beefproject/beef

beef with ngrok not hooking

usethisname1419 opened this issue · 3 comments

I am using BeeF with Ngrok
Beef version 0.5.4.0

When I goto the demo pages via my Ngrok URL the demo page shows up and says i should be hooked, but no browsers appear in hooked browsers

I changed the config file to use with Ngrok
###################################
beef:
version: 0.5.4.0
debug: false
client_debug: false
crypto_default_value_length: 80
credentials:
user: beef
passwd: '#######'
restrictions:
permitted_hooking_subnet:
- 0.0.0.0/0
- "::/0"
permitted_ui_subnet:
- 0.0.0.0/0
- "::/0"
excluded_hooking_subnet: []
api_attempt_delay: '0.05'
http:
public:
host: "https://13b430ba2d1b.ngrok.app"
port: "443"
https: true
debug: false
host: 0.0.0.0
port: '3000'
xhr_poll_timeout: 1000
allow_reverse_proxy: true
hook_file: "/hook.js"
hook_session_name: BEEFHOOK
restful_api:
allow_cors: false
cors_allowed_domains: http://browserhacker.com
websocket:
enable: false
port: 61985
secure: true
secure_port: 61986
ws_poll_timeout: 5000
ws_connect_timeout: 500
web_server_imitation:
enable: true
type: apache
hook_404: false
hook_root: false
https:
enable: false
public_enabled: false
key: beef_key.pem
cert: beef_cert.pem
database:
file: db/beef.db
autorun:
result_poll_interval: 300
result_poll_timeout: 5000
continue_after_timeout: true
dns_hostname_lookup: false
geoip:
enable: true
database: "/var/lib/GeoIP/GeoLite2-City.mmdb"
integration:
phishing_frenzy:
enable: false
extension:
admin_ui:
enable: true
base_path: "/ui"
demos:
enable: true
events:
enable: true
evasion:
enable: false
requester:
enable: true
proxy:
enable: true
network:
enable: true
metasploit:
enable: false
social_engineering:
enable: true
xssrays:
enable: true
#############################

the demo page and advanced page are available when using the ngrok URL from a different network, although it does not hook the browser. Also I tried to access the ui/panel page using the Ngrok URL and it takes me to authentication page but when i try to log in it just reloads the authentication page

I'd like to know why it is not hooking remote browsers
i use firefox on kali for accesssing the ui/panel
the kali machine is virtualbox VM

when trying the demo page to hook remotely i am using chrome

I am also getting HTTP code 302 when trying to access ui/panel via ngrok URL
Here is Ngrok HTTP requests
HTTP Requests

GET /ui/panel 302 Moved Temporarily
GET /ui/authentication 200 OK
POST /ui/authentication/login 200 OK
GET /ui/authentication 200 OK
GET /ui/media/javascript-min/web_ui_auth.js 304 Not Modified
GET /ui/media/images/beef.png 200 OK
GET /ui/panel 302 Moved Temporarily
GET /demos/basic.html 200 OK
GET /hook.js 200 OK
GET /ui/authentication 200 OK

Please join the BeEF discord to discuss this issue. Someone there might be able to help https://discord.gg/ugmKmHarKc

Your config.yaml file need to be modified:

change:
host: "https://13b430ba2d1b.ngrok.app/"

to:
host: "13b430ba2d1b.ngrok.app"

It need a domain not a URL.