How to install BeEF on Linux Mint or Ubuntu. ERROR: invalid username or password (SOLVED)
BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.
Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.
There are official guides How to install BeEF:
- https://github.com/beefproject/beef/blob/master/INSTALL.txt
- https://github.com/beefproject/beef/wiki/Installation
And BeEF installation script:
- https://raw.githubusercontent.com/beefproject/beef/a6a7536e/install-beef
In this guide, I will show my way how to install BeEF on Linux Mint or Ubuntu.
To complete the installation execute the following commands:
sudo apt install build-essential openssl libreadline6 libreadline6-dev zlib1g zlib1g-dev libssl-dev libyaml-dev libsqlite3-0 libsqlite3-dev sqlite3 libxml2-dev libxslt1-dev autoconf libc6-dev libncurses5-dev automake libtool bison subversion ruby git nodejs ruby-dev sudo gem update --system sudo gem install bundler rake rubocop git clone git://github.com/beefproject/beef.git cd beef sudo bundle install # up cd .. sudo mv beef/ /opt/ echo -e '#!/bin/bash\ncd /opt/beef/\n/opt/beef/beef "$@"' > ./beef && sudo mv ./beef /bin/beef && sudo chmod +x /bin/beef
Launch BeEF:
sudo beef
Open in web browser address http://localhost:3000/ui/panel, you'll see the BeEF login page :
By default, login and passwords are beef/beef.
So first, you will see that there is few actions possible as you do not have any browser hooked. So you need to hook a browser, for example by using one of the demo page ( url should be http://localhost:3000/demos/basic.html and http://localhost:3000/demos/butcher/index.html )
BeEF Usage:
beef [options]
BeEF Options: -x, --reset Reset the database -v, --verbose Display debug information -a, --ascii_art Prints BeEF ascii art -c, --config FILE Load a different configuration file: if it's called custom-config.yaml, git automatically ignores it. -p, --port PORT Change the default BeEF listening port -w, --wsport WS_PORT Change the default BeEF WebSocket listening port
For more detailed information about BeEF usage and BeEF guides see https://github.com/beefproject/beef/wiki
ERROR: invalid username or password (SOLVED)
As said above, by default, login and passwords are beef/beef.
However, these credentials may not work and you will occur the message:
ERROR: invalid username or password
While launching BeEF, pay attention to warnings:
[17:57:36][!] Warning: Default username and weak password in use! [17:57:36] |_ New password for this instance: 21d2415d22a883368f7f6a116bd9f9f4
So without our intention the password was change. The login is still beef, the new password is 21d2415d22a883368f7f6a116bd9f9f4.
You can edit the /opt/beef/config.yaml configuration file to change the password:
Related articles:
- Default passwords in Kali Linux (82.4%)
- How to install Bettercap on Linux Mint or Ubuntu (67.7%)
- How to install the latest aircrack-ng release in Linux Mint or Ubuntu (59.8%)
- How to install Intercepter-NG in Linux (59.8%)
- How to install VeraCrypt on Linux (59.8%)
- How to run PHP script without a web server (RANDOM - 50%)
How about how to install Beef on Kali Linux? It no longer comes bundled and apt get install beef-xss returns an error "unable to locate package"