New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
config.yaml can enable priv escalation ?? #2246
Comments
Possibly. This is an issue with the For example,
Knowledge of the password would allow access to the web UI and REST interface. There's probably a way to privesc this to gain
|
The
This would allow reading configuration credentials. For example, credentials for the Metasploit extension (not enabled by default) would allow access to
|
What operating system are you using? The default password for BeEF is Are you sure you didn't set the password? On Kali, when you run
The |
oh yeah i checked other kali VMs that are not yet set-up with beef but the config is still readable is both kali and parrot os (fresh installs) anyways i think it should not be readable as you mentioned it can privesc beef-xss privileges |
Unfortunately this is outside the control of the project team. I've asked the devs to ping the kali/parrot package maintainers. Both the config file and application directory should not be world readable. Thanks for the report. |
Nice report, thanks! |
Thanks |
@begadwael if you'd like to join the Beef dev discord https://discord.gg/25wT2P8pwx we'd like to have your input |
I was not able to find my beef creds so I checked out the config.yaml file and it did not need sudo privileges to open
by running this command gedit /usr/share/beef-xss/config.yaml
in the file it clearly stated my sudo creds which can enable local privilege escalation
shouldn't that file need sudo privileges to open?
I know that it can be changed but the default password is the devices sudo password (and its stated in clear text in the config file)
The text was updated successfully, but these errors were encountered: