Hello everyone and welcome back ! Today we are taking a look at an amazing MITB tool called BEEF XSS !! This tool works by “hooking” the victim in order to take control and execute commands that you wish to execute. If you dont have this tool just simply run (on OSes that use apt package manager like debian-based ones) : sudo apt-get install beef-xss.
When we start our BeefXSS we have to navigate to our panel hosted on localhost – there you can log in (the credentials are set up on the first run).
Victims can be hooked by executing a JavaScript code pre-made by BEEF XSS in a file called Hook.js.
This file can be executed when a victim enters a site on your server or it can be injected (for example with Bettercap – which we will mention later). Beef XSS has a BUNCH of possibilities and commands after the browser is hooked – in the video we will be taking a look at commands mostly – since talking about using victims as proxies and xssRays seems a bit more advanced (or at least wont fit in a 30min video).
In the video we mention how things work and get introduced to setting things up with beef – first the test environment and later the real environment plus bettercap’s MITM to get a bunch of hooked victims. We talk about a lot of different commands and mention the most interesting ones (for examples the ones at social engineering folder).
Then we stop our apache2 server and fire up bettercap – on it we turn on SSLStrip, ARPspoof and most important: http.proxy’s inject JS scripts option where we inject our hook into every HTTP website – be it HTTPS converted to HTTP over sslstrip (or hstshijack) and then hooked or regular HTTP websites.
I also show in the video things like how to delete logs, what issues you might face and explain better how everything works.
Video on my youtube channel – timestamps:
2:32 – Setting up the test environment with our Apache2 server
3:17 – Cloning websites – Quick howTo
4:10 – modifying our website a bit
5:12 – How the Beef script for getting victims hooked is set up
5:25 – First hooked machine, on site entering
5:46 – Deleting the previous stuff – database file
6:03 – Explaining the interface further and trying out some commands
8:22 – Getting the values from Forms (email pass)
9:02 – More commands in Browser tab
9:24 – Replace all HREFs and why they dont work
10:00 – More commands in Browser tab
10:08 – Creating an Alert dialog
10:28 – Creating a Prompt dialog
11:15 – Redirecting the browser
11:33 – More commands in Browser tab
12:34 – Asking for webcam permission & similar
13:05 – More commands in Browser tab
13:29 – ChromeExtensions and Debug tabs
13:49 – Exploits tab
14:45 – Hosts tab
14:53 – Getting victim’s Geo Location
16:03 – Metasploit extension (autopwn)
16:14 – Misc tab
16:20 – Executing Raw Javascript
17:14 – Network Tab (Tor & social networks login status detection)
17:35 – Persistence tab (Confirm close tab & MITB)
18:09 – PhoneGap
18:14 – Social Engineering Tab
18:22 – Clippy !!
20:30 – Fake flash update
20:50 – Fake notification bar
21:00 – Google Phishing
21:30 – Pretty Theft (FB,YT,Win,IOS,… passwords & logins)
22:04 – Turning apache2 off and bettercap On
22:20 – Settings for bettercap to inject scripts and get most passwords
22:48 – Setting up the script injection
24:12 – H4CKing HTTP sites and having fun with BEEF’s power
25:20 – Turning stuff off
25:47 – Outtro talk
26:10 – Outtro
For more information make sure you watch the video, thank you so much for visiting my website !! Have a nice day and i hope i helped.
