Beginner

How To Configure BeEF On Ubuntu 20.04 LTS

How To Configure BeEF On Ubuntu 20.04 LTS

Learn how to install and Configure BeEF On Ubuntu 20.04 LTS. BeEF, the Browser Exploitation Framework is a powerful penetration testing tool that focuses on the web browser. To use this tool, buy your own Linux VPS and enjoy VPS Hosting with Bitcoin and Instant Setup in Eldernode. The main effect of this utility is when it allows a professional penetration tester access to the actual security posture of a target environment by using client-side attack vectors.

Tutorial Configure BeEF On Ubuntu 20.04 LTS

Join with this article to see the way of BeEF configuration. It is possible to customize the settings.

What Are The BeEF Extensions and Features:

  1. Web UI
  2. Console UI
  3. Metasploit Integration
  4. XSSRays
  5. Modular structure
  6. BeEF JavaScript Object
  7. Support for CSRF
  8. Steal session information
Recommended Article: How to Setup OpenVPN On Windows Server 2019

What Are The BeEF Module Features?

The BeEF program connects one or more web browsers to the program to launch direct command modules. Each browser is likely to be on a different security platform, and each context may offer a unique set of attack vectors. This framework allows the penetration tester to select specific modules (in real-time). Here are some of its Module Features:

  1. 1- Interprocess communications and exploitation
  2. 2- History gathering and intelligence
  3. 3- Network recon
  4. 4- Host information gathering
  5. 5- Browser plugin detection
  6. 6- Persistence
  7. 7- Exploit
Recommended Article: How to install Armitage on Debian 10

How to Install and Configure BeEF On Ubuntu 20.04

Since BeEF is installed By default in Kali distribution, it has settings that will work properly for you without any case. The Beef program is ready to use by default on Kali Linux and BackTrack.

 

Application browser view

 

But if for any particular reason you want to change the BeEF configuration settings, first, change credentials for the Web UI. Old default credentials:

credentials:  username=beef  passwd=beef

In case you do not change the password, a new random password would be generated by BeEF and you can view this in the terminal when you start the framework.

BeEF is located in the /usr/share/beef-xss/ directory and it is not integrated with the Metasploit framework. Have a look at the following steps to integrate BeEF.

Step 1: To be able to read the following, you need to edit the main configuration file located at /usr/share/beef-xss/config.yaml

metasploit:   enable:true

Step 2: Next, you need to edit the lines of the host, callback_host, and os ‘custom’, path to include your IP address and the location for the Metasploit framework. Also, edit the file located at /usr/share/beef-xss/extensions/metasploit/config.yml

Step 3: And finally it is time to start sfconsole, and load the msgrpc module

Recommended Article: Tutorial Setup private DNS server on centos 8/7

How To Solve ERROR: invalid username or password

By default, log in and passwords are beef/beef, but once you faced the message of ERROR: invalid username or password, it means that credentials may not work. So, you can edit the /opt/beef/config.yaml configuration file to change the password.

 

How To Update BeEF

While you are using BeEF from the Github repository, you can update it easily by running the following commands:

cd beef
git pull
vim Gemfile

 

Conclusion

In this article, you learned How To Configure BeEF On Ubuntu 20.04 LTS. Use this powerful tool to test your system security and prevent cyberattacks. In case you are interested to learn more, read our article on How to install Armitage on Debian 10.

We Are Waiting for your valuable comments and you can be sure that it will be answered in the shortest possible time.
  • darrin Morf
    darrin Morf
    10 months ago

    Is the version of 2.5 necessary? My system does not support it.

    Reply
    • Richard
      Richard
      10 months ago

      Yes it supports ruby 2.5 or higher, but to fix your issue, you can add the bright box PPA repository to get the latest version of Ruby by running the command below:
      sudo apt-add-repository -y ppa:brightbox/ruby-ng

      Reply
  • Trwy Grove
    Trwy Grove
    10 months ago

    How can BeEF be harmful?

    Reply
    • Richard
      Richard
      10 months ago

      While you are using BeEF in Linux environment it is not harmful. But using in windows based Linux emulator needs to uninstall the antivirus that cause to be harmfull.

      Reply
  • Happy Boyd
    Happy Boyd
    10 months ago

    How to start using BeEF?

    Reply
    • Richard
      Richard
      10 months ago

      Follow the below path to use BeEF:
      Go to the directory > Run the BeEF > Open a browser to open the link > Modify the configuration file to change the host IP to the IP of your physical machine

      Reply
  • Jess Howard
    Jess Howard
    10 months ago

    Does BeEF install ruby by default? I faced an issue with xmlrpc client.

    Reply
    • Richard
      Richard
      10 months ago

      Yes it is. To solve this problem BeEF should know that it needs this Gem. The modified file is:
      rm Gemfile.lock
      And also you can remove the lock file, run the following command and press Y to remove it.
      sudo nano Gemfile

      Reply
  • Duck Giossi
    Duck Giossi
    10 months ago

    Thank you. How should we connect to the browser which is running the script?

    Reply
    • Richard
      Richard
      10 months ago

      First, you need to check if you are log in to the BeEF user interface or not.
      The URL may have been given to you while starting, it could be as below:
      http://127.0.0.1:3000/ui/panel

      Reply

Leave Your Comment

Your email address will not be published.

We are by your side every step of the way

Think about developing your online business; We will protect it compassionately

We are by your side every step of the way

+18054214518

7 days a week, 24 hours a day