An In-depth Look at Browser Exploitation using BeEF Framework
Table of contents
Abstract
The internet is the most widely used tool of the present century. And to access it, the most used tool is a web browser. It is true that all browsers are not created equal and some browsers are more insecure than others. So, It is necessary to have knowledge on the browser architecture,threats and its vulnerabilities. This paper discusses how a browser can be a risk, and how to overcome that risk. Furthermore, the paper practically illustrates the step by step procedure to exploit a browser using Browser Exploitation Framework(BeEF) and also compares how BeEF Framework works on different Browsers.
Review Of Related Work
From the previous studies, almost 45 percentage of people browsing the Web are not using the most secure version of their web browser. Same as software, a web browser with no proper security patches is vulnerable to attack or exploit. Even a fully patched web browser can sometimes be vulnerable to attack if the browser add-ons aren’t patched.The add-ons don’t update automatically along with thebrowser.BeEF is the short form for Browser Exploitation Framework, which is a penetration testing tool that focuses on the web browser. BeEF Framework is the only tool which is exclusively used to exploit web browsers. With the growing concerns about web attacks against users, not excluding mobile users, BeEF allows the professional penetration tester to assess the actual security of a target environment by using client-side attack vectors. Not like other security frameworks,BeEF Framework looks into the hardened network perimeter and user system, and examines how to exploit the web browser. BeEF can hook one or many number of web browsers and use them as leads for launching a web browser attack which finally results in browser exploitation.
Project Objective
The following are few of many practices a user must enforce to avoid unwanted browser risk.
- Keep your browser(s) updated and patched.
- Keep your operating system updated and patched.
- Use antivirus and antispyware software, and keep them updated.
- Keep your applications, such as multimedia programs used for viewing videos, updated and patched, particularly if they work with your browser.
- Make sure your computer’s firewall is on.
- Block pop-up windows, some of which may be malicious and hide attacks. This may block malicious software from being downloaded to your computer.
- Tighten the security settings on your browsers.
BeEF Architecture Settings in the security, privacy, and content sections in your browser. The minimum level should be medium.• Consider disabling JavaScript, Java, and ActiveX controls.It is important to note that a number of these tips may limit the users from accessing few of the browser’s content. For example, JavaScript is used to control web pages on the client side of the browser, server-side programs, and even mobile applications. If you need to use JavaScript, set your browser to prompt you before running scripts. Lower your security settings temporarily to have proper access, and then reset them.
Description And Methodology Of The Proposed Project
- Description
- Methodology
BeEF is used to exploit a cross site scripting (XSS) flaw in a Web Browser or Web Application. The XSS flaw allows an intruder to inject BeEF project Jscript into the vulnerable webpage. In BeEF terminology, the browser that has visited the vulnerable page is “hooked or hacked”. This injected code inthe “hooked or hacked” browser then responds to commands from the BeEF server. The BeEF server is a Ruby on Rails Application that communicates with the “hooked browser”through a web-based user interface. BeEF comes with the KaliLinux.
The following experiment illustrates steps that we have followed to show how to execute a successful web browser attack using BeEF and how important it is to have an updated
BeEF Browser Loginantivirus running for your computer to detect web browser attack using BeEF framework.
- Requirements:
- Start Cooking BeEF:
- Opening a Browser to BeEF: The BeEF server can be accessed via any browser on our localhost (127.0.0.1) web server at port 3000..
- Hooking a Browser: The key to success with BeEF isto ”hook” a browser. This basically means that we need the victim to visit a vulnerable web app or webpage. This injected code in the ”hooked” browser then responds to commands from the BeEF server. From there, we can do a number of malicious things on the victim’s computer.Once the target is presented with the Web Page there browser will be hooked and appear in the Hook Browsers section of the BeEF Web GUI.Now, that we have hooked the victim’s browser, we can use numerous built-in commands that can executed from the victim's browser. Below are just a few examples; there are many others.
OSX 10.5.0 or, Modern Linux, Windows XP or higher) : Ruby 1.9.2 or higher) : SQLite 3.xd) : Node.Js 6 or newer
BeEF is built in Kali Linux Tool,and it can be started as a service and accessed via a web browser on your localhost. So let’s start by firing up Kali and cooking a bit of BeEF. Start the BeEF service by going to ”Applications” - Exploita-tion Tools - ”beef xss framework.” BeEf will be located at different places on the GUI based upon the version of KaliLinux.
- Get Visited Domains
- Get Visited URLs
- Webcam
- Get All Cookies
- Grab Google Contacts
- Screenshot when this command is executed, an Adobe Flash dialog box will pop up on the screen of the user asking, ”AllowWebcam?” If they click ”Allow,” it will begin to return pictures from the victim’s machine to you.
Resources
The resources which are needed to successfully complete the project are the following- Virtual Workplace either VMWare or Virtual Box of Recentversion having both Kali Linux and Windows operating systems in it. Kali acts as the attacker or Intruder whereas, windows acts as the user or client.- Enough Knowledge on HTML and CSS to create a Fake Webpage for running Phishing attacks on the user.- Download and Install BeEF Framework which is used to hook and Exploit the Browser.
Contribution To The Knowledge
In this article, it is proposed that after several successful attempts to steal credit card information or banking passwords, many companies are trying to step towards cloud-based browsers, a Java-free browser. A cloud-based browser stores no data from each session and prevents any malware from networking with the user’s computer. One such product is Authentic8’s Silo. A separate browser that executes only after entering a password. It then executes on the cloud and calls up a list of links the user has previously entered,and can store passwords for those sites. All code executes on their remote servers, providing security against malware and privacy against tracking.we now know how threatening it is for everyone to surf the web without using proper security practices. From the experiment, we have learned that web browser attack is abroad topic. Malicious users can execute all sorts of attacks from XSS to Buffer Overflow if the user is not updating his system regularly. BeEF is a simple penetration-testing tools that can be used by anyone to test some attacks or hack someone's system, so it is necessary for everyone to keep up with the updates and patches.
Cite this Essay
To export a reference to this article please select a referencing style below