Attack Proxy (ZAP)
Zed Attack Proxy (ZAP)JAINAM KAPADIYA
 
Ssrf
SsrfSsrf
SsrfIlan Mindel
 
Attacking thru HTTP Host header
Attacking thru HTTP Host headerAttacking thru HTTP Host header
Attacking thru HTTP Host headerSergey Belov
 
Proxy servers
Proxy serversProxy servers
Proxy serversKumar
 
Owasp Top 10 A1: Injection
Owasp Top 10 A1: InjectionOwasp Top 10 A1: Injection
Owasp Top 10 A1: InjectionMichael Hendrickx
 
SSRF For Bug Bounties
SSRF For Bug BountiesSSRF For Bug Bounties
SSRF For Bug BountiesOWASP Nagpur
 
Finding Bugs FASTER with Fuzzing
Finding Bugs FASTER with FuzzingFinding Bugs FASTER with Fuzzing
Finding Bugs FASTER with FuzzingAlper Başaran
 
Progressive Web Apps
Progressive Web AppsProgressive Web Apps
Progressive Web AppsSoftware Infrastructure
 
OWASP Serbia - A6 security misconfiguration
OWASP Serbia - A6 security misconfigurationOWASP Serbia - A6 security misconfiguration
OWASP Serbia - A6 security misconfigurationNikola Milosevic
 
Penetration testing web application web application (in) security
Penetration testing web application web application (in) securityPenetration testing web application web application (in) security
Penetration testing web application web application (in) securityNahidul Kibria
 
Introduction to Tor
Introduction to TorIntroduction to Tor
Introduction to TorJaskaran Narula
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationshipn|u - The Open Security Community
 
Hack like a pro with burp suite - nullhyd
Hack like a pro with burp suite - nullhydHack like a pro with burp suite - nullhyd
Hack like a pro with burp suite - nullhydn|u - The Open Security Community
 
Security monitoring and auditing
Security monitoring and auditingSecurity monitoring and auditing
Security monitoring and auditingbalamurugan.k Kalibalamurugan
 
Security in NodeJS applications
Security in NodeJS applicationsSecurity in NodeJS applications
Security in NodeJS applicationsDaniel Garcia (a.k.a cr0hn)
 
Port scanning
Port scanningPort scanning
Port scanningHemanth Pasumarthi
 
Web Application Penetration Tests - Information Gathering Stage
Web Application Penetration Tests - Information Gathering StageWeb Application Penetration Tests - Information Gathering Stage
Web Application Penetration Tests - Information Gathering StageNetsparker
 
Injecting Security into vulnerable web apps at Runtime
Injecting Security into vulnerable web apps at RuntimeInjecting Security into vulnerable web apps at Runtime
Injecting Security into vulnerable web apps at RuntimeAjin Abraham
 
Cache poisoning
Cache poisoningCache poisoning
Cache poisoningAlexandraLacatus
 
Beef
BeefBeef
BeefManah Chhabra
 
Man02 10 tab napping
Man02 10 tab nappingMan02 10 tab napping
Man02 10 tab nappingXIMO GOMIS
 

More Related Content

What's hot

Attacking thru HTTP Host header
Attacking thru HTTP Host headerAttacking thru HTTP Host header
Attacking thru HTTP Host headerSergey Belov
 
Proxy servers
Proxy serversProxy servers
Proxy serversKumar
 
SSRF For Bug Bounties
SSRF For Bug BountiesSSRF For Bug Bounties
SSRF For Bug BountiesOWASP Nagpur
 
Finding Bugs FASTER with Fuzzing
Finding Bugs FASTER with FuzzingFinding Bugs FASTER with Fuzzing
Finding Bugs FASTER with FuzzingAlper Başaran
 
OWASP Serbia - A6 security misconfiguration
OWASP Serbia - A6 security misconfigurationOWASP Serbia - A6 security misconfiguration
OWASP Serbia - A6 security misconfigurationNikola Milosevic
 
Penetration testing web application web application (in) security
Penetration testing web application web application (in) securityPenetration testing web application web application (in) security
Penetration testing web application web application (in) securityNahidul Kibria
 
Web Application Penetration Tests - Information Gathering Stage
Web Application Penetration Tests - Information Gathering StageWeb Application Penetration Tests - Information Gathering Stage
Web Application Penetration Tests - Information Gathering StageNetsparker
 
Injecting Security into vulnerable web apps at Runtime
Injecting Security into vulnerable web apps at RuntimeInjecting Security into vulnerable web apps at Runtime
Injecting Security into vulnerable web apps at RuntimeAjin Abraham
 

What's hot (20)

Dive in burpsuite
Dive in burpsuiteDive in burpsuite
Dive in burpsuite
 
Zed Attack Proxy (ZAP)
Zed Attack Proxy (ZAP)Zed Attack Proxy (ZAP)
Zed Attack Proxy (ZAP)
 
Ssrf
SsrfSsrf
Ssrf
 
Attacking thru HTTP Host header
Attacking thru HTTP Host headerAttacking thru HTTP Host header
Attacking thru HTTP Host header
 
Proxy servers
Proxy serversProxy servers
Proxy servers
 
Owasp Top 10 A1: Injection
Owasp Top 10 A1: InjectionOwasp Top 10 A1: Injection
Owasp Top 10 A1: Injection
 
SSRF For Bug Bounties
SSRF For Bug BountiesSSRF For Bug Bounties
SSRF For Bug Bounties
 
Finding Bugs FASTER with Fuzzing
Finding Bugs FASTER with FuzzingFinding Bugs FASTER with Fuzzing
Finding Bugs FASTER with Fuzzing
 
Progressive Web Apps
Progressive Web AppsProgressive Web Apps
Progressive Web Apps
 
OWASP Serbia - A6 security misconfiguration
OWASP Serbia - A6 security misconfigurationOWASP Serbia - A6 security misconfiguration
OWASP Serbia - A6 security misconfiguration
 
Penetration testing web application web application (in) security
Penetration testing web application web application (in) securityPenetration testing web application web application (in) security
Penetration testing web application web application (in) security
 
Introduction to Tor
Introduction to TorIntroduction to Tor
Introduction to Tor
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Hack like a pro with burp suite - nullhyd
Hack like a pro with burp suite - nullhydHack like a pro with burp suite - nullhyd
Hack like a pro with burp suite - nullhyd
 
Security monitoring and auditing
Security monitoring and auditingSecurity monitoring and auditing
Security monitoring and auditing
 
Security in NodeJS applications
Security in NodeJS applicationsSecurity in NodeJS applications
Security in NodeJS applications
 
Port scanning
Port scanningPort scanning
Port scanning
 
Web Application Penetration Tests - Information Gathering Stage
Web Application Penetration Tests - Information Gathering StageWeb Application Penetration Tests - Information Gathering Stage
Web Application Penetration Tests - Information Gathering Stage
 
Injecting Security into vulnerable web apps at Runtime
Injecting Security into vulnerable web apps at RuntimeInjecting Security into vulnerable web apps at Runtime
Injecting Security into vulnerable web apps at Runtime
 
Cache poisoning
Cache poisoningCache poisoning
Cache poisoning
 

Viewers also liked

Man02 10 tab napping
Man02 10 tab nappingMan02 10 tab napping
Man02 10 tab nappingXIMO GOMIS
 
Carcass grading
Carcass gradingCarcass grading
Carcass gradingDr Neo
 
Carcass Grade
Carcass GradeCarcass Grade
Carcass GradeRizza Muh
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldAvishek Datta
 
Man-In-The-Browser attacks
Man-In-The-Browser attacksMan-In-The-Browser attacks
Man-In-The-Browser attacksMário Almeida
 
Classification of fruits
Classification of fruitsClassification of fruits
Classification of fruitsLucia Martinez
 
Fruits: Parts and Classification
Fruits: Parts and ClassificationFruits: Parts and Classification
Fruits: Parts and ClassificationAlyssaBumanglag
 

Viewers also liked (13)

Beef
BeefBeef
Beef
 
Man02 10 tab napping
Man02 10 tab nappingMan02 10 tab napping
Man02 10 tab napping
 
Carcass grading
Carcass gradingCarcass grading
Carcass grading
 
Carcass Grade
Carcass GradeCarcass Grade
Carcass Grade
 
Beef Lecture
Beef LectureBeef Lecture
Beef Lecture
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark World
 
Man-In-The-Browser attacks
Man-In-The-Browser attacksMan-In-The-Browser attacks
Man-In-The-Browser attacks
 
Types of fruits
Types of fruitsTypes of fruits
Types of fruits
 
Fruits
FruitsFruits
Fruits
 
Classification of fruits
Classification of fruitsClassification of fruits
Classification of fruits
 
FRUITS
FRUITS FRUITS
FRUITS
 
Types Of Fruits
Types Of FruitsTypes Of Fruits
Types Of Fruits
 
Fruits: Parts and Classification
Fruits: Parts and ClassificationFruits: Parts and Classification
Fruits: Parts and Classification
 

Similar to BeEF

Hacking The World With Flash
Hacking The World With FlashHacking The World With Flash
Hacking The World With Flashjoepangus
 
Abusing Exploiting and Pwning with Firefox Addons
Abusing Exploiting and Pwning with Firefox AddonsAbusing Exploiting and Pwning with Firefox Addons
Abusing Exploiting and Pwning with Firefox AddonsAjin Abraham
 
AbusingExploitingAndPWN-ingWithFirefoxAdd-Ons
AbusingExploitingAndPWN-ingWithFirefoxAdd-OnsAbusingExploitingAndPWN-ingWithFirefoxAdd-Ons
AbusingExploitingAndPWN-ingWithFirefoxAdd-Onsachettih
 
Web application penetration testing lab setup guide
Web application penetration testing lab setup guideWeb application penetration testing lab setup guide
Web application penetration testing lab setup guideSudhanshu Chauhan
 
Be ef presentation-securitybyte2011-michele_orru
Be ef presentation-securitybyte2011-michele_orruBe ef presentation-securitybyte2011-michele_orru
Be ef presentation-securitybyte2011-michele_orruMichele Orru
 
Become fully aware of the potential dangers of ActiveX attacks
Become fully aware of the potential dangers of ActiveX attacksBecome fully aware of the potential dangers of ActiveX attacks
Become fully aware of the potential dangers of ActiveX attacksHigh-Tech Bridge SA (HTBridge)
 
Bshield osdi2006
Bshield osdi2006Bshield osdi2006
Bshield osdi2006losalamos
 
Window Shopping Browser - Bug Hunting in 2012
Window Shopping Browser - Bug Hunting in 2012Window Shopping Browser - Bug Hunting in 2012
Window Shopping Browser - Bug Hunting in 2012Roberto Suggi Liverani
 
Français Patch Tuesday – Novembre
Français Patch Tuesday – NovembreFrançais Patch Tuesday – Novembre
Français Patch Tuesday – NovembreIvanti
 
Phonegap android angualr material design
Phonegap android angualr material designPhonegap android angualr material design
Phonegap android angualr material designSrinadh Kanugala
 
Patch Tuesday Italia Novembre
Patch Tuesday Italia NovembrePatch Tuesday Italia Novembre
Patch Tuesday Italia NovembreIvanti
 
Abusing, Exploiting and Pwning with Firefox Add-ons
Abusing, Exploiting and Pwning with Firefox Add-onsAbusing, Exploiting and Pwning with Firefox Add-ons
Abusing, Exploiting and Pwning with Firefox Add-onsAjin Abraham
 
Web application framework
Web application frameworkWeb application framework
Web application frameworkPankaj Chand
 
Trabajo de jose
Trabajo de jose Trabajo de jose
Trabajo de jose josemgg
 
Rethinking-Security-of-Web-Based-System-Apps
Rethinking-Security-of-Web-Based-System-AppsRethinking-Security-of-Web-Based-System-Apps
Rethinking-Security-of-Web-Based-System-AppsMartin Georgiev
 
Cq3210191021
Cq3210191021Cq3210191021
Cq3210191021IJMER
 

Similar to BeEF (20)

Hacking The World With Flash
Hacking The World With FlashHacking The World With Flash
Hacking The World With Flash
 
Abusing Exploiting and Pwning with Firefox Addons
Abusing Exploiting and Pwning with Firefox AddonsAbusing Exploiting and Pwning with Firefox Addons
Abusing Exploiting and Pwning with Firefox Addons
 
AbusingExploitingAndPWN-ingWithFirefoxAdd-Ons
AbusingExploitingAndPWN-ingWithFirefoxAdd-OnsAbusingExploitingAndPWN-ingWithFirefoxAdd-Ons
AbusingExploitingAndPWN-ingWithFirefoxAdd-Ons
 
Cisco WebEx vulnerability: it’s a kind of magic
Cisco WebEx vulnerability: it’s a kind of magicCisco WebEx vulnerability: it’s a kind of magic
Cisco WebEx vulnerability: it’s a kind of magic
 
Web application penetration testing lab setup guide
Web application penetration testing lab setup guideWeb application penetration testing lab setup guide
Web application penetration testing lab setup guide
 
Be ef presentation-securitybyte2011-michele_orru
Be ef presentation-securitybyte2011-michele_orruBe ef presentation-securitybyte2011-michele_orru
Be ef presentation-securitybyte2011-michele_orru
 
Become fully aware of the potential dangers of ActiveX attacks
Become fully aware of the potential dangers of ActiveX attacksBecome fully aware of the potential dangers of ActiveX attacks
Become fully aware of the potential dangers of ActiveX attacks
 
Bshield osdi2006
Bshield osdi2006Bshield osdi2006
Bshield osdi2006
 
Window Shopping Browser - Bug Hunting in 2012
Window Shopping Browser - Bug Hunting in 2012Window Shopping Browser - Bug Hunting in 2012
Window Shopping Browser - Bug Hunting in 2012
 
News bytes Oct-2011
News bytes Oct-2011News bytes Oct-2011
News bytes Oct-2011
 
Français Patch Tuesday – Novembre
Français Patch Tuesday – NovembreFrançais Patch Tuesday – Novembre
Français Patch Tuesday – Novembre
 
Phonegap android angualr material design
Phonegap android angualr material designPhonegap android angualr material design
Phonegap android angualr material design
 
Patch Tuesday Italia Novembre
Patch Tuesday Italia NovembrePatch Tuesday Italia Novembre
Patch Tuesday Italia Novembre
 
Abusing, Exploiting and Pwning with Firefox Add-ons
Abusing, Exploiting and Pwning with Firefox Add-onsAbusing, Exploiting and Pwning with Firefox Add-ons
Abusing, Exploiting and Pwning with Firefox Add-ons
 
Web application framework
Web application frameworkWeb application framework
Web application framework
 
Project Presentation
Project Presentation Project Presentation
Project Presentation
 
Trabajo de jose
Trabajo de jose Trabajo de jose
Trabajo de jose
 
Rethinking-Security-of-Web-Based-System-Apps
Rethinking-Security-of-Web-Based-System-AppsRethinking-Security-of-Web-Based-System-Apps
Rethinking-Security-of-Web-Based-System-Apps
 
Cq3210191021
Cq3210191021Cq3210191021
Cq3210191021
 
Cyber ppt
Cyber pptCyber ppt
Cyber ppt
 

Recently uploaded

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Recently uploaded (20)

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

BeEF

  • 1. BeEF The Browser Exploitation Framework alexandra.lacatus@info.uaic.ro FCS Iasi, Software Security
  • 2. Overview What is BeEF Installation and requirements How it works Case studies & examples Advantages 2 Software Security, FCS Iasi, 2013-2014
  • 3. What is BeEF? http://beefproject.com/ open-source penetration testing tool used to test and exploit web application and browser-based vunerabilities. Main developer: Wade Alcorn, security expert Last stable release: 0.4.4.7 / August 2013 3 Software Security, FCS Iasi, 2013-2014
  • 4. Installation and requirements OSX 10.5.0 or higher, Modern Linux, Windows XP or higher Ruby 1.9.2 RVM or higher SQLite 3.x A list of ruby gems [...] 4 Software Security, FCS Iasi, 2013-2014
  • 5. How it works BeEF uses a javascript file hook.js that will hook one or more browsers and will use them for launching directed command modules and further attacks against the system though a open door: the web browser context Uses a web interface to manage and send commands (attacks) to the browser zombies 5 Software Security, FCS Iasi, 2013-2014
  • 6. BeEF Architecture 6 Software Security, FCS Iasi, 2013-2014 [3]
  • 7. BeEF Features The official page lists 128 modules (exploits) Modular framework, can be easily extended with custom browser exploitation commands Provides RESTFul API that allows to control BeEF throuth HTTp requests (in JSON format) Can be configured to be integrated with Metasploit 7 Software Security, FCS Iasi, 2013-2014
  • 8. BeEF Commands Modify the target's page html content (all the content, or alter only the hrefs) redirect the victim's browser to an arbitrary site generate dialog boxes/ fake notifications / request missing plugin installation as a context for placing and executing malicious code browser fingerprinting, detect plugins (ActiveX, Java, Flash, etc.) detect valid sessions of applications such as Twitter, Facebook and GMail. 8 Software Security, FCS Iasi, 2013-2014
  • 9. Ex 1 - Malicious code injection Fake Notification Bar (e.g. Firefox) Displays a fake notification bar at the top of the screen. If the user clicks the notification they will be prompted to download a malicious Firefox extension (by default). Raw Javascript Sends the code to the selected hooked browsers where it will be executed. Code is run inside an anonymous function and the return value is passed to the framework. Multiline scripts are allowed, no special encoding is required. 9 Software Security, FCS Iasi, 2013-2014
  • 10. Ex 2 - Web page defacement Replace content (Deface webpage) Overwrite the page, title and shortcut icon on the hooked page. Replace HREFs Rewrite all the href attributes of all matched links. TabNabbing This module redirects to the specified URL after the tab has been inactive for a specified amount of time. 10 Software Security, FCS Iasi, 2013-2014
  • 11. Ex 3 - Keystroke Logging iFrame Event Logger Creates a 100% by 100% iFrame overlay with event logging. Fake LastPass Displays a fake LastPass user dialog which will log all the user's key strokes. 11 Software Security, FCS Iasi, 2013-2014
  • 12. Ex 4 – Exporing the network Detect Social Networks This module will detect if the Hooked Browser is currently authenticated to GMail, Facebook and Twitter. (specify detection timeout) Network / Port Scanner Scan ports in a given hostname, using WebSockets, CORS and img tags. It uses the three methods to avoid blocked ports or Same Origin Policy. 12 Software Security, FCS Iasi, 2013-2014
  • 13. Ex 5 – Browser fingerprinting Spider Eye Creates a snapshot of the victim's window Detect Firebug Detect Silverlight Detect Windows Media Player Detect ActiveX Detect toolbars Etc.. 13 Software Security, FCS Iasi, 2013-2014
  • 14. Metasploit / w3af / BeEF Metasploit w3af BeEF Language Perl → Ruby Python Ruby Supported OS cross-platform cross-platform cross-platform Pen-testing target network Web applications browser $ Open source + paid Open source Open source Firewall 14 Software Security, FCS Iasi, 2013-2014
  • 15. Bibliography [1] BeEF project main page: http://beefproject.com/ [2] BeEF project Github page: https://github.com/beefproject/beef [3] BeEF achitecture diagram: https://github.com/beefproject/beef/wiki/Architecture