lestor
08.01.2019, 23:25
аллоха всем! не знаю как быть весь день потратил на это и 0 результат
проблема с добавлением metasploit в beef
выставил настройки так
в xtensions/metasploit:
beef:
extension:
metasploit:
name: 'Metasploit'
enable: true
host: "192.168.1.150"
port: 55552
user: "msf"
pass: "abc1234"
uri: '/api'
# if you need "ssl: true" make sure you start msfrpcd with "SSL=y", like:
# load msgrpc ServerHost=IP Pass=abc123 SSL=y
ssl: true
ssl_version: 'TLS1'
ssl_verify: true
callback_host: "192.168.1.150"
autopwn_url: "autopwn"
auto_msfrpcd: false
auto_msfrpcd_timeout: 120
msf_path: [
{os: 'osx', path: '/opt/local/msf/'},
{os: 'livecd', path: '/opt/metasploit-framework/'},
{os: 'bt5r3', path: '/opt/metasploit/msf3/'},
{os: 'bt5', path: '/opt/framework3/msf3/'},
{os: 'backbox', path: '/opt/backbox/msf/'},
{os: 'kali', path: '/usr/share/metasploit-framework/'},
{os: 'pentoo', path: '/usr/lib/metasploit'},
{os: 'win', path: 'c:\\metasploit-framework\\'},
{os: 'custom', path: '/usr/share/metasploit-framework/'}
]
и в самой папке beef-xss
# You may override default extension configuration parameters here
extension:
requester:
enable: true
proxy:
enable: true
key: "beef_key.pem"
cert: "beef_cert.pem"
metasploit:
enable: true
social_engineering:
enable: true
evasion:
enable: false
console:
shell:
enable: false
ipec:
enable: true
потом прописал
load msgrpc ServerHost=127.0.0.1 User=msf Pass=abc1234 SSL=y в msfconsole
дальше зашел в /usr/share/beef-xss и запустил sudo ./beef
сначала писал без sudo ибо нах он на kali, но потом где-то прочитал, что это может помочь хз как.... а дальше идет это:
[21:10:43] Bind socket [imapeudora1] listening on [0.0.0.0:2000].
[21:10:43] Browser Exploitation Framework (BeEF) 0.4.7.0-alpha
[21:10:43] | Twit: @beefproject
[21:10:43] | Site: http://beefproject.com (https://vk.com/away.php?to=http%3A%2F%2Fbeefproject.com&post=-6827051_75064&cc_key=)
[21:10:43] | Blog: http://blog.beefproject.com (https://vk.com/away.php?to=http%3A%2F%2Fblog.beefproject.com&post=-6827051_75064&cc_key=)
[21:10:43] |_ Wiki: https://github.com/beefproject/beef/wiki (https://vk.com/away.php?to=https%3A%2F%2Fgithub.com%2Fbeefproject %2Fbeef%2Fwiki&post=-6827051_75064&cc_key=)
[21:10:43] Project Creator: Wade Alcorn (@WadeAlcorn)
[21:10:43][!] API Fire Error: authentication failed in {wner=>BeEF::Extension::Metasploit::API::MetasploitHooks, :id=>24}.post_soft_load()
[21:10:43] BeEF is loading. Wait a few seconds...
[21:10:45] 13 extensions enabled.
[21:10:45] 254 modules enabled.
[21:10:45] 2 network interfaces were detected.
[21:10:45][+] running on network interface: 127.0.0.1
[21:10:45] | Hook URL: http://127.0.0.1:3000/hook.js
[21:10:45] |_ UI URL: http://127.0.0.1:3000/ui/panel
[21:10:45][+] running on network interface: 192.168.1.150
[21:10:45] | Hook URL: http://192.168.1.150:3000/hook.js
[21:10:45] |_ UI URL: http://192.168.1.150:3000/ui/panel
[21:10:45] RESTful API key: 464c4b4197ff3eaaf94a95c8d66e89cdafe4f39d
[21:10:45] HTTP Proxy: http://127.0.0.1:6789
[21:10:45] BeEF server started (press control+c to stop)
ясное дело эксплойтов в beef не пояаилось
проблема с добавлением metasploit в beef
выставил настройки так
в xtensions/metasploit:
beef:
extension:
metasploit:
name: 'Metasploit'
enable: true
host: "192.168.1.150"
port: 55552
user: "msf"
pass: "abc1234"
uri: '/api'
# if you need "ssl: true" make sure you start msfrpcd with "SSL=y", like:
# load msgrpc ServerHost=IP Pass=abc123 SSL=y
ssl: true
ssl_version: 'TLS1'
ssl_verify: true
callback_host: "192.168.1.150"
autopwn_url: "autopwn"
auto_msfrpcd: false
auto_msfrpcd_timeout: 120
msf_path: [
{os: 'osx', path: '/opt/local/msf/'},
{os: 'livecd', path: '/opt/metasploit-framework/'},
{os: 'bt5r3', path: '/opt/metasploit/msf3/'},
{os: 'bt5', path: '/opt/framework3/msf3/'},
{os: 'backbox', path: '/opt/backbox/msf/'},
{os: 'kali', path: '/usr/share/metasploit-framework/'},
{os: 'pentoo', path: '/usr/lib/metasploit'},
{os: 'win', path: 'c:\\metasploit-framework\\'},
{os: 'custom', path: '/usr/share/metasploit-framework/'}
]
и в самой папке beef-xss
# You may override default extension configuration parameters here
extension:
requester:
enable: true
proxy:
enable: true
key: "beef_key.pem"
cert: "beef_cert.pem"
metasploit:
enable: true
social_engineering:
enable: true
evasion:
enable: false
console:
shell:
enable: false
ipec:
enable: true
потом прописал
load msgrpc ServerHost=127.0.0.1 User=msf Pass=abc1234 SSL=y в msfconsole
дальше зашел в /usr/share/beef-xss и запустил sudo ./beef
сначала писал без sudo ибо нах он на kali, но потом где-то прочитал, что это может помочь хз как.... а дальше идет это:
[21:10:43] Bind socket [imapeudora1] listening on [0.0.0.0:2000].
[21:10:43] Browser Exploitation Framework (BeEF) 0.4.7.0-alpha
[21:10:43] | Twit: @beefproject
[21:10:43] | Site: http://beefproject.com (https://vk.com/away.php?to=http%3A%2F%2Fbeefproject.com&post=-6827051_75064&cc_key=)
[21:10:43] | Blog: http://blog.beefproject.com (https://vk.com/away.php?to=http%3A%2F%2Fblog.beefproject.com&post=-6827051_75064&cc_key=)
[21:10:43] |_ Wiki: https://github.com/beefproject/beef/wiki (https://vk.com/away.php?to=https%3A%2F%2Fgithub.com%2Fbeefproject %2Fbeef%2Fwiki&post=-6827051_75064&cc_key=)
[21:10:43] Project Creator: Wade Alcorn (@WadeAlcorn)
[21:10:43][!] API Fire Error: authentication failed in {wner=>BeEF::Extension::Metasploit::API::MetasploitHooks, :id=>24}.post_soft_load()
[21:10:43] BeEF is loading. Wait a few seconds...
[21:10:45] 13 extensions enabled.
[21:10:45] 254 modules enabled.
[21:10:45] 2 network interfaces were detected.
[21:10:45][+] running on network interface: 127.0.0.1
[21:10:45] | Hook URL: http://127.0.0.1:3000/hook.js
[21:10:45] |_ UI URL: http://127.0.0.1:3000/ui/panel
[21:10:45][+] running on network interface: 192.168.1.150
[21:10:45] | Hook URL: http://192.168.1.150:3000/hook.js
[21:10:45] |_ UI URL: http://192.168.1.150:3000/ui/panel
[21:10:45] RESTful API key: 464c4b4197ff3eaaf94a95c8d66e89cdafe4f39d
[21:10:45] HTTP Proxy: http://127.0.0.1:6789
[21:10:45] BeEF server started (press control+c to stop)
ясное дело эксплойтов в beef не пояаилось