代码改变世界

Beef搭建并通过Nginx绑定域名

2019-12-11 19:52  狼人:-)  阅读(1447)  评论(0编辑  收藏  举报

Beef和Nginx安装过程这里就不再说明了
相关链接:Beef官方安装教程

https://www.cnblogs.com/linuxws/p/11037314.html

(
如果报错/usr/local/rvm/gems/ruby-2.6.3/gems/execjs-2.7.0/lib/execjs/runtimes.rb:58:in `autodetect': Could not find a JavaScript runtime. See https://github.com/rails/execjs for a list of available runtimes. (ExecJS::RuntimeUnavailable),可以执行:
yum -y install epel-release
yum -y install nodejs
)

1. 修改Beef的config.yaml配置文件

xss连接地址改成要绑定的域名

sudo vim /beef/config.yaml
# HTTP server
http:
    host: "0.0.0.0"      # Beef地址
    port: "3000"         # Beef端口
    public: "example.com"    # xss后门回连地址
    public_port: ""    # xss后门回连端口(默认80)

2. Nginx配置域名并代理到Beef

sudo vim /etc/nginx/nginx.conf
server {
    listen       80 default_server;
    listen       [::]:80 default_server;
    server_name  example.com;       # 绑定域名
    
    # 将Beef代理到 在127.0.0.1:3000上监听的服务
    location / {
        proxy_pass   http://127.0.0.1:3000;
    }
}

3. 检查nginx配置文件并重启

sudo nginx -t
sudo nginx -s reload

4. 启动Beef

./beef

5. 域名解析A记录到公网IP

6.Beef配置https(这一步可以跳过)

这里设置成https以后,nginx也需要配置成https!

sudo vim /beef/config.yaml
# HTTP server
http:
    https:
        enable: true
        key: "/etc/letsencrypt/live/example.com/privkey.pem"
        cert: "/etc/letsencrypt/live/example.com/fullchain.pem"

7. 访问域名,完成!