Summary:
- Hooking Browsers with BeEF (The Browser Exploitation Framework Project) Framework
- Client Exploitation with BeEF Framework
I began this exercise by logging into a root account on a Kali Linux virtual machine and through terminal launched the beef application.
After logging into a BeEF account, I switched to and logged into the OpenSUSE virtual machine and launched Firefox.
Once on the Firefox browser, I entered the local IP address followed by /demos/basic.html in the search bar and nagivated back to the Kali virtual machine.
At this point, a new online browser appears under the “Hooked Browsers” list on the BeEF application. Here you can select the hooked browser and see information such as the Firfox version, platform, and plugins.
Following this, I nagivated back to the OpenSUSE VM and began generating events such as typing into text fields.
Switching back to the Kali VM and refreshing BeEF I was able to view the events that recently occurred.
To begin with client exploitations I moved to the Commands tab within the BeEF framework followed by nagivating to Browser -> Detect Tools -> and running the execute function. This detects which browser tools are installed.
I then moved to Fingerprint Browser (PoC) and executed, the results show that the hooked browser was successfully fingerprinted.
Next, I proceeded to the Social Engineering tab and executed a Fake Notification Bar (Firefox). This resulted in a message that stated the notification was displayed.
To confirm the success, I switched back to the OpenSUSE VM and noticed a notification is present asking to install a plug-in.
Next on the OpenSUSE VM, I redirected myself to a advanced demo page which prompted me to enter a name, phone, address, and credit card number to order an item from the website to simulate a purchase.
Switching back to the Kali VM, I noticed the keystrokes were captured from the hooked browser.
