Beef-xss with html games

welcome to hacking a rise im the laughing man today we are going to show ya ways to trick people clicking your link to hook browsers so this one my fav ways lads i take pride in telling ye how to do this hahaha its funny coz they think they are playing games but really we are hacking there system hahahaha so lets start with what is beef-xss and html

What is beef-xss

BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. … BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.

What is HTML

Hypertext Markup Language is the standard markup language for documents designed to be displayed in a web browser. It can be assisted by technologies such as Cascading Style Sheets and scripting languages such as JavaScript

Getting started

right lads to get started we going to need to forward the ports on your router but for thos that dont know how we got Beef-Over-Wan so we will start with installing it
git clone https://github.com/stormshadow07/BeeF-Over-Wan.git
cd BeeF-Over-Wan
chmod +x BeeFOverWan.py && python BeeFOverWan.py

Now we need to install ngrok
Download ngrok
First, download the ngrok client, a single binary with zero run-time dependencies.

Linux
Mac OS X Windows Mac (32-bit) Windows (32-bit) Linux (ARM) Linux (ARM64) Linux (32-bit) FreeBSD (64-Bit) FreeBSD (32-bit)
Unzip to install
On Linux or OSX you can unzip ngrok from a terminal with the following command. On Windows, just double click ngrok.zip.

unzip /path/to/ngrok.zip
Most people like to keep ngrok in their primary user folder or set an alias for easy command-line access.

Connect your account
Running this command will add your authtoken to your ngrok.yml file. Connecting an account will list your open tunnels in the dashboard, give you longer tunnel timeouts, and more. Visit the dashboard to get your auth token.

./ngrok authtoken

Sign up for free to get your auth token.

Try it out by running it from the command line:

./ngrok help
To start a HTTP tunnel on port 80, run this next:

./ngrok http 80
https://ngrok.com/download <--- find out more --->

now we need to edit the /root/.ngrok2/ngrok.yml
tunnels:
first-app:
addr: 80
proto: http
second-app:
addr: 3000
proto: http
add that to the file and save it
Beef-xss with html games 11

How to perform the hack

right lad are first thing to do is add are game to are html folder so so to html games and click embed
Beef-xss with html games 12

Beef-xss with html games 13

then type gedit /var/www/html/PirateJewelCollapse.html

now before we add the hook link check if the game works so type firefox /var/www/html/PirateJewelCollapse.html
Beef-xss with html games 15

It works WHOOP WHOOP now lets start ngrok
since i got so cd to ngrok and type ./ngrok start --all
Beef-xss with html games 16

now we start Beef-over-wan so open a new terminal and go to Beef-over-wan type cd BeeF-Over-Wan/
Beef-xss with html games 17

Press 0
Beef-xss with html games 18

Press enter
Beef-xss with html games 19

now add the first link the one calling back on port 80
Beef-xss with html games 20

and the second link the one calling back on port 3000 this the one you use to log in
Beef-xss with html games 21

now we go the the var/www/html folder and open the beef.html file and copy the hook script
Beef-xss with html games 22

now we close it and open the game html file and add the hook code to it
Beef-xss with html games 23

now that’s done we are ready to send the link to victim

http://5d6da1d3.ngrok.io/PirateJewelCollapse.html

so now we log in to beef

http://5a66440c.ngrok.io/ui/authentication

when the target clicks the link they will be hooked

pentester
Hi im the laughing man im a pentester and the owner of Hacking a rise

Leave a Reply