配置beef和metasploit(包含安装Beef过程)
转自:http://hi.baidu.com/unixshell/item/2b57af1112ec9df9746a8430
配置beef和metasploit(包含安装Beef过程)
系统环境:
BackTrack 5 R1
软件版本:
Beef 0.4.3.6-alpha
metasploit v4.4.0-dev svn r15552
一、前言
之前对于BeEF毫无了解,好奇心驱使下便按部就班研究一下,虽然中途问题多多,但是最后还算成功,收获不少
二、安装BeEF
按照文章上所指,先删除BT5上面自带的版本稍旧的BeEF
rm -rf /pentest/web/beef-ng
然后通过Git clone最新的BeEF代码
git clone https://github.com/beefproject/beef
这样beef的代码已经拷贝到 /pentest/web/beef 下
然后就开始安装
cd /pentest/web/beef
gedit INSTALL.txt
查看安装文档,只看第一步和第三步
1. Prerequisites (platform independent)
BeEF requires ruby 1.9 and the "bundler" gem. Bundler can be installed by:
gem install bundler
3. Prerequisites (Linux)
!!! This must be done PRIOR to running the bundle install command !!!
On linux you will need to find the packages specific to your distribution for sqlite. An example for Ubuntu systems is:
3.0. sudo apt-get install libsqlite3-dev sqlite3 sqlite3-doc
3.1. install rvm from rvm.beginrescueend.com, this takes care of the various incompatable and conflicting ruby packages that are required
3.2. rvm install 1.9.2
3.3. rvm use 1.9.2
BT5自带的Ruby,所以我们只需要下面几步
apt-get install libsqlite3-dev sqlite3 sqlite3-doc
gem install bundler
bundle install
然后尝试运行beef
./beef
发现报如下错误
/root/beef/core/loader.rb:18:in `require': no such file to load -- bundler/setup (LoadError)
from /root/beef/core/loader.rb:18:in `<top (required)>'
from ./beef:42:in `require'
from ./beef:42:in `<main>'
然后成功运行beef
./beef
三、BeEF与metasploit的配合使用
这时候你会发现,启动过程没有出现metasploit加载的信息。于是需要先关闭BeEF,进去metasploit主目录。
cd /opt/framework/msf3/
load msgrpc ServerHost=127.0.0.1 Pass=abc123
(这个密码牵扯众多地方,貌似改了影响太大,所以还是用默认的)
/pentest/web/beef/extensions/metasploit/config.yaml
./msfconsole -r beef.rc
可以看到成功加载上面的beef模块
[*] MSGRPC Service: 127.0.0.1:55552
[*] MSGRPC Username: msf
[*] MSGRPC Password: abc123
[*] Successfully loaded plugin: msgrpc
这时候去运行beef ,就能够看到metasploit的攻击加载过程。