2.3 Browser Hook with BeEF - Lab 2 Part 2

00:00

All right. Welcome back to the course. So in the last video, we went ahead and created our victim account. Our attacker account. We then ran the beef tool. So we launched beef and we also went ahead and copied and pasted a script into our block area. And we left off by being the victim and navigating to the view block area.

00:18

So now we're gonna go ahead and actually view the log. So

00:21

in this drop down boxes, please choose Author Box. We want to select the attacker block, and we're just going to save Luke. View the bloc countries button.

00:29

Let's go and do that. Now sits clicking here and it's down near the bottom, usually. So well, scroll down and click on attacker and then view log entries.

00:38

All right, you'll see that we don't really have a whole lot information there. Would you see that? Either attacker did have a block,

00:43

but as a victim, we don't really see, like, a whole block post or anything like that, and that's on purpose.

00:48

Are. So now we're gonna go back to the beef tool page

00:52

and we're to look under the browser areas, so let's go ahead and do that. Now, I'm gonna move this slightly out of my way there so I can get back to my beef page.

01:00

You'll see a couple things here. We're gonna look at the online browser, the offline browser. That's that Fire Fox one. That's what we close with the attacker session there.

01:07

But we want to look at the online browser. That's the victim one. So just go ahead and click where it says the local I p address her with 1 27.0 dot zero. That one, and you'll see it. It'll give us all sorts of information about the victim's browser session. Wouldn't get good information on that.

01:25

All right, so our next step in the labs were actually want to go ahead and actually give a better hook here. So the hook we have in place

01:32

is basically if the victim that you know the victim in this case navigates away from the paint stir on, we're gonna lose that hook. So we want to go ahead and put a hook, and that's persistent that as a click through pages on this particular website, we keep them infected, and we can keep looking at their sessions in the goal here is potentially. Maybe they enter a user name password, right,

01:51

so we could steal that information.

01:53

So all we have to do inside of this tool is we're just gonna go to commands option and click on Persistence Folder and that selecting men in the browser option it's really is that simple? So that's why I recommend you check out Joe's course. He goes over a lot more stuff. Well, this particular tool So we're gonna click on commands here that the tab here, the top

02:13

and then we're gonna click on Persistence

02:15

down here near the bottom. 3rd 1 up,

02:17

expand that out and then we're gonna select a man in the browser option. Once you select that, you'll see at the very bottom, right? There's an execute button. Just go ahead and click on that, and that's all you have to do.

02:28

So now, if the victim went through and clicked,

02:30

you know, different pages were gonna keep them infected, based off, you know, wherever they go on the on the site, they're still gonna remain affected, and we'll still be able to see their session. It'll still shows online

02:43

now the other thing in this lab that I leave here in the instructions for He's just clicking through the tool and just checking out some of the other options here. I'm not gonna do that in this particular video. Just feel free to stop the video here, let it run through and click through and just check out some of the different options again. As I mentioned, check out Joe Perry's course and the breaking stuff with Joe Siri's or B S. W. J

03:01

is how you could search for it in the catalog

03:04

where you could to search for the word beef and that will pull it up for you as well. So be G E F, and that will pull it up.

03:09

So in this video is wrapped up our lab using the beef tool to create a browser hook. And then we went ahead and click through Thean, selecting the man in the browser option that basically gave us a persistent hook. So as a victim, click through different pages on the Web page. It's still showed us as an online brother and basically an active session, and so we could see everything the user was doing

03:30

in that particular session and hopefully get some

03:31

log in credentials as an ultimate goal of that.