Старый 02.02.2017, 02:18   #1
Марк Эльва
 
Регистрация: 28.12.2015
Сообщений: 6
Репутация: -1
Question Запуск BeEF на CentOS VDS

Приветствую.
Установил BeEF на VDS с CentOS на борту, в /root/beef
Конфиг не изменял - добавил IP хоста и данные MySQL.
Запускается, но UI интерфейс не работает.

Скрин:
http://rgho.st/private/6H9TPTdWk/d0e...6eff/thumb.png



С чем может быть связано?
Знатоки, напишите что проверить.


Конфиг:
Код:
#
# Copyright (c) 2006-2016 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
# BeEF Configuration file

beef:
    version: '0.4.7.0-alpha'
    # More verbose messages (server-side)
    debug: false
    # More verbose messages (client-side)
    client_debug: false
    # Used for generating secure tokens
    crypto_default_value_length: 80

    # Interface / IP restrictions
    restrictions:
        # subnet of IP addresses that can hook to the framework
        permitted_hooking_subnet: "0.0.0.0/0"
        # subnet of IP addresses that can connect to the admin UI
        #permitted_ui_subnet: "127.0.0.1/32"
        permitted_ui_subnet: "0.0.0.0/0"

    # HTTP server
    http:
        debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
        host: "прописан IP"
        port: "3000"

        # Decrease this setting to 1,000 (ms) if you want more responsiveness
        #  when sending modules and retrieving results.
        # NOTE: A poll timeout of less than 5,000 (ms) might impact performance
        #  when hooking lots of browsers (50+).
        # Enabling WebSockets is generally better (beef.websocket.enable)
        xhr_poll_timeout: 1000

        # Host Name / Domain Name
        # If you want BeEF to be accessible via hostname or domain name (ie, DynDNS),
        #   set the public hostname below:
        public: "прописан IP"      # public hostname/IP address

        # Reverse Proxy / NAT
        # If you want BeEF to be accessible behind a reverse proxy or NAT,
        #   set both the publicly accessible hostname/IP address and port below:
        #public: ""      # public hostname/IP address
        #public_port: "" # public port (experimental)

        # Web Admin user interface URI
        web_ui_basepath: "/ui"

        # Hook
        hook_file: "/hook.js"
        hook_session_name: "BEEFHOOK"
        session_cookie_name: "BEEFSESSION"

        # Allow one or multiple origins to access the RESTful API using CORS
        # For multiple origins use: "http://browserhacker.com, http://domain2.com"
        restful_api:
            allow_cors: false
            cors_allowed_domains: "http://browserhacker.com"

        # Prefer WebSockets over XHR-polling when possible.
        websocket:
            enable: false
            port: 61985 # WS: good success rate through proxies
            # Use encrypted 'WebSocketSecure'
            # NOTE: works only on HTTPS domains and with HTTPS support enabled in BeEF
            secure: true
            secure_port: 61986 # WSSecure
            ws_poll_timeout: 1000 # poll BeEF every second
            ws_connect_timeout: 500 # useful to help fingerprinting finish before establishing the WS channel

        # Imitate a specified web server (default root page, 404 default error page, 'Server' HTTP response header)
        web_server_imitation:
            enable: true
            type: "apache" # Supported: apache, iis, nginx
            hook_404: false # inject BeEF hook in HTTP 404 responses
            hook_root: false # inject BeEF hook in the server home page
        # Experimental HTTPS support for the hook / admin / all other Thin managed web services
        https:
            enable: false
            # In production environments, be sure to use a valid certificate signed for the value
            # used in beef.http.public (the domain name of the server where you run BeEF)
            key: "beef_key.pem"
            cert: "beef_cert.pem"

    database:
        # For information on using other databases please read the
        # README.databases file

        # supported DBs: sqlite, mysql, postgres
        # NOTE: you must change the Gemfile adding a gem require line like:
        #   gem "dm-postgres-adapter"
        # or
        #   gem "dm-mysql-adapter"
        # if you want to switch drivers from sqlite to postgres (or mysql).
        # Finally, run a 'bundle install' command and start BeEF.
        driver: "sqlite"

        # db_file is only used for sqlite
        db_file: "beef.db"

        # db connection information is only used for mysql/postgres
        db_host: "localhost"
        db_port: 3306
        db_name: "bf"
        db_user: "bfmysql"
        db_passwd: "VvmvatQ62@sns8@#"
        db_encoding: "UTF-8"

    # Credentials to authenticate in BeEF.
    # Used by both the RESTful API and the Admin_UI extension
    credentials:
        user:   "beef"
        passwd: "beef"

    # Autorun Rule Engine
    autorun:
        # this is used when rule chain_mode type is nested-forward, needed as command results are checked via setInterval
        # to ensure that we can wait for async command results. The timeout is needed to prevent infinite loops or eventually
        # continue execution regardless of results.
        # If you're chaining multiple async modules, and you expect them to complete in more than 5 seconds, increase the timeout.
        result_poll_interval: 300
        result_poll_timeout: 5000

        # If the modules doesn't return status/results and timeout exceeded, continue anyway with the chain.
        # This is useful to call modules (nested-forward chain mode) that are not returning their status/results.
        continue_after_timeout: true

    # Enables DNS lookups on zombie IP addresses
    dns_hostname_lookup: false

    # IP Geolocation
    # NOTE: requires MaxMind database:
    #   curl -O http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
    #   gunzip GeoLiteCity.dat.gz && mkdir /opt/GeoIP && mv GeoLiteCity.dat /opt/GeoIP
    geoip:
        enable: false
        database: '/opt/GeoIP/GeoLiteCity.dat'

    # Integration with PhishingFrenzy
    # If enabled BeEF will try to get the UID parameter value from the hooked URI, as this is used by PhishingFrenzy
    # to uniquely identify the victims. In this way you can easily associate phishing emails with hooked browser.
    integration:
        phishing_frenzy:
            enable: false

    # You may override default extension configuration parameters here
    extension:
        requester:
            enable: true
        proxy:
            enable: true
            key: "beef_key.pem"
            cert: "beef_cert.pem"
        metasploit:
            enable: false
        social_engineering:
            enable: true
        evasion:
            enable: false
        ipec:
            enable: true
        # this is still experimental..
        dns:
            enable: false
        # this is still experimental..
        dns_rebinding:
            enable: false
Спасибо.
Марк Эльва вне форума   Ответить с цитированием
Ответ

Опции темы Поиск в этой теме
Поиск в этой теме:

Расширенный поиск
Опции просмотра

Ваши права в разделе
Вы не можете создавать новые темы
Вы не можете отвечать в темах
Вы не можете прикреплять вложения
Вы не можете редактировать свои сообщения

BB коды Вкл.
Смайлы Вкл.
[IMG] код Вкл.
HTML код Выкл.

Быстрый переход



Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd. Перевод: zCarot