Ethical Hacking - GAINING ACCESS(22)

CLIENT SIDE ATTACKS - BeEf Framework

Browser Exploitation Framework allowing us to launch a number of attacks on a hooked target.

  • Targets are hooked once they load a hook URL.
  • DNS spoof requests to a page containing the hook.
  • Inject the hook in browsed pages(need to be MITM)
  • Use XSS exploit.
  • Social engineer the target to open a hook page.

Start the BeEf framework.

 

 Modify the index.html file.

 

 Browse http://10.0.0.13 from the victim machine.

 

 Then you can find the Online Browses in the BeEF Control Panel immediately.

 

posted @ 2020-02-05 13:06  晨风_Eric  阅读(113)  评论(0编辑  收藏  举报