-
Notifications
You must be signed in to change notification settings - Fork 2.2k
Geolocation
BeEF has several methods to determine the hooked browser's physical location.
Recent changes to the GeoLite (free geolocation database from MaxMind) service has meant that it will need to be manually downloaded and added to BeEF to enable GeoLocation functionality.
While the GeoLite database is free, a signup at MaxMind is still required.
After an creating account, locate the GeoLite2 City database in .mmdb
format and place it in the location specified by config.yaml
.
Alternatively, install geoipupdate and update /etc/GeoIP.conf
:
AccountID <account id>
LicenseKey <license key>
EditionIDs GeoLite2-City
Then run geoipupdate
to update the database. The default path for the database is /usr/share/GeoIP/GeoLite2-City.mmdb
.
By default, config.yaml
is set to look for the MaxMind database at database: '/usr/share/GeoIP/GeoLite2-City.mmdb'
.
If you opt to install the database in a different location, update this path in config.yaml
:
geoip:
enable: true
database: '/usr/share/GeoIP/GeoLite2-City.mmdb'
The Geolocation module will retrieve the physical location of the hooked browser using the Phonegap API.
The Get Geolocation module will retrieve the physical location of the hooked browser using the browser Geo-location API. The user will be prompted to share their location with the hooked origin, unless the hooked origin has been white-listed previously.
The Get Geolocation (Third-Party) module retrieves the physical location of the hooked browser using third-party hosted geolocation APIs.
- Configuration
- Interface
- Information Gathering
- Social Engineering
- Network Discovery
- Metasploit
- Tunneling
- XSS Rays
- Persistence
- Creating a Module
- Geolocation
- Using-BeEF-With-NGROK