If you want to use Browser Exploitation Framework (BeEF) across WAN without forwarding any ports, the simplest method to do so is to install it on an Amazon Cloud Infrastructure AWS EC2 (Elastic computing) Instance by following the instructions here.
We can install beef straight from the marketplaces on Linode, but in the case of AWS we have to install it on any linux distribution.
We'll be installing it on Kali Linux here.
So, to begin, here are the steps:
Installation of Kali Linux on Amazon AWS Ec2
Step 1: Log in to Amazon Management Console.
If you are new to the AWS cloud, you must first sign up for an account with this cloud computing service provider. A one-year free trial of the service is also available. As a result, newbies can use it to try out the service for free.
Step 2: Once you are in the Management Console, click Ec2 from the Service Menu to view the Dashboard dedicated to managing instances, storage, and services.
Step 3: On the left side of the Ec2 Dashboard, find the Instances option and click it. Then, click the "Launch Instance" button.
Step 4: Fill in the "Name and tags" field with a relevant tag or name.
Step 5: Scroll down to find the "Choose an Amazon Machine Image (AMI)" option. Enter Kali in the Search box and press the Enter key. The pre-built Kali Linux Image provided by Offensive Security will appear first in the search results. Click on the "Select" button.
Step 6: Click on "Continue".
Step 7: Now we must configure the Kali Linux Instance or Virtual Hardware. Simply choose the free instance type "t2.micro" or the one that best suits your needs.
Step 8: If there are no current key pairs, users can create new ones. Simply pick the "Create a new key pair" option.
Step 9: Now give some name to your "Key Pair" and hit "create key pair".
Step 10: The key pair will get downloaded automatically. Keep it somewhere secure since we'll need it to remotely access to our Kali Linux Ec2 Instance through SSH.
Step 11: The storage space is set to 12 GB by default, but you may expand it if necessary. Otherwise, leave the default settings unchanged.
Step 12: Now just click on the "Advance details" and find "Shutdown behavior" and change the type to "Stop". Then Launch the instance by clicking "Launch instance".
Step 13: Wait for the procedure to be completed!
Step 14: Then click on the "View all instances" button.
Step 15: Click on the instance.
Step 16: Open the Command Prompt or Terminal on your local machine and locate the downloaded Keypair. You may use use any SSH client to accomplish this.
Then Run this command : ssh -i "your-key-pair.pem" kali@public-ip-address
Note - Use the username Kali. Replace the bold elements in the the above command with appropriate values as well.
You can also use the Public IPv4 DNS in place of Public IP Address
Step 17: After successfully connecting to the machine just update and upgrade it by simply using the commands - sudo apt-get update && upgrade -y
Installation of Browser Exploitation Framework (BeEF)
Step 1: To install BeEF simply go to the github page of BeEF or you can simply copy the command from below and paste it on your Kali Terminal.
Command To Run : git clone https://github.com/beefproject/beef.git
Step 2: Now change directory into beef and execute the command ./install
Step 3: Then press Y and hit enter to continue.
Step 4: After the completion of the dependency installation process, change the default credentials of BeEF by editing the config.yaml file using any editor. I am using nano.
Command To Run : nano config.yaml
Step 5: Now simply try to execute BeEF by using the command: ./beef
After executing the command it may through some errors showing that some gems are not installed.
Step 6: To fix the error just execute the command: bundle install
Step 7: The bundle installation may be terminated by several gems, which you must manually install by using the instructions listed below.
Commands To Run : sudo gem install unf
sudo gem install domain_name
sudo gem install http-cookie
sudo gem install xmlrpc
bundle install
Step 8: Now just run the command ./beef
Note - The IP Address shown in the terminal is the Private IPv4 address. We have to use the Public IPv4 Address of our instance.
Step 9: Now we have to go to our AWS instances dashboard to add a security rule to enable the port 3000 which is used by BeEF.
Click on "Add rule" and type 3000 in the "port range" section. Then save it.
Step 10: Open your browser and then type in your AWS instance's IPv4 Address followed by port 3000/ui/panel.
For example: http://your-ipv4-address:3000/ui/panel
Step 11: Log in by using your credentials.
Step 12: Now you can simply send the the demo link to your victims and you will be able to hook their browser. If you want to make the link look like legitimate to the victims then you can simply get a free hosting and host a website/webpage with legit looking design.
Sign up with Free2Host to take advantage of our Lifetime Free Hosting Service.
Step 13: After hosting your website, just include the BeEF javascript file within the </body> element.
Step 14: Now send the legit looking malicious link to your victims and hook their browsers.
So, Thats all for Today! I hope you have successfully installed the BeEF on Amazon Web Server and have hooked lots of browsers over WAN! And if yes, then please share this with your friends & loved ones who are facing problems to use BeEF over WAN. If you have faced any kinds of error during the installation process feel free to leave a comment down below. Have a wonderful day!