BeEF: The Browser Exploit Framework
While many security professionals have used the Metasploit Framework, there is another exploit framework that you should review. It is known as BeEF. BeEF is a powerful exploit framework that is focused on leveraging browser vulnerabilities to assess the security posture of a target. Just as many penetration testers use proxies such as Burp and Paros, BeEF takes this a step further by directly targeting the browser.
You can think of browser exploitation as a method of taking advantage of vulnerabilities in the browser software to modify specific settings without the knowledge of the end user. The BeEF exploit framework allows penetration testers to select specific modules to target each browser in a one-two-three approach. First, a target is selected. After selecting a target, the user can load a specific module used for attack. The ‘Load Modules’ area shows what modules are available for use and, once selected, allows the code to be sent to the targeted browser. Once the module is loaded, the vulnerability can be exploited.
As an example, one module is used to target the way Apple computers insecurely handle URL schemes when initiating a Skype outbound call. If successful, BeEF will initiate a Skype call without the end user’s permission. While this is just one example of BeEF, it demonstrates the power of the tool and how it can be used by security professionals and penetration testers to test for client side vulnerabilities. Other modules include browser overflows, cross site scripting, keylogging, and clipboard theft.