beEF and metasploit | Bob1Bob2

beEF and Metasploit

Today I will take a note about how to use beef with metasploit

install beef

Although kali includes beef, it still have some issues when I use.

to include latest beef:

git clone https://github.com/beefproject/beef.git

cd beef bundle install

in beef/, change configure file config.yaml

[title manually exploit [alt text]]

change host and callback host value as well ssl as true in beef/extensions/metasploit/config.yaml

[title manually exploit [alt text]]

now start metasploit:

[title manually exploit [alt text]]

start beef:

[title manually exploit [alt text]]

in http://127.0.0.1:3000/ui/authentication

[title manually exploit [alt text]]

login beef

now create index.html:

[title manually exploit [alt text]]

after that, in metasploit, I use MS12-063

[title manually exploit [alt text]]

use IE7 to access malicious index.html. get IE info from beef.

[title manually exploit [alt text]]

Search command redirect and feed its url which is generated in msf

[title manually exploit [alt text]]

get meterpreter:

[title manually exploit [alt text]]

2017-06-26 16:09:40 -0500

beef, metasploit