BeEF

621 views
542 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
621
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

BeEF

  1. 1. BeEFBrowser Exploitation Framework
  2. 2. BeEF Browser exploitation framework Offerspractical client sideattack vectors(focusesonbrowser vulnerabilities) containsvariouscommand modules(current modulesincludeport scanning, TOR detection)
  3. 3. BeEF Advantages+ demonstratestheimpact of browser and CrossSiteScripting in real time+ professional and simpleuser interface+ implemented in Ruby so it will run on most OperatingSystems+ simpleAPI that facilitatesquick development of custommodulesby theuser+ allowscomplex scenarioscombined with other securitytools
  4. 4. How it works hooksoneor moreweb browsersasbeachheadsfor thelaunching of directed command modulesin real-time. each browser islikely to bewithin adifferent securitycontext (additional vectorsthat can beexploited bysecurity professionals) most command modulesconsist of Javascript codethatisexecuted against theselected Hooked Browser
  5. 5. Installing On any OSrequiresRuby 1.9, bundler gem and sqliteto beinstalled Download BeEF from SVN Run command ruby install Start with command ruby beef Go to theUI panel addressand login
  6. 6. Test installation Makeapagefrom awebserver call thescript hook.jsto hook that pageandbrowser to beef Run commands<html><head><title> Connected to beef</title></head><body><script src = “http://127.0.0.1:3000/hook.js”/><p>Welcome to our page!</p></body></html>
  7. 7. Case Studies Theuser of BeEF will control which browser willlaunch which command moduleand at which target.
  8. 8. 1. Browser scenario Fingerprint browser (typeand version without usingjavascript objectsthat can bemodified) Extract datafrom HTML5 localStorageandsessionStorage Rewritehref to usehttp instead of https Send alertsand dialog windows Redirect thebrowser to given address Overwritethebody of thepage Replacevideos Get visited links
  9. 9. 2. Host data Get system info likenumber of processors, maximummemory, freememory, total memory, javaversion
  10. 10. 3. Detect social networks Command result showsif user isauthenticated onGmail, Facebook, Twitter
  11. 11. 4. XSS Rays & Requester TheXssRaystab allowstheuser to check if links,formsand URI path of thepage(wherethebrowser ishooked) isvulnerableto XSS.
  12. 12. 5. Tunneling proxy right-click ahooked browser to useasproxy each request sent through theProxy isrecorded in theHistory panel in theRequester tab click ahistory item to view theHTTPheadersandHTML sourceof theHTTPresponse.
  13. 13. References: Beef install tutorial (https://code.google.com/p/beef/wiki/WindowsInstall ) ProveIE6 wrong (http://www.liquidmatrix.org/blog/2011/07/08/wheres-the-beef/ ) Makeskypecall on Iphoneusing BeEF (http://www.youtube.com/watch?v=XCLaWtYAKmE )
  14. 14. Thank you!Anca Roscananca.roscan@gmail.com@ivmartie

×