Ethical Hacking - GAINING ACCESS(22)

CLIENT SIDE ATTACKS - BeEf Framework

Browser Exploitation Framework allowing us to launch a number of attacks on a hooked target.

  • Targets are hooked once they load a hook URL.
  • DNS spoof requests to a page containing the hook.
  • Inject the hook in browsed pages(need to be MITM)
  • Use XSS exploit.
  • Social engineer the target to open a hook page.

Start the BeEf framework.

Ethical Hacking - GAINING ACCESS(22)_第1张图片

 

 Modify the index.html file.

 

 Browse http://10.0.0.13 from the victim machine.

Ethical Hacking - GAINING ACCESS(22)_第2张图片

 

 Then you can find the Online Browses in the BeEF Control Panel immediately.

Ethical Hacking - GAINING ACCESS(22)_第3张图片

 

你可能感兴趣的:(Ethical Hacking - GAINING ACCESS(22))