Thursday, April 19, 2012

Why BeEF PHP is discontinued, and what's new in BeEF Ruby?

I'm sure a lot of you out there are still using the PHP version of BeEF. Actually, when I was speaking in various conferences about BeEF I realized that many people didn't know about the new Ruby BeEF.

The PHP version has been discontinued for various reasons:
  • It wasn't easy to extend from a core perspective.
  • When adding new modules, code was duplicated; you had to copy and paste a lot of code from previous modules, then add maybe 3 lines of Javascript as the new code, resulting in an anti-patterns.
  • There was no decent API.
  • IMHO PHP sucks for many reasons: it's got a ton of security issues, like Sendmail; it's not a true OO language, and programming with objects makes life easier. Ruby instead is OO, and the new BeEF heavily relies on that.
The new BeEF Ruby development started around mid-2010, with Wade's first post announcing it in October 2010. Rewriting BeEF from scratch was in Wade's to-do list for quite some time. It required a bunch of developers and a good language.

Ruby was the choice, for many reasons:
  • It's fully Object Oriented, flexible and easy to code.
  • It does not require an external web server to run, so you have maximum flexibility with Ruby-written application servers. Features like the Tunneling Proxy would have been difficult to implement with Apache + PHP.
Lets be honest. Until 6 months ago, BeEF Ruby was experimental and unstable. It was using WebRick, the default application server that comes with Ruby (without additional gems). WebRick is not thread-safe. That's why mutexes were used in class constructors. LOL, don't blame me :-). Add to it sqlite, another piece of software that isn't thread-safe,  and bam...we had to have XHR-polling (that's basically the communication channel we currently use) every 8-10 seconds.

So yeah, BeEF was damn slow and we had complaints over twitter, email, and so on. To add to the grief, BackTrack and other pentesting distros were still including the old PHP BeEF.  This is now no longer true, read this if you are upgrading to BackTrack5-r2, or just use BT5-r2 to enjoy BeEF.

In November 2011, we had a programming sprint. We rewrote parts of the BeEF core to  replace WebRick and custom "servlets" (for those of you coming from a JEE background, like me, this will sound familiar) with Thin, Rack, and recently Sinatra.

The performance advantages were massive, and all the concurrency and lock errors we had with sqlite went magically away :-) Thin is using Mongrel's parser and Event Machine, so it's handling tons of requests faster and consuming less resources because it's a state machine.

Rack and Sinatra really help you code your web application easier, faster and more securely. Take a look at the code of the RESTful API for an example.

Having this new powerful core, we could change the XHR-polling to execute every second, so 10 times faster than before :D Also, now BeEF can be easily used with tens (or more) of hooked browsers without the need to worry too much about performance.

Other big differences with the old PHP BeEF are the modularity and extensibility of the framework. We have command modules and extensions, so code duplication is minimized.

You write an extension, if you need to add a fairly tightly coupled functionality into the core, with the ability to switch it on or off when starting the framework. Tunneling Proxy, XssRays, and even the Admin User Interface are currently extensions.

You write a module when you need to add a new attack/exploit to be launched through BeEF. Basically anything you want to do in Javascript, HTML, Java, (insert arbitrary browser acceptable language) can be done through a command module.

There are also currently three APIs:
  • one API is internal to the core, used by extensions and modules;
  • the RESTful API we already discussed in previous blog posts, used to expose framework functionality externally;
  • and the Javascript API, with many useful helper methods to create invisible or overlay iframes, send requests, attach applets, manipulated the DOM in various ways, etc..
The old PHP BeEF lacked API support completely.

Last, but not least, we use an agile development process with unit and functional testing, including continuous integration. Writing tests is boring and sometimes more difficult than the code they are supposed to test, but they are effective at spotting errors and changes that break the core or modules. We are constantly adding new tests. Expect a cool blog post in the next week about this topic.

All the modules that were present in the PHP version, including the Metasploit integration, have been ported (when possible, some of them were old and not working in recent browsers).

So next time I will hear someone saying "mate, I'm still using the PHP version" I will scream :D No, seriously, give the Ruby BeEF a try by cloning or forking it from github. You will not be disappointed.


  1. Hi, Where can I download the latest version of PHP?


  2. Great shared very informative post. I like your blog. Thank you so much for sharing.
    web designing courses in chennai

  3. PHP is very widely used for web development. Being open source, it can be easily customized. Businesses can implement PHP in a number of creative ways.For more information: php

  4. I am a student of development. i am learning the HTML . After HTML i will startramps PHP . DO you help in html course?

  5. Kite Projects provides the best and cheap Bespoke Stainless Steel Handrails and Stainless Steel Ladders Provider in Uk. Call us now 01962 886290 to get information TRAIN WALKWAY


  6. Thanks for posting this useful content, Good to know about new things here, Let me share this, . CCNA training in pune

  7. Before asking the question How To Remove Spoolsv.exe Virus? Ask yourselves if you even know Hairstyle 2017 for man what the Spoolsv.exe is. Only when you’ve a clear understanding of it can you decide if you want it to be on your system or not, isn’t it?

  8. After reading this blog i am very strong and clear in this topic and explanation also very clear in this blog so easy to understand

    php training institute in chennai tambaram | php training and placements

  9. Thanks for posting this useful content, unique vintage Good to know about new things here, Let me share this, .

  10. Really nice one.. Thanks sweatshirts canada for sharing this type of useful content..

  11. This is a really good idea and I've been running BeEF on a Amazon Linux AMI for a week Second home or so. Inevitably I lose the SSH terminal sometimes so I can no longer monitor the beef activity. More serious than that, How do I gently stop beef from a new terminal window without leaving a whole bunch of stuff hanging. 'kill beef' causes a whole bunch of problems :(

  12. "Nice and good article.. it is very useful for me to learn and understand easily.. thanks for sharing your valuable information and time.. please keep updating.php jobs in hyderabad.

  13. Hey!
    After reading this blog i am very heating pad strong and clear in this topic and explanation also very clear in this blog so easy to understand

  14. Hello!
    After reading this blog i am very lawyer strong and clear in this topic and explanation also very clear in this blog so easy to understand

  15. Nice bag you can earn money from that
    Thanks for your posting
    Visit me @,, Obat Aborsi,,
    Harga Obat Aborsi,,
    Obat Penggugur kandungan,

  16. Heyyy!
    After reading this blog i am very mortgage rates toronto strong and clear in this topic and explanation also very clear in this blog so easy to understand

  17. I've read some whistleblower lawyer excellent stuff here. I surprise how much effort you place to create this type of great informative site.

  18. Hey!
    This is really a very good post by you and hopefully through reading out this post I have private mortgage lenders come to know that what is exactly rehab services and what is the exact way to continue to fit into my life long term. Outstanding Job dude. Thanks Cherub figurines

  19. what to call it at the time, but over the years, I’ve been slowly moving towards and creating a minimalist lifestyle. In a nutshell, a minimalist lifestyle is one that removes the construction mortgage loans clutter from your life.

  20. I have read you post, Great work you really did it very well. Keep working like this and sharing informative posts like
    this one. keep it up. I'm waiting for your next post...
    real estate abbotsford

  21. Great tips I have noted all in my diary I'll use your all tips as you mentioned I really like your article I was searching on this topic as I'm working on this topics can see my work but yours is too good I personally appreciate you for this. Keep working like this.custom t shirts niagara

  22. Your good knowledge and kindness in playing with all the pieces were very useful. I don’t know what I would have done if I had not
    encountered such a step like this.

    white label website builder

  23. Wow nice post i really Indian Movie like it very much every human can share this post.

  24. We haven't featured any guest bloggers in a while, but we're glad to be featuring Chirstian Frichot this month! Christian is a security professional based in Perth, Western Australia. TellTheBell

  25. Good Post! Thank you so much for sharing this pretty post, it was so good to read and useful to improve my knowledge as updated one, keep blogging.

    Selenium with python Training in Electronic City

  26. All Online Assignment help is a web portal where students get help in making assignments for all the subjects, with the help of our experts. You will get 100% plagiarism free assignment. Expert’s consultation is also available for students. If they have any query they can contact with our experts anytime.

  27. Amazing read, thanks for helping me out! Download clone hero best songs from: clone hero charts

  28. Visit my website to read complete steps about the completion of Taco Tellthebell
    and become eligible to become Tellthebell Winners.

  29. Well compiled article. you have shared very informative post.

  30. However, they must turn the error reporting option off when the application moves from development mode to production mode.plakatų spausdinimas

  31. Hey Thanks for sharing this valuable information with us. I will come back to your site and keep sharing this information with us.
    ncsecu login
    price chopper direct connect

  32. Shen Tong was born in the city of Beijing in the year 1968. He studied at Peking University. In the year 2000, Shen Tong moved to New York as he wanted to focus on business and make an impact. Shen Tong founded Food-X and FoodFutureCo. In New York, he also has a lot of known commercial investments which have an impact. In the year 1989,Shen Tong co-chaired a committee designed to form a dialogue concerning the Chinese pro-democracy movement. Shen Tong organised the democracy movement in 1989 that occupied Tiananmen Square while he was a student as well as a student revolutionary.
    Shen Tong is a lead investor who provides senior management in investment in bookstore and publishing in Beijing. B&B Media has produced and created various programmes which have been highly circulated and acclaimed. In the year 1989, Shen Tong co-chaired a committee designed to form a dialogue concerning the Chinese pro-democracy movement. Shen Tong organised the democracy movement in 1989 that occupied Tiananmen Square while he was at Beijing University. Shen Tong studied biology at Brandies University on a Wien Scholarship.

  33. Looking for best bars in Delhi to quench the weekend thirst, or just need some of the best pubs in delhi for enjoying evenings after long days at work. Choosing a place drink eBay celebrate should not be a difficult task. There are some things that are important while deciding about where shall you drink. The bar or the clubs should be close, economical, not congested & should also offer good food. But how can you find this information? It's actually quite simple. Just Download Boozeey Smartphone app for your smartphone.

    boozeey will immediately give you the list of best bars in Delhi from the nearby area & show you their drinks menu & prices. So never waste time ever again by going to multiple bars or pubs, #justBoozeey. Not only does the boozeey app helps you to find the best pubs & bars it will also give you great discounts with features like first drink free every night & happy hours anytime. Check it out on App Store & Google Play & discover for yourself the easiest & the most economical way to enjoy parties at best bars in Delhi.

    Not only your party experience is better with -boozeey but Boozeey takes care of a safe ride home for you. The Boozeey app has in-built OLA cabs integration that will allow you to book an OLA cab to reach or depart from the bar location. So if you are living in Delhi NCR download the -boozeey app & enjoy exclusive access to best bars & pubs in Delhi.

  34. Hey I loved the way you shared the valuable information with the community. I would say that please continue these efforts and we want to hear more from you.tellthebell

  35. Tellthebell is a customer satisfaction survey that Taco Bell is undertaking in order to receive feedback from its customers. The company can use the valuable opinions of the customers in order to improve its services.

  36. Thank you for taking the time to write such an informed post with us. 
    SEO expert in Lahore

  37. Ever heard that Wendys is offering you a chance to take surveyforcustomers Customer Satisfaction Survey where you can win Free BOGO Sandwiches and much more at Wendys Restaurant.

  38. Such a great articles in my carrier, It's wonderful commands like easiest understand words of knowledge in information. Exercise Bikes

  39. Great job! Thanks for sharing.I regularly visit your site and find a lot of interesting information. Well if you get time you must read more on Mazzios menu

  40. What an awesome post, I just read it from start to end. Learned something new after a long time. May be you interested to know about How to Use Leather Embossing Stamps?