-
Notifications
You must be signed in to change notification settings - Fork 2.2k
FAQ
BeEF is configured with default placeholder credentials of beef
/ beef
.
However, BeEF will not start if configured with these credentials. The credentials must be changed in the configuration file config.yaml
.
Be sure to read the documentation (and here also), and take care especially of the following points :
- Enable MSF integration by changing
beef.extension.metasploit.enable
to true in BeEF's main config.yaml file. - Ensure you load the msgrpc interface in Metasploit before starting BeEF:
msf > load msgrpc ServerHost=127.0.0.1 Pass=abc123 SSL=y
- Ensure that the IP address supplied to Metasploit with the
ServerHost
parameter is the same IP address as specified inbeef.extension.metasploit.host
- Ensure that the IP address specified in
beef.extension.metasploit.callback_host
is the publicly accessible IP address for victim connections to Metasploit. - Ensure that if
SSL=y
was supplied to Metasploit when starting msgrpc thenbeef.extension.metasploit.ssl
is set totrue
.
Run bundle install
to install missing gems.
cd /path/to/beef
gem install bundler
bundle install
If this doesn't work, try removing the Gemfile.lock file and install gems manually. For example, if you receive the error: An error occurred while installing XXXX (x.x.x), and Bundler cannot continue.
try install the gem manually:
gem install XXXX
Forward the public port (default 3000/tcp) from your border router to the BeEF server (<LAN IP>:3000
).
Check that your network configuration is working correctly by attempting to access the admin panel:
http://<your WAN IP address>:3000/ui/panel
If you cannot access the admin panel, then your network configuration is broken. BeEF does not have access to your router and cannot configure your network for you. You'll need to review your network configuration to ensure the port is forwarded correctly.
Once you've confirmed that port 3000 is accessible remotely, ensure beef.http.public
and beef.http.public_port
are set to the public WAN IP address and public WAN port respectively in config.yaml
.
You must restart BeEF after making changes to the configuration file. These changes to the configuration file are used to generated the BeEF hook JavaScript file. Note that if you leave a hooked page open during configuration, you will need to refresh the hooked page after applying these changes for the browser to fetch the updated hook file.
Additionally, ports 61985/tcp
and 61986/tcp
must also be forwarded if web sockets are enabled for communicating with BeEF. Likewise, some BeEF extensions, such as IPEC and DNS, require additional ports to be forwarded. Review the associated config.yaml
file for each extension and ensure the appropriate ports are forwarded.
Refer to https://github.com/beefproject/beef/wiki/Using-BeEF-With-NGROK
Yes! Simply specify the public domain name and port in beef.http.public.host
and beef.http.public.port
respectively in config.yaml
.
Set the appropriate locale:
export LANG=en_US.UTF-8
export LANGUAGE=en_US.UTF-8
export LC_ALL=en_US.UTF-8
Install NodeJS.
If you're getting the error Your local changes to the following files would be overwritten by merge: Gemfile.lock
it means BeEF's dependencies were recently updated.
To fix, run git checkout Gemfile.lock
, then update BeEF, and finally run bundle install
to install the updated packages.
You get an error executing install script from beef, about gcc9 packages that are not found.
You need at first to follow this steps but be careful, installing gcc9 not 10 https://solarianprogrammer.com/2017/12/08/raspberry-pi-raspbian-install-gcc-compile-cpp-17-programs/
Then, you will need to edit 'install' file and find where is using apt-get to install gcc9 and clear dev and lib packages.
That's all, beef will be on your RPi without problems 👍
Credit @f1se4
- Configuration
- Interface
- Information Gathering
- Social Engineering
- Network Discovery
- Metasploit
- Tunneling
- XSS Rays
- Persistence
- Creating a Module
- Geolocation
- Using-BeEF-With-NGROK