kali 리눅스 시리즈 강좌 의 BeFF 설치 및 통합 Metasploit

kali Linux강좌 시리즈 의 BeFF 설치 및 통합Metasploit

글 / 현 혼

kali Linux강좌 시리즈 의 BeFF 설치 및 통합Metasploit

1.1 apt-get설치 방법

1.2 시작

1.3 기본 테스트

1.4 예외 메시지

1.5 그 원본 코드 설치BeEF

1.5.1 설치curl git

1.5.2 설치rvm

1.5.3 설치 의존 항목

1.5.4 설치ruby

1.5.5 설치bundler

1.5.6다운로드beef

1.5.7 설치 및 시작

1.6 통합metasploit

 

1.1 apt-get설치 방법

터미널 열기, 다음 명령을 입력하십시오.:

apt-get install beef-xss

 

1.2 시작

전환 BeEF 설치 디렉터리.

시작 beef.

root@kali:/usr/share/beef-xss# ./beef

결과 보이기:

[18:46:50][*] Bind socket [imapeudora1] listening on [0.0.0.0:2000].

[18:46:50][*] Browser Exploitation Framework (BeEF) 0.4.4.9-alpha

[18:46:50]    |   Twit: @beefproject

[18:46:50]    |   Site:

[18:46:50]    |   Blog:

[18:46:50]    |_  Wiki: https://github.com/beefproject/beef/wiki

[18:46:50][*] Project Creator: Wade Alcorn (@WadeAlcorn)

[18:46:51][*] BeEF is loading. Wait a few seconds...

[18:46:55][*] 10 extensions enabled.

[18:46:55][*] 196 modules enabled.

[18:46:55][*] 2 network interfaces were detected.

[18:46:55][+] running on network interface: 127.0.0.1

[18:46:55]    |   Hook URL:

[18:46:55]    |_  UI URL:  

[18:46:55][+] running on network interface: 192.168.14.132

[18:46:55]    |   Hook URL:

[18:46:55]    |_  UI URL:  

[18:46:55][*] RESTful API key: e46ed3a91a9c94921f6840dfec12cf4b83d43ecb

[18:46:55][*] HTTP Proxy:

[18:46:55][*] BeEF server started (press control+c to stop)

 

열 브라우저 입력:

사용자 이름과 비밀번호 다 beef.입력 완료 단추를 누르면 Login, 로그인.

1.3 기본 테스트

브라우저 기본 테스트 페이지 열기.

대상 테스트 시스템 액세스 페이지 뒤에 beef 관리 페이지 수 수집한 정보를 보고 이때 해도 보내기 일부 공격 명령.자세한 내용은 됩니다 참조 내 - 비디오 코스: Kali 리눅스 웹 침투 테스트 동영상 강좌 한 제16과 BeEF 기본 사용

콘솔 상응하여 정보를 표시합니다.:

 

1.4 예외 메시지

내가 시험 몇 번 다시 설치 및 마운트 해제 후 다시 설치 한 1/5 확률이 나타날 아래의 문제를 특히 metasploit 통합 도착할 것이다 BeFF 후 문제가 나타난 확률 증가할 것이다.대충 오류 메시지는 다음과 같다:

NameError - uninitialized constant BeEF::Core::Command::Site_redirect:

     /usr/share/beef-xss/core/main/handlers/modules/command.rb:33:in `const_get'

     /usr/share/beef-xss/core/main/handlers/modules/command.rb:33:in `add_command_instructions'

     /usr/share/beef-xss/core/main/handlers/hookedbrowsers.rb:80:in `block (2 levels) in <class:HookedBrowsers>'

     /usr/lib/ruby/vendor_ruby/dm-core/collection.rb:508:in `block in each'

     /usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `block in each'

     /usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `each'

     /usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `each'

     /usr/lib/ruby/vendor_ruby/dm-core/collection.rb:505:in `each'

     /usr/share/beef-xss/core/main/handlers/hookedbrowsers.rb:80:in `block in <class:HookedBrowsers>'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1603:in `call'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1603:in `block in compile!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `[]'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `block (3 levels) in route!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:985:in `route_eval'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `block (2 levels) in route!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1006:in `block in process_route'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1004:in `catch'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1004:in `process_route'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:964:in `block in route!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:963:in `each'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:963:in `route!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1076:in `block in dispatch!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `block in invoke'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `catch'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `invoke'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1073:in `dispatch!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:898:in `block in call!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `block in invoke'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `catch'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `invoke'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:898:in `call!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:886:in `call'

     /usr/lib/ruby/vendor_ruby/rack/nulllogger.rb:9:in `call'

     /usr/lib/ruby/vendor_ruby/rack/head.rb:9:in `call'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:180:in `call'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:2014:in `call'

     /usr/lib/ruby/vendor_ruby/rack/urlmap.rb:64:in `block in call'

     /usr/lib/ruby/vendor_ruby/rack/urlmap.rb:49:in `each'

     /usr/lib/ruby/vendor_ruby/rack/urlmap.rb:49:in `call'

     /usr/lib/ruby/vendor_ruby/thin/connection.rb:80:in `block in pre_process'

     /usr/lib/ruby/vendor_ruby/thin/connection.rb:78:in `catch'

     /usr/lib/ruby/vendor_ruby/thin/connection.rb:78:in `pre_process'

     /usr/lib/ruby/vendor_ruby/thin/connection.rb:53:in `process'

     /usr/lib/ruby/vendor_ruby/thin/connection.rb:38:in `receive_data'

     /usr/lib/ruby/vendor_ruby/eventmachine.rb:187:in `run_machine'

     /usr/lib/ruby/vendor_ruby/eventmachine.rb:187:in `run'

     /usr/lib/ruby/vendor_ruby/thin/backends/base.rb:61:in `start'

     /usr/lib/ruby/vendor_ruby/thin/server.rb:159:in `start'

     /usr/share/beef-xss/core/main/server.rb:122:in `start'

     ./beef:140:in `<main>'

NameError - uninitialized constant BeEF::Core::Command::Site_redirect:

     /usr/share/beef-xss/core/main/handlers/modules/command.rb:33:in `const_get'

     /usr/share/beef-xss/core/main/handlers/modules/command.rb:33:in `add_command_instructions'

     /usr/share/beef-xss/core/main/handlers/hookedbrowsers.rb:80:in `block (2 levels) in <class:HookedBrowsers>'

     /usr/lib/ruby/vendor_ruby/dm-core/collection.rb:508:in `block in each'

     /usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `block in each'

     /usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `each'

     /usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `each'

     /usr/lib/ruby/vendor_ruby/dm-core/collection.rb:505:in `each'

     /usr/share/beef-xss/core/main/handlers/hookedbrowsers.rb:80:in `block in <class:HookedBrowsers>'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1603:in `call'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1603:in `block in compile!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `[]'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `block (3 levels) in route!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:985:in `route_eval'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `block (2 levels) in route!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1006:in `block in process_route'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1004:in `catch'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1004:in `process_route'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:964:in `block in route!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:963:in `each'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:963:in `route!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1076:in `block in dispatch!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `block in invoke'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `catch'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `invoke'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1073:in `dispatch!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:898:in `block in call!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `block in invoke'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `catch'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `invoke'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:898:in `call!'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:886:in `call'

     /usr/lib/ruby/vendor_ruby/rack/nulllogger.rb:9:in `call'

     /usr/lib/ruby/vendor_ruby/rack/head.rb:9:in `call'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:180:in `call'

     /usr/lib/ruby/vendor_ruby/sinatra/base.rb:2014:in `call'

     /usr/lib/ruby/vendor_ruby/rack/urlmap.rb:64:in `block in call'

     /usr/lib/ruby/vendor_ruby/rack/urlmap.rb:49:in `each'

     /usr/lib/ruby/vendor_ruby/rack/urlmap.rb:49:in `call'

     /usr/lib/ruby/vendor_ruby/thin/connection.rb:80:in `block in pre_process'

     /usr/lib/ruby/vendor_ruby/thin/connection.rb:78:in `catch'

     /usr/lib/ruby/vendor_ruby/thin/connection.rb:78:in `pre_process'

     /usr/lib/ruby/vendor_ruby/thin/connection.rb:53:in `process'

     /usr/lib/ruby/vendor_ruby/thin/connection.rb:38:in `receive_data'

     /usr/lib/ruby/vendor_ruby/eventmachine.rb:187:in `run_machine'

     /usr/lib/ruby/vendor_ruby/eventmachine.rb:187:in `run'

     /usr/lib/ruby/vendor_ruby/thin/backends/base.rb:61:in `start'

     /usr/lib/ruby/vendor_ruby/thin/server.rb:159:in `start'

     /usr/share/beef-xss/core/main/server.rb:122:in `start'

     ./beef:140:in `<main>'

 

해결 방안을 은 소스 설치, 루비 버전 업데이트.

1.5 그 원본 코드 설치BeEF

그 원본 코드 설치 BeEF 비교적 번거롭다, 나도 더듬어 꼬박 하루 겨우 설치 성공.

1.5.1 설치curl git

우선 설치 curl git.

apt-get install curl git

출력 정보:

읽는 중 꾸러미 목록... 완료

지금 분석 꾸러미 의존성 나무      

상태 메시지 완료 읽는 중...      

git 벌써 최신 버전 되었다.

다음 패키지 자동 설치 그리고 지금 필요 없다.:

  libhttp-parser2.1 ruby-addressable ruby-ansi ruby-atomic ruby-buftok

  ruby-daemons ruby-dataobjects ruby-dataobjects-mysql

  ruby-dataobjects-postgres ruby-dataobjects-sqlite3 ruby-dm-core

  ruby-dm-do-adapter ruby-dm-migrations ruby-dm-sqlite-adapter

  ruby-em-websocket ruby-equalizer ruby-erubis ruby-eventmachine ruby-execjs

  ruby-faraday ruby-http ruby-http-parser.rb ruby-librex ruby-libv8

  ruby-memoizable ruby-msfrpc-client ruby-msgpack ruby-multi-json

  ruby-multipart-post ruby-naught ruby-parseconfig ruby-rack

  ruby-rack-protection ruby-ref ruby-rubyzip ruby-simple-oauth ruby-sinatra

  ruby-term-ansicolor ruby-therubyracer ruby-thread-safe ruby-tilt

  ruby-twitter ruby-uglifier thin

Use 'apt-get autoremove' to remove them.

다음 패키지 규모로 업그레이드:

  curl libcurl3

업그레이드 두 소프트웨어, 새로 설치한 패키지 0 명 을 마운트 0개 패키지, 147 한 꾸러미 아직 의해 업그레이드.

필요한 601 kB 다운로드 소프트웨어 패키지.

압축 풀기 후 소모 떨어져 0 b 추가 공간.

얻다: 1 kali/updates/main curl amd64 7.26.0-1+wheezy11 [270 kB]

얻다: 2 kali/updates/main libcurl3 amd64 7.26.0-1+wheezy11 [331 kB]

다운로드 601 kB, 耗时 23 초 (25.8 kB/s)

변경 기록 읽기 (changelogs)... 완료     

(읽는 중 데이터베이스 시스템 설치... 현재 모두 325894 파일과 디렉터리 하나 있다. )

바로 예비 바꾸기 curl 7.26.0-1+wheezy10 (사용 .../curl_7.26.0-1+wheezy11_amd64.deb) ...

압축 푸는 중 사용할 수 있는 것이다 包文件 교체 curl ...

바로 예비 바꾸기 libcurl3:amd64 7.26.0-1+wheezy10 (사용 .../libcurl3_7.26.0-1+wheezy11_amd64.deb) ...

압축 푸는 중 사용할 수 있는 것이다 包文件 교체 libcurl3:amd64 ...

처리 중 man-db 사용할 수 있는 트리거...

설정 libcurl3:amd64 (7.26.0-1+wheezy11) ...

설정 curl (7.26.0-1+wheezy11) ...

1.5.2 설치rvm

터미널 다음 명령을 입력하십시오.:

bash -s stable <<(curl -s https://raw.github.com/wayneeseguin/rvm/master/binscripts/rvm-installer)

source /etc/profile.d/rvm.sh

다시 다음 명령을 입력하십시오.:

rvm –v

출력 정보:

rvm 1.26.5 (latest) by Wayne E. Seguin <>, Michal Papis <> [ ]

1.5.3 설치 의존 항목

명령 실행:

for package in zlib openssl libxslt libxml2; do rvm pkg install $package; done

출력 정보를 다음과 같다:

Beware, 'rvm pkg ...' is deprecated, read about the new autolibs feature: 'rvm help autolibs'.

 

Checking requirements for debian.

Installing requirements for debian.

Updating system........................

Installing required packages: gawk, g++, libreadline6-dev, zlib1g-dev, libssl-dev, libyaml-dev, libsqlite3-dev, libgdbm-dev, libncurses5-dev, libtool, libffi-dev...........

Requirements installation successful.

Fetching zlib-1.2.7.tar.gz to /usr/local/rvm/archives

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

  0   364    0     0    0     0      0      0 --:--:--  0:00:01 --:--:--     0

  0   333    0     0    0     0      0      0 --:--:--  0:00:03 --:--:--     0

100  547k  100  547k    0     0  35733      0  0:00:15  0:00:15 --:--:--  219k

No checksum for downloaded archive, recording checksum in user configuration.

Extracting zlib to /usr/local/rvm/src/zlib-1.2.7....

Configuring zlib in /usr/local/rvm/src/zlib-1.2.7...

Compiling zlib in /usr/local/rvm/src/zlib-1.2.7......

Installing zlib to /usr/local/rvm/usr..

 

Please note that it's required to reinstall all rubies:

 

    rvm reinstall all --force

 

 

Beware, 'rvm pkg ...' is deprecated, read about the new autolibs feature: 'rvm help autolibs'.

 

Checking requirements for debian.

Requirements installation successful.

Fetching openssl-1.0.1i.tar.gz to /usr/local/rvm/archives

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100 4318k  100 4318k    0     0   132k      0  0:00:32  0:00:32 --:--:--  447k

Extracting openssl to /usr/local/rvm/src/openssl-1.0.1i....

Configuring openssl in /usr/local/rvm/src/openssl-1.0.1i...................................

Compiling openssl in /usr/local/rvm/src/openssl-1.0.1i.............................................................................................................................

Installing openssl to /usr/local/rvm/usr.................................................................................................................................................................................

 

Please note that it's required to reinstall all rubies:

 

    rvm reinstall all --force

 

Updating openssl certificates..

 

Beware, 'rvm pkg ...' is deprecated, read about the new autolibs feature: 'rvm help autolibs'.

 

Checking requirements for debian.

Requirements installation successful.

Fetching libxslt-1.1.26.tar.gz to /usr/local/rvm/archives

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100 3321k  100 3321k    0     0  36585      0  0:01:32  0:01:32 --:--:-- 35940

100 3321k  100 3321k    0     0  36390      0  0:01:33  0:01:33 --:--:-- 36390No checksum for downloaded archive, recording checksum in user configuration.

Extracting libxslt to /usr/local/rvm/src/libxslt-1.1.26....

Prepare libxslt in /usr/local/rvm/src/libxslt-1.1.26.......

Configuring libxslt in /usr/local/rvm/src/libxslt-1.1.26...................

Error running './configure --prefix=/usr/local/rvm/usr --enable-shared --with-libxml-prefix=/usr/local/rvm/usr',

showing last 15 lines of /usr/local/rvm/log/1419127437/libxslt_configure.log

checking for snprintf... yes

checking for vfprintf... yes

checking for vsprintf... yes

checking for vsnprintf... yes

checking for sscanf... yes

checking for perl... perl

checking for python... /usr/bin/python

PYTHON is pointing at /usr/bin/python

Found Python version 2.7

Found libxml2-python module

could not find python2.7/Python.h

checking for libgcrypt-config... no

Crypto extensions will not be available. Install libgcrypt and reconfigure to make available.

Enabling debugger

checking for libxml libraries >= 2.6.27... configure: error: Could not find libxml2 anywhere, check ftp://xmlsoft.org/.

Compiling libxslt in /usr/local/rvm/src/libxslt-1.1.26..

Error running '__rvm_make -j2',

showing last 15 lines of /usr/local/rvm/log/1419127437/libxslt_make.log

[2014-12-21 10:04:12] __rvm_make

__rvm_make ()

{

    \make "$@" || return $?

}

current path: /usr/local/rvm/src/libxslt-1.1.26

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/bin:/usr/local/rvm/bin:/usr/bin

command(2): __rvm_make -j2

+ make -j2

make: *** 게다가 분명히 목표 찾을 수 없다 makefile.정지.

+ return 2

 

Please note that it's required to reinstall all rubies:

 

    rvm reinstall all --force

 

 

Beware, 'rvm pkg ...' is deprecated, read about the new autolibs feature: 'rvm help autolibs'.

 

Checking requirements for debian.

Requirements installation successful.

Fetching libxml2-2.7.3.tar.gz to /usr/local/rvm/archives

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100 4677k  100 4677k    0     0   154k      0  0:00:30  0:00:30 --:--:--  343k

No checksum for downloaded archive, recording checksum in user configuration.

Extracting libxml2 to /usr/local/rvm/src/libxml2-2.7.3....

Prepare libxml2 in /usr/local/rvm/src/libxml2-2.7.3...

Configuring libxml2 in /usr/local/rvm/src/libxml2-2.7.3..........................

Compiling libxml2 in /usr/local/rvm/src/libxml2-2.7.3..................................................

Installing libxml2 to /usr/local/rvm/usr...............

 

Please note that it's required to reinstall all rubies:

 

    rvm reinstall all –force

1.5.4 설치ruby

명령 실행:

rvm install 1.9.3

출력 정보를 다음과 같다:

Searching for binary rubies, this might take some time.

No binary rubies available for: debian/Kali_Linux_1/x86_64/ruby-1.9.3-p551.

Continuing with compilation. Please read 'rvm help mount' to get more information on binary rubies.

Checking requirements for debian.

Requirements installation successful.

Installing Ruby from source to: /usr/local/rvm/rubies/ruby-1.9.3-p551, this may take a while depending on your cpu(s)...

ruby-1.9.3-p551 - #downloading ruby-1.9.3-p551, this may take a while depending on your connection...

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100 9813k  100 9813k    0     0   308k      0  0:00:31  0:00:31 --:--:--  464k

ruby-1.9.3-p551 - #extracting ruby-1.9.3-p551 to /usr/local/rvm/src/ruby-1.9.3-p551....

ruby-1.9.3-p551 - #applying patch /usr/local/rvm/patches/ruby/GH-488.patch.

ruby-1.9.3-p551 - #configuring.............................................

ruby-1.9.3-p551 - #post-configuration..

ruby-1.9.3-p551 - #compiling..........................................................................................................

ruby-1.9.3-p551 - #installing........................

ruby-1.9.3-p551 - #making binaries executable..

ruby-1.9.3-p551 - #downloading rubygems-2.4.5

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100  436k  100  436k    0     0  16680      0  0:00:26  0:00:26 --:--:-- 78678

No checksum for downloaded archive, recording checksum in user configuration.

ruby-1.9.3-p551 - #extracting rubygems-2.4.5....

ruby-1.9.3-p551 - #removing old rubygems.........

ruby-1.9.3-p551 - #installing rubygems-2.4.5..................

ruby-1.9.3-p551 - #gemset created /usr/local/rvm/gems/ruby-1.9.3-p551@global

ruby-1.9.3-p551 - #importing gemset /usr/local/rvm/gemsets/global.gems...........................................................

ruby-1.9.3-p551 - #generating global wrappers........

ruby-1.9.3-p551 - #gemset created /usr/local/rvm/gems/ruby-1.9.3-p551

ruby-1.9.3-p551 - #importing gemsetfile /usr/local/rvm/gemsets/default.gems evaluated to empty gem list

ruby-1.9.3-p551 - #generating default wrappers........

ruby-1.9.3-p551 - #adjusting #shebangs for (gem irb erb ri rdoc testrb rake).

Install of ruby-1.9.3-p551 - #complete

WARNING: Please be aware that you just installed a ruby that is no longer maintained (2014-02-23), for a list of maintained rubies visit:

 

   

 

Please consider upgrading to ruby-2.1.5 which will have all of the latest security patches.

Ruby was built without documentation, to build it run: rvm docs generate-ri

명령 실행, 설정 루비 버전:

rvm 1.9.3 –default

1.5.5 설치bundler

명령 실행:

echo "gem: --no-rdoc --no-ri" > ~/.gemrc

출력 정보를 다음과 같다:

Fetching: bundler-1.7.9.gem (100%)

Successfully installed bundler-1.7.9

1 gem installed

1.5.6다운로드beef

명령 실행:

git clone git://github.com/beefproject/beef.git

출력 정보를 다음과 같다:

복제된 까지 'beef'...

remote: Counting objects: 22584, done.

remote: Compressing objects: 100% (47/47), done.

remote: Total 22584 (delta 29), reused 0 (delta 0)

Receiving objects: 100% (22584/22584), 9.20 MiB | 208 KiB/s, done.

Resolving deltas: 100% (11229/11229), done.

1.5.7 설치 및 시작

beef 소스 디렉토리 들어가다:

cd beef

설치

bundle install

출력 정보를 다음과 같다:

Don't run Bundler as root. Bundler can ask for sudo if it is needed, and

installing your bundle as root will break this application for all non-root

users on this machine.

Fetching gem metadata from

Fetching additional metadata from

Resolving dependencies...

Installing addressable 2.3.6

Installing ansi 1.4.3

Installing daemons 1.1.9

Installing data_objects 0.10.14

Installing dm-core 1.2.1

Installing dm-do-adapter 1.2.0

Installing dm-migrations 1.2.0

Installing do_sqlite3 0.10.14

Installing dm-sqlite-adapter 1.2.0

Installing eventmachine 1.0.3

Installing em-websocket 0.3.8

Installing erubis 2.7.0

Installing execjs 2.2.2

Installing geoip 1.4.0

Installing json 1.8.1

Installing librex 0.0.999

Installing libv8 3.11.8.17

Installing msgpack 0.5.9

Installing msfrpc-client 1.0.3

Installing multi_json 1.10.1

Installing parseconfig 1.0.6

Installing rack 1.5.2

Installing rack-protection 1.5.3

Installing rainbow 2.0.0

Installing ref 1.0.5

Installing rexec 1.6.3

Installing rubydns 0.7.0

Installing rubyzip 1.1.6

Installing tilt 1.4.1

Installing sinatra 1.4.2

Installing tins 1.3.3

Installing term-ansicolor 1.3.0

Installing therubyracer 0.11.3

Installing thin 1.6.3

Installing uglifier 2.2.1

Using bundler 1.7.9

Your bundle is complete!

Use `bundle show [gemname]` to see where a bundled gem is installed.

시작 beef.

ruby beef

성공 정보:

[10:34:13][*] Bind socket [imapeudora1] listening on [0.0.0.0:2000].

[10:34:14][*] Browser Exploitation Framework (BeEF) 0.4.5.1-alpha

[10:34:14]    |   Twit: @beefproject

[10:34:14]    |   Site:

[10:34:14]    |   Blog:

[10:34:14]    |_  Wiki: https://github.com/beefproject/beef/wiki

[10:34:14][*] Project Creator: Wade Alcorn (@WadeAlcorn)

[10:34:14][*] BeEF is loading. Wait a few seconds...

[10:34:17][*] 11 extensions enabled.

[10:34:17][*] 221 modules enabled.

[10:34:17][*] 2 network interfaces were detected.

[10:34:17][+] running on network interface: 127.0.0.1

[10:34:17]    |   Hook URL:

[10:34:17]    |_  UI URL:  

[10:34:17][+] running on network interface: 192.168.1.103

[10:34:17]    |   Hook URL:

[10:34:17]    |_  UI URL:  

[10:34:17][*] RESTful API key: 80ae1fc7f98ff50ab97593e55c822fa9474889a7

[10:34:17][*] DNS Server: 127.0.0.1:5300 (udp)

[10:34:17]    |   Upstream Server: 8.8.8.8:53 (udp)

[10:34:17]    |_  Upstream Server: 8.8.8.8:53 (tcp)

[10:34:17][*] HTTP Proxy:

[10:34:17][*] BeEF server started (press control+c to stop)

[10:34:21][*] New Hooked Browser [id:1, ip:192.168.1.104, type:IE-6, os:Windows XP], hooked domain [192.168.1.103:3000]

1.6 통합metasploit

만약 사용apt-get install 설치 는 /usr/share/beef-xss 다음 시작 디렉터리 설정.만약 소스 설치 는 소스 디렉토리 아래 진행 설정.

지금 루트 다음 설정 config.yaml 것이다 extension 아래 metasploit 값 설정 을 true.

전환 디렉토리를 beef 문서 루트 아래extensions/metasploit아래 설정 config.yaml 주요 주의 ip 주소 및 mspath 다음 custom 옵션 보면 표 황 일부.

#

# Copyright (c) 2006-2014 Wade Alcorn -

# Browser Exploitation Framework (BeEF) -

# See the file 'doc/COPYING' for copying permission

#

# Enable MSF by changing extension:metasploit:enable to true

# Then set msf_callback_host to be the public IP of your MSF server

#

# Ensure you load the xmlrpc interface in Metasploit

# msf > load msgrpc ServerHost=IP Pass=abc123

# Please note that the ServerHost parameter must have the same value of host and callback_host variables here below.

# Also always use the IP of your machine where MSF is listening.

beef:

    extension:

        metasploit:

            name: 'Metasploit'

            enable: true

            host: "192.168.1.103"

            port: 55552

            user: "msf"

            pass: "abc123"

            uri: '/api'

# if you need "ssl: true" make sure you start msfrpcd with "SSL=y", like:

            # load msgrpc ServerHost=IP Pass=abc123 SSL=y

            ssl: false

            ssl_version: 'TLSv1'

            ssl_verify: true

            callback_host: "192.168.1.103"

            autopwn_url: "autopwn"

            auto_msfrpcd: false

            auto_msfrpcd_timeout: 120

            msf_path: [

              {os: 'osx', path: '/opt/local/msf/'},

              {os: 'livecd', path: '/opt/metasploit-framework/'},

              {os: 'bt5r3', path: '/opt/metasploit/msf3/'},

              {os: 'bt5', path: '/opt/framework3/msf3/'},

              {os: 'backbox', path: '/opt/backbox/msf/'},

              {os: 'kali', path: '/usr/share/metasploit-framework/'},

              {os: 'pentoo', path: '/usr/lib/metasploit'},

              {os: 'win', path: 'c:\\metasploit-framework\\'},

              {os: 'custom', path: '/usr/share/metasploit-framework/'}

            ]

시작 metasploit 후에 다음 명령을 입력하십시오.:

load msgrpc ServerHost=192.168.1.103 Pass=abc123

serverhost 과 pass 옵션 대응 위에 설정 중 host 및 pass (입찰 붉은 부분).

metasploit msgrpc연결 성공 후 다시 시작 BeEF 할 metasploit 구성 요소를 불러옵니다 성공 정보 보고.

 원문 참조:

ps: 对此文章感兴趣的读者, 可以加qq군: Hacking:303242737(已满);Hacking-2群: 147098303, Hacking-3群: 31371755, hacking-4群:201891680;Hacking-5群: 316885176

글쓴이 성민 작성일 2015-01-06 15:24