求 kali 或者 kali更新metasploitt 教程
点击联系发帖人
时间:2015-06-07 02:39
Kali Linux网络扫描教程第二章_百度文库
两大类热门资源免费畅读
续费一年阅读会员,立省24元!
评价文档:
暂无相关推荐文档
Kali Linux网络扫描教程第二章
阅读已结束,如果下载本文需要使用
想免费下载本文?
把文档贴到Blog、BBS或个人站等:
普通尺寸(450*500pix)
较大尺寸(630*500pix)
你可能喜欢kali下运行运行 Metasploit_百度文库
两大类热门资源免费畅读
续费一年阅读会员,立省24元!
评价文档:
喜欢此文档的还喜欢
kali下运行运行 Metasploit
阅读已结束,如果下载本文需要使用
想免费下载本文?
把文档贴到Blog、BBS或个人站等:
普通尺寸(450*500pix)
较大尺寸(630*500pix)
你可能喜欢kali Linux系列教程之BeFF安装与集成Metasploit
kali Linux系列教程之BeFF安装与集成Metasploit
kali Linux系列教程之BeFF安装与集成Metasploit
kali Linux系列教程之BeFF安装与集成Metasploit
1.1 apt-get安装方式
1.3 基本测试
1.4 异常信息
1.5 从源码安装BeEF
1.5.1 安装curl git
1.5.2 安装rvm
1.5.3 安装依赖项
1.5.4 安装ruby
1.5.5 安装bundler
1.5.6下载beef
1.5.7 安装和启动
1.6 集成metasploit
1.1 apt-get安装方式
打开终端,输入如下命令:
apt-get install beef-xss
切换到BeEF安装目录。
启动beef。
root@kali:/usr/share/beef-xss# ./beef
显示结果:
[18:46:50][*] Bind socket [imapeudora1] listening on [0.0.0.0:2000].
[18:46:50][*] Browser Exploitation Framework (BeEF) 0.4.4.9-alpha
[18:46:50]
Twit: @beefproject
[18:46:50]
[18:46:50]
[18:46:50]
Wiki: /beefproject/beef/wiki
[18:46:50][*] Project Creator: Wade Alcorn (@WadeAlcorn)
[18:46:51][*] BeEF is loading. Wait a few seconds...
[18:46:55][*] 10 extensions enabled.
[18:46:55][*] 196 modules enabled.
[18:46:55][*] 2 network interfaces were detected.
[18:46:55][+] running on network interface: 127.0.0.1
[18:46:55]
Hook URL: http://127.0.0.1:3000/hook.js
[18:46:55]
http://127.0.0.1:3000/ui/panel
[18:46:55][+] running on network interface: 192.168.14.132
[18:46:55]
Hook URL: http://192.168.14.132:3000/hook.js
[18:46:55]
http://192.168.14.132:3000/ui/panel
[18:46:55][*] RESTful API key: e46ed3a91a9cdfec12cf4b83d43ecb
[18:46:55][*] HTTP Proxy: http://127.0.0.1:6789
[18:46:55][*] BeEF server started (press control+c to stop)
打开浏览器输入:http://127.0.0.1:3000/ui/authentication
用户名和密码都是beef。输入完毕点击Login,登录。
1.3 基本测试
在浏览器打开默认测试页面。
http://192.168.14.132:3000/demos/butcher/index.html
在目标系统访问测试页面之后,在beef管理页面可以看到收集的信息,此时也可以发送一些攻击命令了。详细内容可以参考我的在线视频教程:Kali Linux Web 渗透测试视频教程—第16课 BeEF基本使用
控制台会显示相应的信息:
1.4 异常信息
我测试了几次重新安装和卸载之后再安装,大概1/5的概率会出现下面的问题,尤其是将metasploit集成到BeFF之后,问题出现的概率会增加。大概的错误信息如下:
NameError - uninitialized constant BeEF::Core::Command::Site_redirect:
/usr/share/beef-xss/core/main/handlers/modules/command.rb:33:in `const_get'
/usr/share/beef-xss/core/main/handlers/modules/command.rb:33:in `add_command_instructions'
/usr/share/beef-xss/core/main/handlers/hookedbrowsers.rb:80:in `block (2 levels) in &class:HookedBrowsers&'
/usr/lib/ruby/vendor_ruby/dm-core/collection.rb:508:in `block in each'
/usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `block in each'
/usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `each'
/usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `each'
/usr/lib/ruby/vendor_ruby/dm-core/collection.rb:505:in `each'
/usr/share/beef-xss/core/main/handlers/hookedbrowsers.rb:80:in `block in &class:HookedBrowsers&'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1603:in `call'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1603:in `block in compile!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `[]'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `block (3 levels) in route!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:985:in `route_eval'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `block (2 levels) in route!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1006:in `block in process_route'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1004:in `catch'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1004:in `process_route'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:964:in `block in route!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:963:in `each'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:963:in `route!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1076:in `block in dispatch!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `block in invoke'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `catch'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `invoke'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1073:in `dispatch!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:898:in `block in call!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `block in invoke'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `catch'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `invoke'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:898:in `call!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:886:in `call'
/usr/lib/ruby/vendor_ruby/rack/nulllogger.rb:9:in `call'
/usr/lib/ruby/vendor_ruby/rack/head.rb:9:in `call'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:180:in `call'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:2014:in `call'
/usr/lib/ruby/vendor_ruby/rack/urlmap.rb:64:in `block in call'
/usr/lib/ruby/vendor_ruby/rack/urlmap.rb:49:in `each'
/usr/lib/ruby/vendor_ruby/rack/urlmap.rb:49:in `call'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:80:in `block in pre_process'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:78:in `catch'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:78:in `pre_process'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:53:in `process'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:38:in `receive_data'
/usr/lib/ruby/vendor_ruby/eventmachine.rb:187:in `run_machine'
/usr/lib/ruby/vendor_ruby/eventmachine.rb:187:in `run'
/usr/lib/ruby/vendor_ruby/thin/backends/base.rb:61:in `start'
/usr/lib/ruby/vendor_ruby/thin/server.rb:159:in `start'
/usr/share/beef-xss/core/main/server.rb:122:in `start'
./beef:140:in `&main&'
NameError - uninitialized constant BeEF::Core::Command::Site_redirect:
/usr/share/beef-xss/core/main/handlers/modules/command.rb:33:in `const_get'
/usr/share/beef-xss/core/main/handlers/modules/command.rb:33:in `add_command_instructions'
/usr/share/beef-xss/core/main/handlers/hookedbrowsers.rb:80:in `block (2 levels) in &class:HookedBrowsers&'
/usr/lib/ruby/vendor_ruby/dm-core/collection.rb:508:in `block in each'
/usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `block in each'
/usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `each'
/usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `each'
/usr/lib/ruby/vendor_ruby/dm-core/collection.rb:505:in `each'
/usr/share/beef-xss/core/main/handlers/hookedbrowsers.rb:80:in `block in &class:HookedBrowsers&'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1603:in `call'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1603:in `block in compile!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `[]'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `block (3 levels) in route!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:985:in `route_eval'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `block (2 levels) in route!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1006:in `block in process_route'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1004:in `catch'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1004:in `process_route'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:964:in `block in route!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:963:in `each'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:963:in `route!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1076:in `block in dispatch!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `block in invoke'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `catch'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `invoke'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1073:in `dispatch!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:898:in `block in call!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `block in invoke'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `catch'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `invoke'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:898:in `call!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:886:in `call'
/usr/lib/ruby/vendor_ruby/rack/nulllogger.rb:9:in `call'
/usr/lib/ruby/vendor_ruby/rack/head.rb:9:in `call'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:180:in `call'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:2014:in `call'
/usr/lib/ruby/vendor_ruby/rack/urlmap.rb:64:in `block in call'
/usr/lib/ruby/vendor_ruby/rack/urlmap.rb:49:in `each'
/usr/lib/ruby/vendor_ruby/rack/urlmap.rb:49:in `call'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:80:in `block in pre_process'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:78:in `catch'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:78:in `pre_process'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:53:in `process'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:38:in `receive_data'
/usr/lib/ruby/vendor_ruby/eventmachine.rb:187:in `run_machine'
/usr/lib/ruby/vendor_ruby/eventmachine.rb:187:in `run'
/usr/lib/ruby/vendor_ruby/thin/backends/base.rb:61:in `start'
/usr/lib/ruby/vendor_ruby/thin/server.rb:159:in `start'
/usr/share/beef-xss/core/main/server.rb:122:in `start'
./beef:140:in `&main&'
解决方案是从源码安装,更新ruby的版本。
1.5 从源码安装BeEF
从源码安装BeEF比较繁琐,我也是摸索了整整一天,才安装成功。
1.5.1 安装curl git
首先安装curl git。
apt-get install curl git
输出信息:
正在读取软件包列表... 完成
正在分析软件包的依赖关系树
正在读取状态信息... 完成
git 已经是最新的版本了。
下列软件包是自动安装的并且现在不需要了:
libhttp-parser2.1 ruby-addressable ruby-ansi ruby-atomic ruby-buftok
ruby-daemons ruby-dataobjects ruby-dataobjects-mysql
ruby-dataobjects-postgres ruby-dataobjects-sqlite3 ruby-dm-core
ruby-dm-do-adapter ruby-dm-migrations ruby-dm-sqlite-adapter
ruby-em-websocket ruby-equalizer ruby-erubis ruby-eventmachine ruby-execjs
ruby-faraday ruby-http ruby-http-parser.rb ruby-librex ruby-libv8
ruby-memoizable ruby-msfrpc-client ruby-msgpack ruby-multi-json
ruby-multipart-post ruby-naught ruby-parseconfig ruby-rack
ruby-rack-protection ruby-ref ruby-rubyzip ruby-simple-oauth ruby-sinatra
ruby-term-ansicolor ruby-therubyracer ruby-thread-safe ruby-tilt
ruby-twitter ruby-uglifier thin
Use 'apt-get autoremove' to remove them.
下列软件包将被升级:
curl libcurl3
升级了 2 个软件包,新安装了 0 个软件包,要卸载 0 个软件包,有 147 个软件包未被升级。
需要下载 601 kB 的软件包。
解压缩后会消耗掉 0 B 的额外空间。
获取:1 http://security.kali.org/kali-security/ kali/updates/main curl amd64 7.26.0-1+wheezy11 [270 kB]
获取:2 http://security.kali.org/kali-security/ kali/updates/main libcurl3 amd64 7.26.0-1+wheezy11 [331 kB]
下载 601 kB,耗时 23秒 (25.8 kB/s)
读取变更记录(changelogs)... 完成
(正在读取数据库 ... 系统当前共安装有 325894 个文件和目录。)
正预备替换 curl 7.26.0-1+wheezy10 (使用 .../curl_7.26.0-1+wheezy11_amd64.deb) ...
正在解压缩将用于更替的包文件 curl ...
正预备替换 libcurl3:amd64 7.26.0-1+wheezy10 (使用 .../libcurl3_7.26.0-1+wheezy11_amd64.deb) ...
正在解压缩将用于更替的包文件 libcurl3:amd64 ...
正在处理用于 man-db 的触发器...
正在设置 libcurl3:amd64 (7.26.0-1+wheezy11) ...
正在设置 curl (7.26.0-1+wheezy11) ...
1.5.2 安装rvm
在终端输入如下命令:
bash -s stable & &(curl -s /wayneeseguin/rvm/master/binscripts/rvm-installer)
source /etc/profile.d/rvm.sh
再输入下面的命令:
输出信息:
rvm 1.26.5 (latest) by Wayne E. Seguin &&, Michal Papis && [https://rvm.io/]
1.5.3 安装依赖项
执行命令:
for package in zlib openssl libxslt libxml2; do rvm pkg install $ done
输出信息如下:
Beware, 'rvm pkg ...' is deprecated, read about the new autolibs feature: 'rvm help autolibs'.
Checking requirements for debian.
Installing requirements for debian.
Updating system........................
Installing required packages: gawk, g++, libreadline6-dev, zlib1g-dev, libssl-dev, libyaml-dev, libsqlite3-dev, libgdbm-dev, libncurses5-dev, libtool, libffi-dev...........
Requirements installation successful.
Fetching zlib-1.2.7.tar.gz to /usr/local/rvm/archives
% Received % Xferd
Average Speed
0 --:--:--
0:00:01 --:--:--
0 --:--:--
0:00:03 --:--:--
0:00:15 --:--:--
No checksum for downloaded archive, recording checksum in user configuration.
Extracting zlib to /usr/local/rvm/src/zlib-1.2.7....
Configuring zlib in /usr/local/rvm/src/zlib-1.2.7...
Compiling zlib in /usr/local/rvm/src/zlib-1.2.7......
Installing zlib to /usr/local/rvm/usr..
Please note that it's required to reinstall all rubies:
rvm reinstall all --force
Beware, 'rvm pkg ...' is deprecated, read about the new autolibs feature: 'rvm help autolibs'.
Checking requirements for debian.
Requirements installation successful.
Fetching openssl-1.0.1i.tar.gz to /usr/local/rvm/archives
% Received % Xferd
Average Speed
0:00:32 --:--:--
Extracting openssl to /usr/local/rvm/src/openssl-1.0.1i....
Configuring openssl in /usr/local/rvm/src/openssl-1.0.1i...................................
Compiling openssl in /usr/local/rvm/src/openssl-1.0.1i.............................................................................................................................
Installing openssl to /usr/local/rvm/usr.................................................................................................................................................................................
Please note that it's required to reinstall all rubies:
rvm reinstall all --force
Updating openssl certificates..
Beware, 'rvm pkg ...' is deprecated, read about the new autolibs feature: 'rvm help autolibs'.
Checking requirements for debian.
Requirements installation successful.
Fetching libxslt-1.1.26.tar.gz to /usr/local/rvm/archives
% Received % Xferd
Average Speed
0:01:32 --:--:-- 35940
0:01:33 --:--:-- 36390No checksum for downloaded archive, recording checksum in user configuration.
Extracting libxslt to /usr/local/rvm/src/libxslt-1.1.26....
Prepare libxslt in /usr/local/rvm/src/libxslt-1.1.26.......
Configuring libxslt in /usr/local/rvm/src/libxslt-1.1.26...................
Error running './configure --prefix=/usr/local/rvm/usr --enable-shared --with-libxml-prefix=/usr/local/rvm/usr',
showing last 15 lines of /usr/local/rvm/log//libxslt_configure.log
checking for snprintf... yes
checking for vfprintf... yes
checking for vsprintf... yes
checking for vsnprintf... yes
checking for sscanf... yes
checking for perl... perl
checking for python... /usr/bin/python
PYTHON is pointing at /usr/bin/python
Found Python version 2.7
Found libxml2-python module
could not find python2.7/Python.h
checking for libgcrypt-config... no
Crypto extensions will not be available. Install libgcrypt and reconfigure to make available.
Enabling debugger
checking for libxml libraries &= 2.6.27... configure: error: Could not find libxml2 anywhere, check ftp://xmlsoft.org/.
Compiling libxslt in /usr/local/rvm/src/libxslt-1.1.26..
Error running '__rvm_make -j2',
showing last 15 lines of /usr/local/rvm/log//libxslt_make.log
[ 10:04:12] __rvm_make
__rvm_make ()
\make "$@" || return $?
current path: /usr/local/rvm/src/libxslt-1.1.26
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/bin:/usr/local/rvm/bin:/usr/bin
command(2): __rvm_make -j2
+ make -j2
make: *** 没有指明目标并且找不到 makefile。 停止。
+ return 2
Please note that it's required to reinstall all rubies:
rvm reinstall all --force
Beware, 'rvm pkg ...' is deprecated, read about the new autolibs feature: 'rvm help autolibs'.
Checking requirements for debian.
Requirements installation successful.
Fetching libxml2-2.7.3.tar.gz to /usr/local/rvm/archives
% Received % Xferd
Average Speed
0:00:30 --:--:--
No checksum for downloaded archive, recording checksum in user configuration.
Extracting libxml2 to /usr/local/rvm/src/libxml2-2.7.3....
Prepare libxml2 in /usr/local/rvm/src/libxml2-2.7.3...
Configuring libxml2 in /usr/local/rvm/src/libxml2-2.7.3..........................
Compiling libxml2 in /usr/local/rvm/src/libxml2-2.7.3..................................................
Installing libxml2 to /usr/local/rvm/usr...............
Please note that it's required to reinstall all rubies:
rvm reinstall all –force
1.5.4 安装ruby
执行命令:
rvm install 1.9.3
输出信息如下:
Searching for binary rubies, this might take some time.
No binary rubies available for: debian/Kali_Linux_1/x86_64/ruby-1.9.3-p551.
Continuing with compilation. Please read 'rvm help mount' to get more information on binary rubies.
Checking requirements for debian.
Requirements installation successful.
Installing Ruby from source to: /usr/local/rvm/rubies/ruby-1.9.3-p551, this may take a while depending on your cpu(s)...
ruby-1.9.3-p551 - #downloading ruby-1.9.3-p551, this may take a while depending on your connection...
% Received % Xferd
Average Speed
0:00:31 --:--:--
ruby-1.9.3-p551 - #extracting ruby-1.9.3-p551 to /usr/local/rvm/src/ruby-1.9.3-p551....
ruby-1.9.3-p551 - #applying patch /usr/local/rvm/patches/ruby/GH-488.patch.
ruby-1.9.3-p551 - #configuring.............................................
ruby-1.9.3-p551 - #post-configuration..
ruby-1.9.3-p551 - #compiling..........................................................................................................
ruby-1.9.3-p551 - #installing........................
ruby-1.9.3-p551 - #making binaries executable..
ruby-1.9.3-p551 - #downloading rubygems-2.4.5
% Received % Xferd
Average Speed
0:00:26 --:--:-- 78678
No checksum for downloaded archive, recording checksum in user configuration.
ruby-1.9.3-p551 - #extracting rubygems-2.4.5....
ruby-1.9.3-p551 - #removing old rubygems.........
ruby-1.9.3-p551 - #installing rubygems-2.4.5..................
ruby-1.9.3-p551 - #gemset created /usr/local/rvm/gems/ruby-1.9.3-p551@global
ruby-1.9.3-p551 - #importing gemset /usr/local/rvm/gemsets/global.gems...........................................................
ruby-1.9.3-p551 - #generating global wrappers........
ruby-1.9.3-p551 - #gemset created /usr/local/rvm/gems/ruby-1.9.3-p551
ruby-1.9.3-p551 - #importing gemsetfile /usr/local/rvm/gemsets/default.gems evaluated to empty gem list
ruby-1.9.3-p551 - #generating default wrappers........
ruby-1.9.3-p551 - #adjusting #shebangs for (gem irb erb ri rdoc testrb rake).
Install of ruby-1.9.3-p551 - #complete
WARNING: Please be aware that you just installed a ruby that is no longer maintained (), for a list of maintained rubies visit:
http://bugs.ruby-lang.org/projects/ruby/wiki/ReleaseEngineering
Please consider upgrading to ruby-2.1.5 which will have all of the latest security patches.
Ruby was built without documentation, to build it run: rvm docs generate-ri
执行命令,设置ruby版本:
rvm 1.9.3 –default
1.5.5 安装bundler
执行命令:
echo "gem: --no-rdoc --no-ri" & ~/.gemrc
输出信息如下:
Fetching: bundler-1.7.9.gem (100%)
Successfully installed bundler-1.7.9
1 gem installed
1.5.6下载beef
执行命令:
git clone git:///beefproject/beef.git
输出信息如下:
正克隆到 'beef'...
remote: Counting objects: 22584, done.
remote: Compressing objects: 100% (47/47), done.
remote: Total 22584 (delta 29), reused 0 (delta 0)
Receiving objects: 100% (), 9.20 MiB | 208 KiB/s, done.
Resolving deltas: 100% (), done.
1.5.7 安装和启动
进入beef源码目录:
bundle install
输出信息如下:
Don't run Bundler as root. Bundler can ask for sudo if it is needed, and
installing your bundle as root will break this application for all non-root
users on this machine.
Fetching gem metadata from http://rubygems.org/.........
Fetching additional metadata from http://rubygems.org/..
Resolving dependencies...
Installing addressable 2.3.6
Installing ansi 1.4.3
Installing daemons 1.1.9
Installing data_objects 0.10.14
Installing dm-core 1.2.1
Installing dm-do-adapter 1.2.0
Installing dm-migrations 1.2.0
Installing do_sqlite3 0.10.14
Installing dm-sqlite-adapter 1.2.0
Installing eventmachine 1.0.3
Installing em-websocket 0.3.8
Installing erubis 2.7.0
Installing execjs 2.2.2
Installing geoip 1.4.0
Installing json 1.8.1
Installing librex 0.0.999
Installing libv8 3.11.8.17
Installing msgpack 0.5.9
Installing msfrpc-client 1.0.3
Installing multi_json 1.10.1
Installing parseconfig 1.0.6
Installing rack 1.5.2
Installing rack-protection 1.5.3
Installing rainbow 2.0.0
Installing ref 1.0.5
Installing rexec 1.6.3
Installing rubydns 0.7.0
Installing rubyzip 1.1.6
Installing tilt 1.4.1
Installing sinatra 1.4.2
Installing tins 1.3.3
Installing term-ansicolor 1.3.0
Installing therubyracer 0.11.3
Installing thin 1.6.3
Installing uglifier 2.2.1
Using bundler 1.7.9
Your bundle is complete!
Use `bundle show [gemname]` to see where a bundled gem is installed.
启动beef。
成功信息:
[10:34:13][*] Bind socket [imapeudora1] listening on [0.0.0.0:2000].
[10:34:14][*] Browser Exploitation Framework (BeEF) 0.4.5.1-alpha
[10:34:14]
Twit: @beefproject
[10:34:14]
[10:34:14]
[10:34:14]
Wiki: /beefproject/beef/wiki
[10:34:14][*] Project Creator: Wade Alcorn (@WadeAlcorn)
[10:34:14][*] BeEF is loading. Wait a few seconds...
[10:34:17][*] 11 extensions enabled.
[10:34:17][*] 221 modules enabled.
[10:34:17][*] 2 network interfaces were detected.
[10:34:17][+] running on network interface: 127.0.0.1
[10:34:17]
Hook URL: http://127.0.0.1:3000/hook.js
[10:34:17]
http://127.0.0.1:3000/ui/panel
[10:34:17][+] running on network interface: 192.168.1.103
[10:34:17]
Hook URL: http://192.168.1.103:3000/hook.js
[10:34:17]
http://192.168.1.103:3000/ui/panel
[10:34:17][*] RESTful API key: 80ae1fc7f98ff50abfa
[10:34:17][*] DNS Server: 127.0.0.1:5300 (udp)
[10:34:17]
Upstream Server: 8.8.8.8:53 (udp)
[10:34:17]
Upstream Server: 8.8.8.8:53 (tcp)
[10:34:17][*] HTTP Proxy: http://127.0.0.1:6789
[10:34:17][*] BeEF server started (press control+c to stop)
[10:34:21][*] New Hooked Browser [id:1, ip:192.168.1.104, type:IE-6, os:Windows XP], hooked domain [192.168.1.103:3000]
1.6 集成metasploit
如果是使用apt-get install 安装,从 /usr/share/beef-xss 目录下开始配置。如果是源码安装,从源码目录下进行配置。
在根目录下配置config.yaml,将extension下面的metasploit值设置为true。
切换目录到beef文件根目录下的extensions/metasploit下,配置config.yaml,主要注意ip地址和mspath下 custom的选项,见标黄的部分。
# Copyright (c)
Wade Alcorn -
# Browser Exploitation Framework (BeEF) -
# See the file 'doc/COPYING' for copying permission
# Enable MSF by changing extension:metasploit:enable to true
# Then set msf_callback_host to be the public IP of your MSF server
# Ensure you load the xmlrpc interface in Metasploit
# msf & load msgrpc ServerHost=IP Pass=abc123
# Please note that the ServerHost parameter must have the same value of host and callback_host variables here below.
# Also always use the IP of your machine where MSF is listening.
extension:
metasploit:
name: 'Metasploit'
enable: true
host: "192.168.1.103"
port: 55552
user: "msf"
pass: "abc123"
uri: '/api'
# if you need "ssl: true" make sure you start msfrpcd with "SSL=y", like:
# load msgrpc ServerHost=IP Pass=abc123 SSL=y
ssl: false
ssl_version: 'TLSv1'
ssl_verify: true
callback_host: "192.168.1.103"
autopwn_url: "autopwn"
auto_msfrpcd: false
auto_msfrpcd_timeout: 120
msf_path: [
{os: 'osx', path: '/opt/local/msf/'},
{os: 'livecd', path: '/opt/metasploit-framework/'},
{os: 'bt5r3', path: '/opt/metasploit/msf3/'},
{os: 'bt5', path: '/opt/framework3/msf3/'},
{os: 'backbox', path: '/opt/backbox/msf/'},
{os: 'kali', path: '/usr/share/metasploit-framework/'},
{os: 'pentoo', path: '/usr/lib/metasploit'},
{os: 'win', path: 'c:\\metasploit-framework\\'},
{os: 'custom', path: '/usr/share/metasploit-framework/'}
启动metasploit之后,输入如下命令:
load msgrpc ServerHost=192.168.1.103 Pass=abc123
serverhost 和pass选项对应上面配置中的host和pass(标红的部分)。
metasploit msgrpc连接成功之后,再启动BeEF,会看到加载metasploit组件成功的信息。
原文参考:/Blog/c4d6efbc-9db2-4fcb-b6b8-9eae85cb3fc0
ps:对此文章感兴趣的读者,可以加qq群:Hacking:(已满);Hacking-2群:;Hacking-3群:;hacking-4群:;Hacking-5群:
如果您想提高自己的技术水平,认识同行朋友、开拓技术视野,请加入QQ群:
Powered by
& 2014 &&&联系本站:}
两大类热门资源免费畅读
续费一年阅读会员,立省24元!
评价文档:
暂无相关推荐文档
Kali Linux网络扫描教程第二章
阅读已结束,如果下载本文需要使用
想免费下载本文?
把文档贴到Blog、BBS或个人站等:
普通尺寸(450*500pix)
较大尺寸(630*500pix)
你可能喜欢kali下运行运行 Metasploit_百度文库
两大类热门资源免费畅读
续费一年阅读会员,立省24元!
评价文档:
喜欢此文档的还喜欢
kali下运行运行 Metasploit
阅读已结束,如果下载本文需要使用
想免费下载本文?
把文档贴到Blog、BBS或个人站等:
普通尺寸(450*500pix)
较大尺寸(630*500pix)
你可能喜欢kali Linux系列教程之BeFF安装与集成Metasploit
kali Linux系列教程之BeFF安装与集成Metasploit
kali Linux系列教程之BeFF安装与集成Metasploit
kali Linux系列教程之BeFF安装与集成Metasploit
1.1 apt-get安装方式
1.3 基本测试
1.4 异常信息
1.5 从源码安装BeEF
1.5.1 安装curl git
1.5.2 安装rvm
1.5.3 安装依赖项
1.5.4 安装ruby
1.5.5 安装bundler
1.5.6下载beef
1.5.7 安装和启动
1.6 集成metasploit
1.1 apt-get安装方式
打开终端,输入如下命令:
apt-get install beef-xss
切换到BeEF安装目录。
启动beef。
root@kali:/usr/share/beef-xss# ./beef
显示结果:
[18:46:50][*] Bind socket [imapeudora1] listening on [0.0.0.0:2000].
[18:46:50][*] Browser Exploitation Framework (BeEF) 0.4.4.9-alpha
[18:46:50]
Twit: @beefproject
[18:46:50]
[18:46:50]
[18:46:50]
Wiki: /beefproject/beef/wiki
[18:46:50][*] Project Creator: Wade Alcorn (@WadeAlcorn)
[18:46:51][*] BeEF is loading. Wait a few seconds...
[18:46:55][*] 10 extensions enabled.
[18:46:55][*] 196 modules enabled.
[18:46:55][*] 2 network interfaces were detected.
[18:46:55][+] running on network interface: 127.0.0.1
[18:46:55]
Hook URL: http://127.0.0.1:3000/hook.js
[18:46:55]
http://127.0.0.1:3000/ui/panel
[18:46:55][+] running on network interface: 192.168.14.132
[18:46:55]
Hook URL: http://192.168.14.132:3000/hook.js
[18:46:55]
http://192.168.14.132:3000/ui/panel
[18:46:55][*] RESTful API key: e46ed3a91a9cdfec12cf4b83d43ecb
[18:46:55][*] HTTP Proxy: http://127.0.0.1:6789
[18:46:55][*] BeEF server started (press control+c to stop)
打开浏览器输入:http://127.0.0.1:3000/ui/authentication
用户名和密码都是beef。输入完毕点击Login,登录。
1.3 基本测试
在浏览器打开默认测试页面。
http://192.168.14.132:3000/demos/butcher/index.html
在目标系统访问测试页面之后,在beef管理页面可以看到收集的信息,此时也可以发送一些攻击命令了。详细内容可以参考我的在线视频教程:Kali Linux Web 渗透测试视频教程—第16课 BeEF基本使用
控制台会显示相应的信息:
1.4 异常信息
我测试了几次重新安装和卸载之后再安装,大概1/5的概率会出现下面的问题,尤其是将metasploit集成到BeFF之后,问题出现的概率会增加。大概的错误信息如下:
NameError - uninitialized constant BeEF::Core::Command::Site_redirect:
/usr/share/beef-xss/core/main/handlers/modules/command.rb:33:in `const_get'
/usr/share/beef-xss/core/main/handlers/modules/command.rb:33:in `add_command_instructions'
/usr/share/beef-xss/core/main/handlers/hookedbrowsers.rb:80:in `block (2 levels) in &class:HookedBrowsers&'
/usr/lib/ruby/vendor_ruby/dm-core/collection.rb:508:in `block in each'
/usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `block in each'
/usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `each'
/usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `each'
/usr/lib/ruby/vendor_ruby/dm-core/collection.rb:505:in `each'
/usr/share/beef-xss/core/main/handlers/hookedbrowsers.rb:80:in `block in &class:HookedBrowsers&'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1603:in `call'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1603:in `block in compile!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `[]'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `block (3 levels) in route!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:985:in `route_eval'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `block (2 levels) in route!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1006:in `block in process_route'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1004:in `catch'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1004:in `process_route'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:964:in `block in route!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:963:in `each'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:963:in `route!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1076:in `block in dispatch!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `block in invoke'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `catch'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `invoke'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1073:in `dispatch!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:898:in `block in call!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `block in invoke'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `catch'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `invoke'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:898:in `call!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:886:in `call'
/usr/lib/ruby/vendor_ruby/rack/nulllogger.rb:9:in `call'
/usr/lib/ruby/vendor_ruby/rack/head.rb:9:in `call'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:180:in `call'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:2014:in `call'
/usr/lib/ruby/vendor_ruby/rack/urlmap.rb:64:in `block in call'
/usr/lib/ruby/vendor_ruby/rack/urlmap.rb:49:in `each'
/usr/lib/ruby/vendor_ruby/rack/urlmap.rb:49:in `call'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:80:in `block in pre_process'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:78:in `catch'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:78:in `pre_process'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:53:in `process'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:38:in `receive_data'
/usr/lib/ruby/vendor_ruby/eventmachine.rb:187:in `run_machine'
/usr/lib/ruby/vendor_ruby/eventmachine.rb:187:in `run'
/usr/lib/ruby/vendor_ruby/thin/backends/base.rb:61:in `start'
/usr/lib/ruby/vendor_ruby/thin/server.rb:159:in `start'
/usr/share/beef-xss/core/main/server.rb:122:in `start'
./beef:140:in `&main&'
NameError - uninitialized constant BeEF::Core::Command::Site_redirect:
/usr/share/beef-xss/core/main/handlers/modules/command.rb:33:in `const_get'
/usr/share/beef-xss/core/main/handlers/modules/command.rb:33:in `add_command_instructions'
/usr/share/beef-xss/core/main/handlers/hookedbrowsers.rb:80:in `block (2 levels) in &class:HookedBrowsers&'
/usr/lib/ruby/vendor_ruby/dm-core/collection.rb:508:in `block in each'
/usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `block in each'
/usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `each'
/usr/lib/ruby/vendor_ruby/dm-core/support/lazy_array.rb:411:in `each'
/usr/lib/ruby/vendor_ruby/dm-core/collection.rb:505:in `each'
/usr/share/beef-xss/core/main/handlers/hookedbrowsers.rb:80:in `block in &class:HookedBrowsers&'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1603:in `call'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1603:in `block in compile!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `[]'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `block (3 levels) in route!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:985:in `route_eval'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:966:in `block (2 levels) in route!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1006:in `block in process_route'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1004:in `catch'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1004:in `process_route'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:964:in `block in route!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:963:in `each'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:963:in `route!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1076:in `block in dispatch!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `block in invoke'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `catch'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `invoke'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1073:in `dispatch!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:898:in `block in call!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `block in invoke'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `catch'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:1058:in `invoke'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:898:in `call!'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:886:in `call'
/usr/lib/ruby/vendor_ruby/rack/nulllogger.rb:9:in `call'
/usr/lib/ruby/vendor_ruby/rack/head.rb:9:in `call'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:180:in `call'
/usr/lib/ruby/vendor_ruby/sinatra/base.rb:2014:in `call'
/usr/lib/ruby/vendor_ruby/rack/urlmap.rb:64:in `block in call'
/usr/lib/ruby/vendor_ruby/rack/urlmap.rb:49:in `each'
/usr/lib/ruby/vendor_ruby/rack/urlmap.rb:49:in `call'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:80:in `block in pre_process'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:78:in `catch'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:78:in `pre_process'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:53:in `process'
/usr/lib/ruby/vendor_ruby/thin/connection.rb:38:in `receive_data'
/usr/lib/ruby/vendor_ruby/eventmachine.rb:187:in `run_machine'
/usr/lib/ruby/vendor_ruby/eventmachine.rb:187:in `run'
/usr/lib/ruby/vendor_ruby/thin/backends/base.rb:61:in `start'
/usr/lib/ruby/vendor_ruby/thin/server.rb:159:in `start'
/usr/share/beef-xss/core/main/server.rb:122:in `start'
./beef:140:in `&main&'
解决方案是从源码安装,更新ruby的版本。
1.5 从源码安装BeEF
从源码安装BeEF比较繁琐,我也是摸索了整整一天,才安装成功。
1.5.1 安装curl git
首先安装curl git。
apt-get install curl git
输出信息:
正在读取软件包列表... 完成
正在分析软件包的依赖关系树
正在读取状态信息... 完成
git 已经是最新的版本了。
下列软件包是自动安装的并且现在不需要了:
libhttp-parser2.1 ruby-addressable ruby-ansi ruby-atomic ruby-buftok
ruby-daemons ruby-dataobjects ruby-dataobjects-mysql
ruby-dataobjects-postgres ruby-dataobjects-sqlite3 ruby-dm-core
ruby-dm-do-adapter ruby-dm-migrations ruby-dm-sqlite-adapter
ruby-em-websocket ruby-equalizer ruby-erubis ruby-eventmachine ruby-execjs
ruby-faraday ruby-http ruby-http-parser.rb ruby-librex ruby-libv8
ruby-memoizable ruby-msfrpc-client ruby-msgpack ruby-multi-json
ruby-multipart-post ruby-naught ruby-parseconfig ruby-rack
ruby-rack-protection ruby-ref ruby-rubyzip ruby-simple-oauth ruby-sinatra
ruby-term-ansicolor ruby-therubyracer ruby-thread-safe ruby-tilt
ruby-twitter ruby-uglifier thin
Use 'apt-get autoremove' to remove them.
下列软件包将被升级:
curl libcurl3
升级了 2 个软件包,新安装了 0 个软件包,要卸载 0 个软件包,有 147 个软件包未被升级。
需要下载 601 kB 的软件包。
解压缩后会消耗掉 0 B 的额外空间。
获取:1 http://security.kali.org/kali-security/ kali/updates/main curl amd64 7.26.0-1+wheezy11 [270 kB]
获取:2 http://security.kali.org/kali-security/ kali/updates/main libcurl3 amd64 7.26.0-1+wheezy11 [331 kB]
下载 601 kB,耗时 23秒 (25.8 kB/s)
读取变更记录(changelogs)... 完成
(正在读取数据库 ... 系统当前共安装有 325894 个文件和目录。)
正预备替换 curl 7.26.0-1+wheezy10 (使用 .../curl_7.26.0-1+wheezy11_amd64.deb) ...
正在解压缩将用于更替的包文件 curl ...
正预备替换 libcurl3:amd64 7.26.0-1+wheezy10 (使用 .../libcurl3_7.26.0-1+wheezy11_amd64.deb) ...
正在解压缩将用于更替的包文件 libcurl3:amd64 ...
正在处理用于 man-db 的触发器...
正在设置 libcurl3:amd64 (7.26.0-1+wheezy11) ...
正在设置 curl (7.26.0-1+wheezy11) ...
1.5.2 安装rvm
在终端输入如下命令:
bash -s stable & &(curl -s /wayneeseguin/rvm/master/binscripts/rvm-installer)
source /etc/profile.d/rvm.sh
再输入下面的命令:
输出信息:
rvm 1.26.5 (latest) by Wayne E. Seguin &&, Michal Papis && [https://rvm.io/]
1.5.3 安装依赖项
执行命令:
for package in zlib openssl libxslt libxml2; do rvm pkg install $ done
输出信息如下:
Beware, 'rvm pkg ...' is deprecated, read about the new autolibs feature: 'rvm help autolibs'.
Checking requirements for debian.
Installing requirements for debian.
Updating system........................
Installing required packages: gawk, g++, libreadline6-dev, zlib1g-dev, libssl-dev, libyaml-dev, libsqlite3-dev, libgdbm-dev, libncurses5-dev, libtool, libffi-dev...........
Requirements installation successful.
Fetching zlib-1.2.7.tar.gz to /usr/local/rvm/archives
% Received % Xferd
Average Speed
0 --:--:--
0:00:01 --:--:--
0 --:--:--
0:00:03 --:--:--
0:00:15 --:--:--
No checksum for downloaded archive, recording checksum in user configuration.
Extracting zlib to /usr/local/rvm/src/zlib-1.2.7....
Configuring zlib in /usr/local/rvm/src/zlib-1.2.7...
Compiling zlib in /usr/local/rvm/src/zlib-1.2.7......
Installing zlib to /usr/local/rvm/usr..
Please note that it's required to reinstall all rubies:
rvm reinstall all --force
Beware, 'rvm pkg ...' is deprecated, read about the new autolibs feature: 'rvm help autolibs'.
Checking requirements for debian.
Requirements installation successful.
Fetching openssl-1.0.1i.tar.gz to /usr/local/rvm/archives
% Received % Xferd
Average Speed
0:00:32 --:--:--
Extracting openssl to /usr/local/rvm/src/openssl-1.0.1i....
Configuring openssl in /usr/local/rvm/src/openssl-1.0.1i...................................
Compiling openssl in /usr/local/rvm/src/openssl-1.0.1i.............................................................................................................................
Installing openssl to /usr/local/rvm/usr.................................................................................................................................................................................
Please note that it's required to reinstall all rubies:
rvm reinstall all --force
Updating openssl certificates..
Beware, 'rvm pkg ...' is deprecated, read about the new autolibs feature: 'rvm help autolibs'.
Checking requirements for debian.
Requirements installation successful.
Fetching libxslt-1.1.26.tar.gz to /usr/local/rvm/archives
% Received % Xferd
Average Speed
0:01:32 --:--:-- 35940
0:01:33 --:--:-- 36390No checksum for downloaded archive, recording checksum in user configuration.
Extracting libxslt to /usr/local/rvm/src/libxslt-1.1.26....
Prepare libxslt in /usr/local/rvm/src/libxslt-1.1.26.......
Configuring libxslt in /usr/local/rvm/src/libxslt-1.1.26...................
Error running './configure --prefix=/usr/local/rvm/usr --enable-shared --with-libxml-prefix=/usr/local/rvm/usr',
showing last 15 lines of /usr/local/rvm/log//libxslt_configure.log
checking for snprintf... yes
checking for vfprintf... yes
checking for vsprintf... yes
checking for vsnprintf... yes
checking for sscanf... yes
checking for perl... perl
checking for python... /usr/bin/python
PYTHON is pointing at /usr/bin/python
Found Python version 2.7
Found libxml2-python module
could not find python2.7/Python.h
checking for libgcrypt-config... no
Crypto extensions will not be available. Install libgcrypt and reconfigure to make available.
Enabling debugger
checking for libxml libraries &= 2.6.27... configure: error: Could not find libxml2 anywhere, check ftp://xmlsoft.org/.
Compiling libxslt in /usr/local/rvm/src/libxslt-1.1.26..
Error running '__rvm_make -j2',
showing last 15 lines of /usr/local/rvm/log//libxslt_make.log
[ 10:04:12] __rvm_make
__rvm_make ()
\make "$@" || return $?
current path: /usr/local/rvm/src/libxslt-1.1.26
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/bin:/usr/local/rvm/bin:/usr/bin
command(2): __rvm_make -j2
+ make -j2
make: *** 没有指明目标并且找不到 makefile。 停止。
+ return 2
Please note that it's required to reinstall all rubies:
rvm reinstall all --force
Beware, 'rvm pkg ...' is deprecated, read about the new autolibs feature: 'rvm help autolibs'.
Checking requirements for debian.
Requirements installation successful.
Fetching libxml2-2.7.3.tar.gz to /usr/local/rvm/archives
% Received % Xferd
Average Speed
0:00:30 --:--:--
No checksum for downloaded archive, recording checksum in user configuration.
Extracting libxml2 to /usr/local/rvm/src/libxml2-2.7.3....
Prepare libxml2 in /usr/local/rvm/src/libxml2-2.7.3...
Configuring libxml2 in /usr/local/rvm/src/libxml2-2.7.3..........................
Compiling libxml2 in /usr/local/rvm/src/libxml2-2.7.3..................................................
Installing libxml2 to /usr/local/rvm/usr...............
Please note that it's required to reinstall all rubies:
rvm reinstall all –force
1.5.4 安装ruby
执行命令:
rvm install 1.9.3
输出信息如下:
Searching for binary rubies, this might take some time.
No binary rubies available for: debian/Kali_Linux_1/x86_64/ruby-1.9.3-p551.
Continuing with compilation. Please read 'rvm help mount' to get more information on binary rubies.
Checking requirements for debian.
Requirements installation successful.
Installing Ruby from source to: /usr/local/rvm/rubies/ruby-1.9.3-p551, this may take a while depending on your cpu(s)...
ruby-1.9.3-p551 - #downloading ruby-1.9.3-p551, this may take a while depending on your connection...
% Received % Xferd
Average Speed
0:00:31 --:--:--
ruby-1.9.3-p551 - #extracting ruby-1.9.3-p551 to /usr/local/rvm/src/ruby-1.9.3-p551....
ruby-1.9.3-p551 - #applying patch /usr/local/rvm/patches/ruby/GH-488.patch.
ruby-1.9.3-p551 - #configuring.............................................
ruby-1.9.3-p551 - #post-configuration..
ruby-1.9.3-p551 - #compiling..........................................................................................................
ruby-1.9.3-p551 - #installing........................
ruby-1.9.3-p551 - #making binaries executable..
ruby-1.9.3-p551 - #downloading rubygems-2.4.5
% Received % Xferd
Average Speed
0:00:26 --:--:-- 78678
No checksum for downloaded archive, recording checksum in user configuration.
ruby-1.9.3-p551 - #extracting rubygems-2.4.5....
ruby-1.9.3-p551 - #removing old rubygems.........
ruby-1.9.3-p551 - #installing rubygems-2.4.5..................
ruby-1.9.3-p551 - #gemset created /usr/local/rvm/gems/ruby-1.9.3-p551@global
ruby-1.9.3-p551 - #importing gemset /usr/local/rvm/gemsets/global.gems...........................................................
ruby-1.9.3-p551 - #generating global wrappers........
ruby-1.9.3-p551 - #gemset created /usr/local/rvm/gems/ruby-1.9.3-p551
ruby-1.9.3-p551 - #importing gemsetfile /usr/local/rvm/gemsets/default.gems evaluated to empty gem list
ruby-1.9.3-p551 - #generating default wrappers........
ruby-1.9.3-p551 - #adjusting #shebangs for (gem irb erb ri rdoc testrb rake).
Install of ruby-1.9.3-p551 - #complete
WARNING: Please be aware that you just installed a ruby that is no longer maintained (), for a list of maintained rubies visit:
http://bugs.ruby-lang.org/projects/ruby/wiki/ReleaseEngineering
Please consider upgrading to ruby-2.1.5 which will have all of the latest security patches.
Ruby was built without documentation, to build it run: rvm docs generate-ri
执行命令,设置ruby版本:
rvm 1.9.3 –default
1.5.5 安装bundler
执行命令:
echo "gem: --no-rdoc --no-ri" & ~/.gemrc
输出信息如下:
Fetching: bundler-1.7.9.gem (100%)
Successfully installed bundler-1.7.9
1 gem installed
1.5.6下载beef
执行命令:
git clone git:///beefproject/beef.git
输出信息如下:
正克隆到 'beef'...
remote: Counting objects: 22584, done.
remote: Compressing objects: 100% (47/47), done.
remote: Total 22584 (delta 29), reused 0 (delta 0)
Receiving objects: 100% (), 9.20 MiB | 208 KiB/s, done.
Resolving deltas: 100% (), done.
1.5.7 安装和启动
进入beef源码目录:
bundle install
输出信息如下:
Don't run Bundler as root. Bundler can ask for sudo if it is needed, and
installing your bundle as root will break this application for all non-root
users on this machine.
Fetching gem metadata from http://rubygems.org/.........
Fetching additional metadata from http://rubygems.org/..
Resolving dependencies...
Installing addressable 2.3.6
Installing ansi 1.4.3
Installing daemons 1.1.9
Installing data_objects 0.10.14
Installing dm-core 1.2.1
Installing dm-do-adapter 1.2.0
Installing dm-migrations 1.2.0
Installing do_sqlite3 0.10.14
Installing dm-sqlite-adapter 1.2.0
Installing eventmachine 1.0.3
Installing em-websocket 0.3.8
Installing erubis 2.7.0
Installing execjs 2.2.2
Installing geoip 1.4.0
Installing json 1.8.1
Installing librex 0.0.999
Installing libv8 3.11.8.17
Installing msgpack 0.5.9
Installing msfrpc-client 1.0.3
Installing multi_json 1.10.1
Installing parseconfig 1.0.6
Installing rack 1.5.2
Installing rack-protection 1.5.3
Installing rainbow 2.0.0
Installing ref 1.0.5
Installing rexec 1.6.3
Installing rubydns 0.7.0
Installing rubyzip 1.1.6
Installing tilt 1.4.1
Installing sinatra 1.4.2
Installing tins 1.3.3
Installing term-ansicolor 1.3.0
Installing therubyracer 0.11.3
Installing thin 1.6.3
Installing uglifier 2.2.1
Using bundler 1.7.9
Your bundle is complete!
Use `bundle show [gemname]` to see where a bundled gem is installed.
启动beef。
成功信息:
[10:34:13][*] Bind socket [imapeudora1] listening on [0.0.0.0:2000].
[10:34:14][*] Browser Exploitation Framework (BeEF) 0.4.5.1-alpha
[10:34:14]
Twit: @beefproject
[10:34:14]
[10:34:14]
[10:34:14]
Wiki: /beefproject/beef/wiki
[10:34:14][*] Project Creator: Wade Alcorn (@WadeAlcorn)
[10:34:14][*] BeEF is loading. Wait a few seconds...
[10:34:17][*] 11 extensions enabled.
[10:34:17][*] 221 modules enabled.
[10:34:17][*] 2 network interfaces were detected.
[10:34:17][+] running on network interface: 127.0.0.1
[10:34:17]
Hook URL: http://127.0.0.1:3000/hook.js
[10:34:17]
http://127.0.0.1:3000/ui/panel
[10:34:17][+] running on network interface: 192.168.1.103
[10:34:17]
Hook URL: http://192.168.1.103:3000/hook.js
[10:34:17]
http://192.168.1.103:3000/ui/panel
[10:34:17][*] RESTful API key: 80ae1fc7f98ff50abfa
[10:34:17][*] DNS Server: 127.0.0.1:5300 (udp)
[10:34:17]
Upstream Server: 8.8.8.8:53 (udp)
[10:34:17]
Upstream Server: 8.8.8.8:53 (tcp)
[10:34:17][*] HTTP Proxy: http://127.0.0.1:6789
[10:34:17][*] BeEF server started (press control+c to stop)
[10:34:21][*] New Hooked Browser [id:1, ip:192.168.1.104, type:IE-6, os:Windows XP], hooked domain [192.168.1.103:3000]
1.6 集成metasploit
如果是使用apt-get install 安装,从 /usr/share/beef-xss 目录下开始配置。如果是源码安装,从源码目录下进行配置。
在根目录下配置config.yaml,将extension下面的metasploit值设置为true。
切换目录到beef文件根目录下的extensions/metasploit下,配置config.yaml,主要注意ip地址和mspath下 custom的选项,见标黄的部分。
# Copyright (c)
Wade Alcorn -
# Browser Exploitation Framework (BeEF) -
# See the file 'doc/COPYING' for copying permission
# Enable MSF by changing extension:metasploit:enable to true
# Then set msf_callback_host to be the public IP of your MSF server
# Ensure you load the xmlrpc interface in Metasploit
# msf & load msgrpc ServerHost=IP Pass=abc123
# Please note that the ServerHost parameter must have the same value of host and callback_host variables here below.
# Also always use the IP of your machine where MSF is listening.
extension:
metasploit:
name: 'Metasploit'
enable: true
host: "192.168.1.103"
port: 55552
user: "msf"
pass: "abc123"
uri: '/api'
# if you need "ssl: true" make sure you start msfrpcd with "SSL=y", like:
# load msgrpc ServerHost=IP Pass=abc123 SSL=y
ssl: false
ssl_version: 'TLSv1'
ssl_verify: true
callback_host: "192.168.1.103"
autopwn_url: "autopwn"
auto_msfrpcd: false
auto_msfrpcd_timeout: 120
msf_path: [
{os: 'osx', path: '/opt/local/msf/'},
{os: 'livecd', path: '/opt/metasploit-framework/'},
{os: 'bt5r3', path: '/opt/metasploit/msf3/'},
{os: 'bt5', path: '/opt/framework3/msf3/'},
{os: 'backbox', path: '/opt/backbox/msf/'},
{os: 'kali', path: '/usr/share/metasploit-framework/'},
{os: 'pentoo', path: '/usr/lib/metasploit'},
{os: 'win', path: 'c:\\metasploit-framework\\'},
{os: 'custom', path: '/usr/share/metasploit-framework/'}
启动metasploit之后,输入如下命令:
load msgrpc ServerHost=192.168.1.103 Pass=abc123
serverhost 和pass选项对应上面配置中的host和pass(标红的部分)。
metasploit msgrpc连接成功之后,再启动BeEF,会看到加载metasploit组件成功的信息。
原文参考:/Blog/c4d6efbc-9db2-4fcb-b6b8-9eae85cb3fc0
ps:对此文章感兴趣的读者,可以加qq群:Hacking:(已满);Hacking-2群:;Hacking-3群:;hacking-4群:;Hacking-5群:
如果您想提高自己的技术水平,认识同行朋友、开拓技术视野,请加入QQ群:
Powered by
& 2014 &&&联系本站:}
我要回帖
更多关于 metasploit安装教程 的文章
更多推荐
- ·北京161中学在北京市最好的中学排行榜排名第几?
- ·建水自驾游必去十大景点县城去陈官新寨有几公里?
- ·学西餐培训前十学校排名的培训?
- ·一耽双男主漫画快看在哪可以看?
- ·看两人感情发展状况六爻隔多久可以算一次卦?
- ·阿迪达斯清风系列b24443多少钱
- ·打开wk.时出现问题,wk打开涨停板是什么意思思
- ·疯狂猜图紫色背景绿头发篮球员长白头发是什么原因人物
- ·求发taiki迅雷资源的初受和虐 囚 堕 辱 虐 酷 折 槛 ,要视频不要链接, 采纳必重赏
- ·吕婉柔35分钟ed2k钟
- ·跪求谁有道客巴巴的账号账号,密码~~需要下载文件,要求500分
- ·物流公司 圆通速递运单号查询 运单号码 600106872614 我是6.5号买的,可是查不到,问了几次都
- ·求爱很烂95分钟女性瘾者完整版无删减 不是82分钟的删减版 要未删减的!万分感谢!920934184!
- ·求爱很烂95分钟绝命派对完整版无删减 不是82分钟的删减版 要未删减的!万分感谢!920934184
- ·谁有 the black alley 陈丽陈丽的视频?
- ·宋小宝搞笑视频白洋淀演出视频
- ·如何更改Office 2013序列号 控制面板修改office2013激活码20150激活码的方法
- ·J.Agric.Food chemdraw怎么画聚合物 好像是一个什么期刊物的
- ·求大神给个天涯明月刀激活码领取的激活码谢谢了
- ·求 kali 或者 kali更新metasploitt 教程
- ·求《血色征途东北的明朝那些事txt》TXT下载
- ·如何提高公共道德规范
- ·在抵御西方意识形态斗争中,作为一个荆州青年人才网的你有何高见或建议论文1000资字
- ·论文 怎样帮助独生子女证明走出"自我中心"的困境
- ·在抵御西方意识形态斗争中,作为一个请简要概括青年人对的你有何高见或建议论文1000资字
- ·魔界cf王者之心怎么得1.0e怎么打不开
- ·技术世界中的设计依法治国核心是什么么设计
- ·骨正基视频第二幼儿园远程视频怎么观看
- ·大众创业万众创新背景,万众创新可能会遇到哪些困难如何克服
- ·课题是两款价格相近的车的比较的毕业论文课题申请表
- ·初音未来cosplay服装 h 初音视频。
- ·山东临沂丹桂园棚头在1米50直径要多少钱一棵?
- ·帮大哥在宁晋调解视频韩村调解视频
- ·暗黑2 暗黑2毁灭之王1.11 1.11爆率和大箱子补丁一一二三六九九三八八
