SlideShare uma empresa Scribd logo

BeEF

A
AlexandraLacatus

Initial assessment presentation about the Browser Exploitation Framework

Tecnologia
1 de 15
Baixar para ler offline
BeEF The Browser Exploitation Framework alexandra.lacatus@info.uaic.ro FCS Iasi, Software Security
Overview What is BeEF Installation and requirements How it works Case studies & examples Advantages 2 Software Security, FCS Iasi, 2013-2014
What is BeEF? http://beefproject.com/ open-source penetration testing tool used to test and exploit web application and browser-based vunerabilities. Main developer: Wade Alcorn, security expert Last stable release: 0.4.4.7 / August 2013 3 Software Security, FCS Iasi, 2013-2014
Installation and requirements OSX 10.5.0 or higher, Modern Linux, Windows XP or higher Ruby 1.9.2 RVM or higher SQLite 3.x A list of ruby gems [...] 4 Software Security, FCS Iasi, 2013-2014
How it works BeEF uses a javascript file hook.js that will hook one or more browsers and will use them for launching directed command modules and further attacks against the system though a open door: the web browser context Uses a web interface to manage and send commands (attacks) to the browser zombies 5 Software Security, FCS Iasi, 2013-2014
BeEF Architecture 6 Software Security, FCS Iasi, 2013-2014 [3]
BeEF Features The official page lists 128 modules (exploits) Modular framework, can be easily extended with custom browser exploitation commands Provides RESTFul API that allows to control BeEF throuth HTTp requests (in JSON format) Can be configured to be integrated with Metasploit 7 Software Security, FCS Iasi, 2013-2014
BeEF Commands Modify the target's page html content (all the content, or alter only the hrefs) redirect the victim's browser to an arbitrary site generate dialog boxes/ fake notifications / request missing plugin installation as a context for placing and executing malicious code browser fingerprinting, detect plugins (ActiveX, Java, Flash, etc.) detect valid sessions of applications such as Twitter, Facebook and GMail. 8 Software Security, FCS Iasi, 2013-2014
Ex 1 - Malicious code injection Fake Notification Bar (e.g. Firefox) Displays a fake notification bar at the top of the screen. If the user clicks the notification they will be prompted to download a malicious Firefox extension (by default). Raw Javascript Sends the code to the selected hooked browsers where it will be executed. Code is run inside an anonymous function and the return value is passed to the framework. Multiline scripts are allowed, no special encoding is required. 9 Software Security, FCS Iasi, 2013-2014
Ex 2 - Web page defacement Replace content (Deface webpage) Overwrite the page, title and shortcut icon on the hooked page. Replace HREFs Rewrite all the href attributes of all matched links. TabNabbing This module redirects to the specified URL after the tab has been inactive for a specified amount of time. 10 Software Security, FCS Iasi, 2013-2014
Ex 3 - Keystroke Logging iFrame Event Logger Creates a 100% by 100% iFrame overlay with event logging. Fake LastPass Displays a fake LastPass user dialog which will log all the user's key strokes. 11 Software Security, FCS Iasi, 2013-2014
Ex 4 – Exporing the network Detect Social Networks This module will detect if the Hooked Browser is currently authenticated to GMail, Facebook and Twitter. (specify detection timeout) Network / Port Scanner Scan ports in a given hostname, using WebSockets, CORS and img tags. It uses the three methods to avoid blocked ports or Same Origin Policy. 12 Software Security, FCS Iasi, 2013-2014
Ex 5 – Browser fingerprinting Spider Eye Creates a snapshot of the victim's window Detect Firebug Detect Silverlight Detect Windows Media Player Detect ActiveX Detect toolbars Etc.. 13 Software Security, FCS Iasi, 2013-2014
Metasploit / w3af / BeEF Metasploit w3af BeEF Language Perl → Ruby Python Ruby Supported OS cross-platform cross-platform cross-platform Pen-testing target network Web applications browser $ Open source + paid Open source Open source Firewall 14 Software Security, FCS Iasi, 2013-2014
Bibliography [1] BeEF project main page: http://beefproject.com/ [2] BeEF project Github page: https://github.com/beefproject/beef [3] BeEF achitecture diagram: https://github.com/beefproject/beef/wiki/Architecture

Recomendados

PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on PhishingPankaj Yadav
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanControlScan, Inc.
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?Quick Heal Technologies Ltd.
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
Reflective and Stored XSS- Cross Site Scripting
Reflective and Stored XSS- Cross Site ScriptingReflective and Stored XSS- Cross Site Scripting
Reflective and Stored XSS- Cross Site ScriptingInMobi Technology
 
Phishing
PhishingPhishing
PhishingSouganthikaSankaresw
 
Cross Site Scripting (XSS)
Cross Site Scripting (XSS)Cross Site Scripting (XSS)
Cross Site Scripting (XSS)Barrel Software
 

Recomendados

PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on PhishingPankaj Yadav
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanControlScan, Inc.
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?Quick Heal Technologies Ltd.
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
Reflective and Stored XSS- Cross Site Scripting
Reflective and Stored XSS- Cross Site ScriptingReflective and Stored XSS- Cross Site Scripting
Reflective and Stored XSS- Cross Site ScriptingInMobi Technology
 
Phishing
PhishingPhishing
PhishingSouganthikaSankaresw
 
Cross Site Scripting (XSS)
Cross Site Scripting (XSS)Cross Site Scripting (XSS)
Cross Site Scripting (XSS)Barrel Software
 
Phishing Presentation
Phishing Presentation Phishing Presentation
Phishing Presentation Nikolaos Georgitsopoulos
 
Cross Site Scripting(XSS)
Cross Site Scripting(XSS)Cross Site Scripting(XSS)
Cross Site Scripting(XSS)Nabin Dutta
 
Viruses andthreats@dharmesh
Viruses andthreats@dharmeshViruses andthreats@dharmesh
Viruses andthreats@dharmeshDharmesh Kumar Sharma
 
Phishing attack
Phishing attackPhishing attack
Phishing attackRaghav Chhabra
 
Phishing
PhishingPhishing
PhishingAlka Falwaria
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N Gbensonoo
 
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdfCybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdfSoo Chin Hock
 
Secure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scriptingSecure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scriptingSecure Code Warrior
 
STORED XSS IN DVWA
STORED XSS IN DVWASTORED XSS IN DVWA
STORED XSS IN DVWARutvik patel
 
A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...Noppadol Songsakaew
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
Hacking and Types of Hacker.
Hacking and Types of Hacker.Hacking and Types of Hacker.
Hacking and Types of Hacker.Coder Tech
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensicsChaitanya Dhareshwar
 
Spear Phishing Attacks
Spear Phishing AttacksSpear Phishing Attacks
Spear Phishing Attacksn|u - The Open Security Community
 
Operating system security
Operating system securityOperating system security
Operating system securityRachel Jeewa
 
XSS - Attacks & Defense
XSS - Attacks & DefenseXSS - Attacks & Defense
XSS - Attacks & DefenseBlueinfy Solutions
 
Xss ppt
Xss pptXss ppt
Xss pptpenetration Tester
 
Dom based xss
Dom based xssDom based xss
Dom based xssLê Giáp
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTIONumme ayesha
 
Security threats in social networks
Security threats in social networksSecurity threats in social networks
Security threats in social networksTannistho Ghosh
 
Beef
BeefBeef
BeefManah Chhabra
 
Man02 10 tab napping
Man02 10 tab nappingMan02 10 tab napping
Man02 10 tab nappingXIMO GOMIS
 

Mais conteúdo relacionado

Mais procurados

Cross Site Scripting(XSS)
Cross Site Scripting(XSS)Cross Site Scripting(XSS)
Cross Site Scripting(XSS)Nabin Dutta
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N Gbensonoo
 
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdfCybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdfSoo Chin Hock
 
Secure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scriptingSecure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scriptingSecure Code Warrior
 
STORED XSS IN DVWA
STORED XSS IN DVWASTORED XSS IN DVWA
STORED XSS IN DVWARutvik patel
 
A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...Noppadol Songsakaew
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
Hacking and Types of Hacker.
Hacking and Types of Hacker.Hacking and Types of Hacker.
Hacking and Types of Hacker.Coder Tech
 
Operating system security
Operating system securityOperating system security
Operating system securityRachel Jeewa
 
Dom based xss
Dom based xssDom based xss
Dom based xssLê Giáp
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTIONumme ayesha
 
Security threats in social networks
Security threats in social networksSecurity threats in social networks
Security threats in social networksTannistho Ghosh
 

Mais procurados (20)

Phishing Presentation
Phishing Presentation Phishing Presentation
Phishing Presentation
 
Cross Site Scripting(XSS)
Cross Site Scripting(XSS)Cross Site Scripting(XSS)
Cross Site Scripting(XSS)
 
Viruses andthreats@dharmesh
Viruses andthreats@dharmeshViruses andthreats@dharmesh
Viruses andthreats@dharmesh
 
Phishing attack
Phishing attackPhishing attack
Phishing attack
 
Phishing
PhishingPhishing
Phishing
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
 
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdfCybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
 
Secure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scriptingSecure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scripting
 
STORED XSS IN DVWA
STORED XSS IN DVWASTORED XSS IN DVWA
STORED XSS IN DVWA
 
A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
Hacking and Types of Hacker.
Hacking and Types of Hacker.Hacking and Types of Hacker.
Hacking and Types of Hacker.
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensics
 
Spear Phishing Attacks
Spear Phishing AttacksSpear Phishing Attacks
Spear Phishing Attacks
 
Operating system security
Operating system securityOperating system security
Operating system security
 
XSS - Attacks & Defense
XSS - Attacks & DefenseXSS - Attacks & Defense
XSS - Attacks & Defense
 
Xss ppt
Xss pptXss ppt
Xss ppt
 
Dom based xss
Dom based xssDom based xss
Dom based xss
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTION
 
Security threats in social networks
Security threats in social networksSecurity threats in social networks
Security threats in social networks
 

Destaque

Man02 10 tab napping
Man02 10 tab nappingMan02 10 tab napping
Man02 10 tab nappingXIMO GOMIS
 
Carcass grading
Carcass gradingCarcass grading
Carcass gradingDr Neo
 
Carcass Grade
Carcass GradeCarcass Grade
Carcass GradeRizza Muh
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldAvishek Datta
 
Man-In-The-Browser attacks
Man-In-The-Browser attacksMan-In-The-Browser attacks
Man-In-The-Browser attacksMário Almeida
 
Classification of fruits
Classification of fruitsClassification of fruits
Classification of fruitsLucia Martinez
 
Fruits: Parts and Classification
Fruits: Parts and ClassificationFruits: Parts and Classification
Fruits: Parts and ClassificationAlyssaBumanglag
 

Destaque (13)

Beef
BeefBeef
Beef
 
Man02 10 tab napping
Man02 10 tab nappingMan02 10 tab napping
Man02 10 tab napping
 
Carcass grading
Carcass gradingCarcass grading
Carcass grading
 
Carcass Grade
Carcass GradeCarcass Grade
Carcass Grade
 
Beef Lecture
Beef LectureBeef Lecture
Beef Lecture
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark World
 
Man-In-The-Browser attacks
Man-In-The-Browser attacksMan-In-The-Browser attacks
Man-In-The-Browser attacks
 
Types of fruits
Types of fruitsTypes of fruits
Types of fruits
 
Fruits
FruitsFruits
Fruits
 
Classification of fruits
Classification of fruitsClassification of fruits
Classification of fruits
 
FRUITS
FRUITS FRUITS
FRUITS
 
Types Of Fruits
Types Of FruitsTypes Of Fruits
Types Of Fruits
 
Fruits: Parts and Classification
Fruits: Parts and ClassificationFruits: Parts and Classification
Fruits: Parts and Classification
 

Semelhante a BeEF

Hacking The World With Flash
Hacking The World With FlashHacking The World With Flash
Hacking The World With Flashjoepangus
 
Abusing Exploiting and Pwning with Firefox Addons
Abusing Exploiting and Pwning with Firefox AddonsAbusing Exploiting and Pwning with Firefox Addons
Abusing Exploiting and Pwning with Firefox AddonsAjin Abraham
 
AbusingExploitingAndPWN-ingWithFirefoxAdd-Ons
AbusingExploitingAndPWN-ingWithFirefoxAdd-OnsAbusingExploitingAndPWN-ingWithFirefoxAdd-Ons
AbusingExploitingAndPWN-ingWithFirefoxAdd-Onsachettih
 
Web application penetration testing lab setup guide
Web application penetration testing lab setup guideWeb application penetration testing lab setup guide
Web application penetration testing lab setup guideSudhanshu Chauhan
 
Be ef presentation-securitybyte2011-michele_orru
Be ef presentation-securitybyte2011-michele_orruBe ef presentation-securitybyte2011-michele_orru
Be ef presentation-securitybyte2011-michele_orruMichele Orru
 
Become fully aware of the potential dangers of ActiveX attacks
Become fully aware of the potential dangers of ActiveX attacksBecome fully aware of the potential dangers of ActiveX attacks
Become fully aware of the potential dangers of ActiveX attacksHigh-Tech Bridge SA (HTBridge)
 
Bshield osdi2006
Bshield osdi2006Bshield osdi2006
Bshield osdi2006losalamos
 
Window Shopping Browser - Bug Hunting in 2012
Window Shopping Browser - Bug Hunting in 2012Window Shopping Browser - Bug Hunting in 2012
Window Shopping Browser - Bug Hunting in 2012Roberto Suggi Liverani
 
Français Patch Tuesday – Novembre
Français Patch Tuesday – NovembreFrançais Patch Tuesday – Novembre
Français Patch Tuesday – NovembreIvanti
 
Phonegap android angualr material design
Phonegap android angualr material designPhonegap android angualr material design
Phonegap android angualr material designSrinadh Kanugala
 
Patch Tuesday Italia Novembre
Patch Tuesday Italia NovembrePatch Tuesday Italia Novembre
Patch Tuesday Italia NovembreIvanti
 
Abusing, Exploiting and Pwning with Firefox Add-ons
Abusing, Exploiting and Pwning with Firefox Add-onsAbusing, Exploiting and Pwning with Firefox Add-ons
Abusing, Exploiting and Pwning with Firefox Add-onsAjin Abraham
 
Web application framework
Web application frameworkWeb application framework
Web application frameworkPankaj Chand
 
Trabajo de jose
Trabajo de jose Trabajo de jose
Trabajo de jose josemgg
 
Rethinking-Security-of-Web-Based-System-Apps
Rethinking-Security-of-Web-Based-System-AppsRethinking-Security-of-Web-Based-System-Apps
Rethinking-Security-of-Web-Based-System-AppsMartin Georgiev
 
Cq3210191021
Cq3210191021Cq3210191021
Cq3210191021IJMER
 

Semelhante a BeEF (20)

Hacking The World With Flash
Hacking The World With FlashHacking The World With Flash
Hacking The World With Flash
 
Abusing Exploiting and Pwning with Firefox Addons
Abusing Exploiting and Pwning with Firefox AddonsAbusing Exploiting and Pwning with Firefox Addons
Abusing Exploiting and Pwning with Firefox Addons
 
AbusingExploitingAndPWN-ingWithFirefoxAdd-Ons
AbusingExploitingAndPWN-ingWithFirefoxAdd-OnsAbusingExploitingAndPWN-ingWithFirefoxAdd-Ons
AbusingExploitingAndPWN-ingWithFirefoxAdd-Ons
 
Cisco WebEx vulnerability: it’s a kind of magic
Cisco WebEx vulnerability: it’s a kind of magicCisco WebEx vulnerability: it’s a kind of magic
Cisco WebEx vulnerability: it’s a kind of magic
 
Web application penetration testing lab setup guide
Web application penetration testing lab setup guideWeb application penetration testing lab setup guide
Web application penetration testing lab setup guide
 
Be ef presentation-securitybyte2011-michele_orru
Be ef presentation-securitybyte2011-michele_orruBe ef presentation-securitybyte2011-michele_orru
Be ef presentation-securitybyte2011-michele_orru
 
Become fully aware of the potential dangers of ActiveX attacks
Become fully aware of the potential dangers of ActiveX attacksBecome fully aware of the potential dangers of ActiveX attacks
Become fully aware of the potential dangers of ActiveX attacks
 
Bshield osdi2006
Bshield osdi2006Bshield osdi2006
Bshield osdi2006
 
Window Shopping Browser - Bug Hunting in 2012
Window Shopping Browser - Bug Hunting in 2012Window Shopping Browser - Bug Hunting in 2012
Window Shopping Browser - Bug Hunting in 2012
 
News bytes Oct-2011
News bytes Oct-2011News bytes Oct-2011
News bytes Oct-2011
 
Français Patch Tuesday – Novembre
Français Patch Tuesday – NovembreFrançais Patch Tuesday – Novembre
Français Patch Tuesday – Novembre
 
Phonegap android angualr material design
Phonegap android angualr material designPhonegap android angualr material design
Phonegap android angualr material design
 
Patch Tuesday Italia Novembre
Patch Tuesday Italia NovembrePatch Tuesday Italia Novembre
Patch Tuesday Italia Novembre
 
Abusing, Exploiting and Pwning with Firefox Add-ons
Abusing, Exploiting and Pwning with Firefox Add-onsAbusing, Exploiting and Pwning with Firefox Add-ons
Abusing, Exploiting and Pwning with Firefox Add-ons
 
Web application framework
Web application frameworkWeb application framework
Web application framework
 
Project Presentation
Project Presentation Project Presentation
Project Presentation
 
Trabajo de jose
Trabajo de jose Trabajo de jose
Trabajo de jose
 
Rethinking-Security-of-Web-Based-System-Apps
Rethinking-Security-of-Web-Based-System-AppsRethinking-Security-of-Web-Based-System-Apps
Rethinking-Security-of-Web-Based-System-Apps
 
Cq3210191021
Cq3210191021Cq3210191021
Cq3210191021
 
Cyber ppt
Cyber pptCyber ppt
Cyber ppt
 

Último

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 

Último (20)

DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 

BeEF

  • 1. BeEF The Browser Exploitation Framework alexandra.lacatus@info.uaic.ro FCS Iasi, Software Security
  • 2. Overview What is BeEF Installation and requirements How it works Case studies & examples Advantages 2 Software Security, FCS Iasi, 2013-2014
  • 3. What is BeEF? http://beefproject.com/ open-source penetration testing tool used to test and exploit web application and browser-based vunerabilities. Main developer: Wade Alcorn, security expert Last stable release: 0.4.4.7 / August 2013 3 Software Security, FCS Iasi, 2013-2014
  • 4. Installation and requirements OSX 10.5.0 or higher, Modern Linux, Windows XP or higher Ruby 1.9.2 RVM or higher SQLite 3.x A list of ruby gems [...] 4 Software Security, FCS Iasi, 2013-2014
  • 5. How it works BeEF uses a javascript file hook.js that will hook one or more browsers and will use them for launching directed command modules and further attacks against the system though a open door: the web browser context Uses a web interface to manage and send commands (attacks) to the browser zombies 5 Software Security, FCS Iasi, 2013-2014
  • 6. BeEF Architecture 6 Software Security, FCS Iasi, 2013-2014 [3]
  • 7. BeEF Features The official page lists 128 modules (exploits) Modular framework, can be easily extended with custom browser exploitation commands Provides RESTFul API that allows to control BeEF throuth HTTp requests (in JSON format) Can be configured to be integrated with Metasploit 7 Software Security, FCS Iasi, 2013-2014
  • 8. BeEF Commands Modify the target's page html content (all the content, or alter only the hrefs) redirect the victim's browser to an arbitrary site generate dialog boxes/ fake notifications / request missing plugin installation as a context for placing and executing malicious code browser fingerprinting, detect plugins (ActiveX, Java, Flash, etc.) detect valid sessions of applications such as Twitter, Facebook and GMail. 8 Software Security, FCS Iasi, 2013-2014
  • 9. Ex 1 - Malicious code injection Fake Notification Bar (e.g. Firefox) Displays a fake notification bar at the top of the screen. If the user clicks the notification they will be prompted to download a malicious Firefox extension (by default). Raw Javascript Sends the code to the selected hooked browsers where it will be executed. Code is run inside an anonymous function and the return value is passed to the framework. Multiline scripts are allowed, no special encoding is required. 9 Software Security, FCS Iasi, 2013-2014
  • 10. Ex 2 - Web page defacement Replace content (Deface webpage) Overwrite the page, title and shortcut icon on the hooked page. Replace HREFs Rewrite all the href attributes of all matched links. TabNabbing This module redirects to the specified URL after the tab has been inactive for a specified amount of time. 10 Software Security, FCS Iasi, 2013-2014
  • 11. Ex 3 - Keystroke Logging iFrame Event Logger Creates a 100% by 100% iFrame overlay with event logging. Fake LastPass Displays a fake LastPass user dialog which will log all the user's key strokes. 11 Software Security, FCS Iasi, 2013-2014
  • 12. Ex 4 – Exporing the network Detect Social Networks This module will detect if the Hooked Browser is currently authenticated to GMail, Facebook and Twitter. (specify detection timeout) Network / Port Scanner Scan ports in a given hostname, using WebSockets, CORS and img tags. It uses the three methods to avoid blocked ports or Same Origin Policy. 12 Software Security, FCS Iasi, 2013-2014
  • 13. Ex 5 – Browser fingerprinting Spider Eye Creates a snapshot of the victim's window Detect Firebug Detect Silverlight Detect Windows Media Player Detect ActiveX Detect toolbars Etc.. 13 Software Security, FCS Iasi, 2013-2014
  • 14. Metasploit / w3af / BeEF Metasploit w3af BeEF Language Perl → Ruby Python Ruby Supported OS cross-platform cross-platform cross-platform Pen-testing target network Web applications browser $ Open source + paid Open source Open source Firewall 14 Software Security, FCS Iasi, 2013-2014
  • 15. Bibliography [1] BeEF project main page: http://beefproject.com/ [2] BeEF project Github page: https://github.com/beefproject/beef [3] BeEF achitecture diagram: https://github.com/beefproject/beef/wiki/Architecture