BeEF是目前流行的一种web框架攻击平台，它的全称是 the Browser exploitation framework project.最近两年国外各种会议都有它的介绍。

通过XSS这个简单的漏洞，BeEF可以通过一段编制好的javascript控制目标主机的浏览器，通过浏览器拿到各种信息并且扫描内网信息，同时能够配合metasploit进一步渗透主机。

安装环境

添加软件源

编辑/etc/apt/sources.list文件

1	sudo vim /etc/apt/sources.list

在结尾处添加

1	deb http://ubuntu.mirror.cambrium.nl/ubuntu/ precise main universe

安装依赖的软件

sudo apt-get install ruby1.9.3
sudo apt-get install libssl-dev libsqlite3-dev sqlite
sudo apt-get install g++
sudo apt-get install git

安装BEef

git clone https://github.com/beefproject/beef
sudo gem install bundler
bundle install
sudo ./beef

这里顺带一提，在bundle install之前，最好改一下Gemfile
出于众所周知的原因

1 2	vim Gemfile 将原本的 rubygem.org 源换成 https://ruby.taobao.org/

数据库可以支持SQLite,MySQL或PostgreSQL
我们可以用以下命令查看使用哪种数据库

1	cat config.yaml \| grep driver:

webUI 运行在 http://localhost:3000/ui/authentication
默认帐号密码都是beef
修改帐号密码，beef目录打开config.yaml修改

gem依赖

如果有Gemfile
先bundle，再bundle install。

sudo gem install addressable -v 2.3.6
sudo gem install ansi -v '1.4.3'
sudo gem install chunky_png -v '1.3.5'
sudo gem install daemons -v '1.1.9'
sudo gem install data_objects -v '0.10.14' 
sudo gem install dm-core -v '1.2.1'
sudo gem install dm-do-adapter -v '1.2.0'
sudo gem install dm-migrations -v '1.2.0'
sudo gem install fastercsv -v '1.5.5'
sudo gem install json_pure -v '1.8.3'
sudo gem install multi_json -v '1.9.3'
sudo gem install do_sqlite3 -v '0.10.14'
sudo gem install dm-sqlite-adapter -v '1.2.0'
sudo gem install eventmachine -v '1.0.7'
sudo gem install em-websocket -v '0.3.8'
sudo gem install execjs -v '2.0.2'
sudo gem install geoip -v '1.4.0'
sudo gem install librex -v '0.0.68'
sudo gem install libv8 -v '3.11.8.17'
sudo gem install mime-types -v '2.6.2'
sudo gem install mojo_magick -v '0.5.6' 
sudo gem install msgpack -v '0.5.8'
sudo gem install msfrpc-client -v '1.0.1'
sudo gem install parseconfig -v '1.0.4'
sudo gem install rqrcode -v '0.7.0'
sudo gem install qr4r -v '0.4.0'
sudo gem install rack-protection -v '1.5.3'
sudo gem install rainbow -v '2.0.0'
sudo gem install ref -v '1.0.5'
sudo gem install rexec -v '1.6.3'
sudo gem install rubydns -v '0.7.0'
sudo gem install rubyzip -v '1.1.3'
sudo gem install sinatra -v '1.4.2'
sudo gem install term-ansicolor -v '1.1.5'
sudo gem install therubyracer -v '0.11.3'
sudo gem install thin -v '1.6.2'
sudo gem install uglifier -v '2.2.1'

修改beef默认密码

配置就在config.yaml里。

一个潜在的坑

错误信息

1	API Fire Error: invalid byte sequence in US-ASCII in {:owner=>BeEF::Extension::AdminUI::API::Handler, :id=>23}.mount_handler()

解决办法

1 2	export LANG="en_US.UTF-8" export LC_ALL="en_US.UTF-8"

Docker环境

Hi, my problem was related to a docker container (I had tried export LANG but without result). Now I've resolved in this way:
1-install "locales" package
2-(Dockerfile) RUN locale-gen UTF-8 en_US && localedef -c -f UTF-8 -i en_US en_US.UTF-8
3-(Dockerfile) ENV LANG="en_US.UTF-8" LANGUAGE="en_US:en" LC_ALL="en_US.UTF-8"
Regards,k.