Learn2Hack

Live one-one-one lessons


network security
Tutorials

-Using A VPN
-Hacking Basics
-Intro To Linux
-SQLmap
-Exploiting WebDAV
-Hack Wifi
-Ngrok with Beef-XSS
-Using Proxychains
-Netcat Basic Usage
-Nmap Tutorial
-Password Attacks
-Phishing
-How to use Wireshark

Python

-Intro To Python
-Intermediate Python
-Python Port Scanner
-Python Sandbox

Setting up BeEF-XSS with Ngrok for Browser Exploitation


BeEF-XSS is a powerful browser exploitation framework that focuses on the web browser as the main entry point. In this tutorial, we'll explore how to use Ngrok to create a secure tunnel, eliminating the need for port forwarding.


Steps:

  1. Sign up for Ngrok Account:

    Go to ngrok.io and sign up for an account. Note that a paid version is required for Ngrok to work with BeEF. Activate your account by adding your API key to Ngrok using the following command:

    $ ngrok config add-authtoken <your-api-key>

  2. Create a Custom Domain:

    After activating your account, you can create a custom domain name using the ngrok.io top-level domain (TLD).


  3. Download and Configure BeEF:

    Download BeEF and configure it using the config.yaml file.


  4. Tunnel Traffic to BeEF Server:

    Use Ngrok to tunnel traffic to your BeEF server (default port is 3000):

    $ ngrok http 3000

    For a custom domain:

    $ ngrok http 3000 --domain *.ngrok.io

  5. Access BeEF Admin Interface:

    Ngrok will provide a publicly accessible forwarded tunnel URL. Start BeEF and ensure you can access the admin interface using this URL, for example: https://your.ngrok.url/ui/panel.


  6. Configure BeEF for Ngrok:

    In the config.yaml file, update the beef.http.public:* properties:

    
    public:
      host: your.ngrok.url (without https://)
      port: 443 (or 80 for HTTP)
      https: true
      allow_reverse_proxy: true
            

  7. Restart BeEF-XSS:

    Restart BeEF-XSS, and it should now show your Ngrok URL for accessing the admin panel: *.ngrok.io/ui/panel.


Congratulations! You've successfully set up BeEF-XSS with Ngrok, allowing you to hook browsers without the need for port forwarding. Happy hacking responsibly!


Using Ngrok with BeEf-XSS


Copyright © Learn2Hack 2023


Contact: info@learn2hack.io

Telephone: 1 306 992-2446

Policy
minicoders