Is it possible the run BeEF (Browser Exploitation Framework) on the WAN through a VPN? IF so, how would I modify to config.yaml file? I assume I would need to open some ports on my VPN service, however the service I use (nVPN.net) won't allow me to open port 80.
Asked
Active
Viewed 1,068 times
1 Answers
2
Yes, is possible.
BeEF usually works with these ports:
- 2000
- 6789
- 3000
Two of them are only used to connect locally. So you only must open port 3000 tcp which is used for "hooking" the victims and to access to the ui control panel. You can change this port in your config changing port: "3000" to other but usually is not necessary.
If you open port 3000 is enough to access to control panel and hooking. You can restrict the hooking networks and the access to the ui control panel modifying on config these lines:
permitted_hooking_subnet: "0.0.0.0/0"
and
permitted_ui_subnet: "0.0.0.0/0"
Another good practice is to change the default pass "beef" to other to avoid somebody can enter to your control panel. This can be done changing this in config file: passwd: "yourpass" under credentials section.
Remember to load your custom config using -c argument. Example: cd /path/where/beef/is && ./beef -c /path/to/your/configfile. Sometimes on distros like Kali Linux, if you check "/usr/bin/beef-xss", there is a script inside, so you can't launch custom configs using beef-xss -c /path/to/configfile that's because is better to locate where is beef installed, enter to the directory and launch it using ./beef for some reason it doesn't work using absolute paths in this way /path/to/beef -c /path/to/configfile that's because the first example I put is the good. Some usual paths where beef executable file is installed depending of the distro are:
/usr/share/beef/-> on BlackArch/usr/share/beef-xss/-> on Kali/opt/beef/-> on Wifislax
Then you must be able to force the victims to load the "evil" js putting the "hook.js" in anyweb page loaded by clients or however... that's another story.
Good luck!
OscarAkaElvis
- 5,185
- 3
- 17
- 48