Monday, January 7, 2013

BeEF Live - The quick and easy way to get your BeEF

Today's post is brought to you by Ben Waugh (@bw_z)

By far the most common queries or issues our users encounter is how to get BeEF dependencies running with a minimum of hassle on their systems. While our installation guide includes instructions for most *Nix distributions, we also put together a LiveCD which includes a working install or BeEF, Metasploit and sqlmap.

Using the LiveCD
Download here: http://downloads.beefproject.com/BeEFLive1.2.iso

To run, simply:
  • Download 
  • Create a new VM using your virtualisation software of choice
  • Boot from the ISO. 
  • The console will automatically login with user "beef" and present you with a few options at startup:
    • Install & Setup SSH: this will enable SSH for remote access to the VM and prompt you to create a password. 
    • Update BeEF (or metasploit/sqlmap) will update to the latest version available in GitHub.
    • Start beef.
Known Issues
Due to some issues running Ubuntu on VirtualBox, users of VirtualBox may have to toggle PAE Support

About the LiveCD
The liveCD is based on Ubuntu 12.04 LTS and is configured to use Ruby 1.9.3p194. Apart from the standard install instructions (above) there is very little custom configuration of the OS.
Ruby Version Manager was used (https://rvm.io/) to install and ruby versions, users can customise further and download, install and switch between Ruby versions with the rvm command on the LiveCD.

The LiveCD was generated using Remastersys and it's dist command, which generates the 850MB ISO file above. The custom splash screen and grub text are also customised by providing a custom splash.png and isolinug.cfg files.

A reference to the liveCD/BeEFLive.sh file in the BeEF repository is added to the default user profile to provide the user with a series of friendly prompts, including updating or running beef.

Any suggestions for other customisations or feature requests for the BeEF LiveCD? Let us know @beefproject or raise issues for us in GitHub.

No comments:

Post a Comment