Browser Rider being rolled into BeEF

Events: Submitted by Wade on 06-Feb-10 at 11:44pm

Great news: Browser Rider is being rolled into BeEF!


The avid security researcher will no doubt be aware of the Browser Rider project developed by Benjamin Mosse. It is a framework which boasts some great features:

• Back-end database
• Obfuscation
• Polymorphism

This tool, along with the involvement of Benjamin, will be a significant boost for the BeEF project. There are some big improvements planned for future versions of BeEF. Stay tuned!

BeEF Development Mailing List

Events: Submitted by Wade on 02-Feb-10 at 09:26pm

A new BeEF mailing list has recently been set up. This list will be focused on discussions around BeEF development.

If you would like to get involved in the development or make some suggestions at the code level, subscribe to the development mailing list. Simply send an email to beef-dev-subscribe@bindshell.net.

BeEF PHP Settings

Events: Submitted by Wade on 07-Dec-09 at 06:42pm

PHP in Fedora (Fedora 12 at least) has the short_open_tag turned off by default. In this state it will cause an error if you try to use BeEF. Thanks to Steve 'Ashcrow' Milner for pointing this out.

To fix this try the following change to the /etc/php.ini file:
-short_open_tag = Off
+short_open_tag = On

More BeEF Videos

Events: Submitted by Wade on 20-Sep-09 at 01:55am

Ryan Linn's efforts adding XML-RPC to BeEF and Metasploit allow the closer integration between the two tools. If you saw his presentation at DEFCON, you will already be aware of some of the new modules that have been rolled into the latest version of BeEF. He has put up a post and videos demonstrating his work.

The videos can be found here:

• NTLM Challenge Credential Theft with BeEF and Metasploit
• Executing Browser AutoPWN Through BeEF
• Upgrading BeEF in Samurai WTF

BeEF Videos

Events: Submitted by Wade on 20-Sep-09 at 01:04am

Jabra (who you will know from his input to various modules) has posted some of his BeEF videos from DEFCON and Black Hat. The videos have been available for a little while and if you haven't checked them out, you should.

The videos can be found here:

• MSF Browser Autopwn (M)
• Malicious Java Applet
• Detect Visited URLs
• Detect Virtual Machine
• Detect Software

New Version of BeEF

Events: Submitted by Wade on 18-Sep-09 at 02:24am

I have just released BeEF version 0.4. Get it here while it is hot. This version has more modules and a more flexible framework.

Enhancements in the latest version include:

• Integration with Metasploit via XMLRPC
• Mozilla extension exploitation support
• New browser functionality detection modules
• Tiered logging for module actions and results

Module: Software Detection

Events: Submitted by Wade on 17-Sep-09 at 06:38am

RSnake and Jabra presented at DEFCON on various decloaking methods. One technique demonstrated was employing SMB to enumerate software installed on the target machine.

The BeEF module seen in the demonstration can be downloaded from here.

Module: Get Internal IP Address

Events: Submitted by Wade on 10-Aug-09 at 06:20am

Here is a module (extract to the modules directory) that reveals the internal ip address of the machine running the web browser.

Module: Exploit for vtiger and a general DoS

Events: Submitted by Wade on 16-Jul-09 at 05:38am

Thanks Mark for sending over these two modules. The first will exploit the vtiger upload vulnerability. The other is a general DoS module which demonstrates how easy browsers can be rendered non-responsive.

To install download vtiger_upload.tar.gz and browser_dos_fun.tar.gz. Then extract them to the modules directory and simply refresh your browser.

Module: Redirect Page

Events: Submitted by Wade on 29-Jun-09 at 10:25pm

Here is a simple module that will redirect the zombies' pages to an arbitrary location. The location is set in the module configuration page BeEF - simply enter the URL, select the target zombies and click send.