Nbblrr edited this page Jun 26, 2013 · 11 revisions

The Architecture of the BeEF System


The following diagrams and explanations should explain how BeEF works and the different ways you can use it. This page will be updated as new functionality is introduced in each release.

High Level

When a user runs up BeEF currently, there are two components started: the User Interface and the Communication Server. These two components are the base components of BeEF and are discussed in detail below.


User Interface

This is the control interface for using BeEF. From here a user can see all online and offline browsers, run exploits against them and see the results (Pattern 1).

Communication Server

This guy is essential to how BeEF works. The Communication Server (CS) is the component that communicates via HTTP with the hooked browsers.

Usage Pattern 1

This is the most basic usage pattern for BeEF. An attacker simply need run up BeEF (beef.rb) and login directly to the UI. From here the attacker can see which hooked browsers are online and which are offline, all information collected about/from a particular hooked browser, and run exploits against online hooked browsers.

Previous | Next

Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.