0
administrative site, the attacker can select from a number of malicious actions to perform
on the client. These actions range from the benign, such as generating a JavaScript alert
in the victim??™s browser, to malicious actions such as stealing the contents of the victim??™s
clipboard. Additionally, BeEF can enable keylogger functionality to steal any passwords
or sensitive information that the user enters in to the browser. Last, BeEF can perform the
traditional proxy action of allowing the attacker to force the victim??™s browser to send
requests.
Since BeEF was written to be a functional tool rather than a proof of concept, it is
significantly easier to set up and use than the original XSS-proxy. BeEF consists of a few
administrative pages that are written in the PHP Hypertext Preprocessor language as
well as the malicious JavaScript payloads that will be sent to victims at the attacker??™s
discretion.
Figure 4-2 The XSS-proxy interface with a victim attached
Chapter 4: Malicious JavaScript and AJAX 93
To use BeEF, an attacker follows these steps:
1. The attacker downloads the BeEF proxy code and hosts it on a web server
under her control and that has PHP installed??”for example, http://www
.
Pages:
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194