BeEF 0.4 released!!

September 18, 2009

Wade Alcorn recently released the new version of BeEF. This version includes many of the modules RSnake and I presented at Defcon 17. The videos can be found at: I’m really excited for this version! BeEF 0.4 moves BeEF from just a proof-of-concept to a framework that is really powerful for penetration testing.

I will be updating the BeEF package in BackTrack 4 sometime early next week.



Metasploit Autopwn (via BeEF)

August 6, 2009

This is a module from the Browser Exploitation Framework (BeEF) to perform an iframe redirection to Metasploit Browser Autopwn or a Browser Exploit. However, in this video, we used netcat (nc) instead of Metasploit. We configured netcat to listen and verify that the request was made to netcat. In exploitation, Metasploit would launch the exploit(s) against the client once the first request is made. This was demonstrated during “Unmasking You!” at BlackHat 09 and DEFCON 17 by Joshua “Jabra” Abraham and Robert “RSnake” Hansen.