Skip to content

BeEF modules

Jump to bottom
Isaac Powell edited this page Feb 2, 2022 · 22 revisions

Module Format

The command module documentation is set out in the following format:

Summary

Describe the following things:

 * Objective:   -What is the intent of the module, what is the module doing and what is the intended outcome.
 * Date:        -When was this written?
 * Author/s:    - Who contributed to the module? 
 * Browsers:    - Which browsers does this work on and which versions
 * Code         - Link to the applicable code

Internal Working

Give a brief overview of using the Module, include information such as use case, out-put, run example. This section should basically run through an example of the module in use.

Screenshots

If there are any Screenshots that are used in describing the module in the above two images, or any other images that might help to understand the module, put them here.

Feedback

Applicable feedback for the module goes here.

List of Modules:

Browser

  1. Browser Fingerprinting
  2. Detect Firebug
  3. Detect Lastpass
  4. Detect Popup block
  5. Detect Unsafe ActiveX
  6. Get Visited Domains
  7. Detect Visited URL
  8. Play Sound
  9. Unhook
  10. Webcam
  11. Get Firefox/Chrome Extensions
  12. Detect MS Office Version

Hooked Domain

  1. AJAX Fingerprint
  2. Alert Dialog
  3. Deface Web Page
  4. Get Cookie
  5. Get Local Storage
  6. Get Page HTML
  7. Get Page Links
  8. Get Session Storage
  9. Get Stored Credentials
  10. Link Rewrite
  11. Link Rewrite (HTTPS)
  12. Link Rewrite (TEL)
  13. Link Rewrite (Clicked Event)
  14. Create Alert Dialog
  15. Create Prompt Dialog
  16. Redirect Browser
  17. Redirect Browser (Rickroll)
  18. Redirect Browser (iFrame)
  19. Replace Component (Deface)
  20. Replace Videos
  21. iOS Address Bar Spoofing

Chrome Extensions

  1. Execute On Tab
  2. Get All Cookies
  3. Grab Google Contacts
  4. Inject BeEF
  5. Screenshot
  6. Send Gvoice SMS

Debug

  1. Return Ascii Chars
  2. Test Network Request
  3. Test Returning Results

Exploits

  1. ColdFusion Directory Traversal Exploit
  2. GlassFish WAR Upload XSRF
  3. Jboss 6.0.0M1 JMX Deploy Exploit
  4. Spring Framework Malicious Jar Exploit
  5. VTiger CRM Upload Exploit
  6. Zenoss 3.2.1 Add User CSRF
  7. Zenoss 3.2.1 Daemon CSRF
  8. boastMachine 3.1 Add User CSRF

Camera

  1. Dlink DCS series CSRF
  2. Linksys WVC series CSRF

Local Host

  1. Windows Mail Client DoS
  2. ActiveX Command Execution
  3. Java Payload
  4. Safari Launch App

Router

  1. 3COM OfficeConnect Command Execution
  2. Asmax AR-804gu Command Execution
  3. BT Home Hub CSRF
  4. Cisco E2400 CSRF
  5. Comtrend CT-5367 CSRF
  6. Comtrend CT 5624 CSRF
  7. D-Link DIR-615 Password Wipe
  8. D-Link DSL500T CSRF
  9. Huawei SmartAX MT880 CSRF
  10. Linksys BEFSR41 CSRF
  11. Linksys WRT54G CSRF
  12. Linksys WRT54G2 CSRF
  13. Virgin Superhub CSRF

Switch

  1. Netgear GS108T CSRF

XSS

  1. AlienVault OSSIM 3.1 XSS
  2. Cisco Collaboration Server 5 XSS
  3. Serendipity <= 1.1.1 Add User CSRF

Host

  1. Detect Google Desktop
  2. Detect Softwares
  3. Get Clipboard
  4. Get Internal IP Java
  5. Get Internal IP WebRTC
  6. Get Physical Location
  7. Get Protocol Handlers
  8. Get System Info Java
  9. Hook Default Browser
  10. Get Geolocation
  11. Get Registry Keys
  12. Get Wireless Keys
  13. Detect CUPS
  14. Make Telephone Call
  15. Detect Bit Defender 2012

IPEC

  1. Bindshell (POSIX)
  2. Bindshell (Windows)
  3. Cross Site Printing (XSP)
  4. DNS Tunnel
  5. IMAP
  6. IRC

Miscellaneous

  1. Create Invisible Iframe
  2. Google Search
  3. iFrame Event Key Logger
  4. iFrame Sniffer
  5. Local File Theft
  6. Raw Javascript

Network

  1. Detect Social Networks
  2. Detect TOR
  3. Ping Sweep
  4. IRC NAT Pinning
  5. Fingerprint Network
  6. DNS Enumeration
  7. Ping Sweep (Java)
  8. Port Scanner

Persistence

  1. Man-In-The-Browser
  2. Confirm Close Tab
  3. Create Foreground iFrame
  4. Create Pop Under

Phonegap

  1. Beep
  2. Check connection
  3. Detect PhoneGap
  4. Geolocation
  5. List Files
  6. Persist resume
  7. Persistence
  8. Start Recording Audio
  9. Stop Recording Audio
  10. Upload File

Social Engineering

  1. Autocomplete Theft
  2. Clickjacking
  3. Clippy
  4. Fake Evernote Web Clipper Login
  5. Fake Flash Update
  6. Fake LastPass
  7. Google Phishing
  8. Lcamtuf Download
  9. Fake Notification Bar
  10. Fake Notification Bar (Chrome)
  11. Fake Notification Bar (FF)
  12. Fake Notification Bar (IE)
  13. Pretty Theft
  14. Simple Hijacker
  15. TabNabbing

User Guide

I. Introduction   |   II. Basic Utilization   |   III. Advanced Utilization   |   IV. Development   |   V. References

Community

Blog   |   Code   |   Youtube   |   Twitter

I - Starting BeEF

  1. Introducing BeEF
  2. Installation
  3. Basics
  4. Troubleshooting

II - Basic Utilization

  1. Configuration
  2. Interface
  3. Information Gathering
  4. Social Engineering
  5. Network Discovery
  6. Metasploit
  7. Tunneling
  8. XSS Rays
  9. Persistence
  10. Creating a Module
  11. Geolocation
  12. Using-BeEF-With-NGROK

III - Advanced Utilization

  1. RESTful API
  2. Autorun Rule Engine
  3. Notifications
  4. Console
  5. WebRTC Extension

IV - Development

  1. Contributing
  2. ActiveRecord
  3. Development Organization
  4. Architecture
  5. BeEF Javascript API
  6. Step By Step Module Creation
  7. Creating a New Extension
  8. BeEF Testing
  9. Browser & OS Compatibility
  10. Database Schema
  11. Development Milestones
  12. Command Module Config
  13. Command Module API

V - References

  1. FAQ
  2. Other
  3. References
  4. Modules
  5. Release Notes
Clone this wiki locally