· 6 years ago · Sep 13, 2019, 10:57 PM
1#
2# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
3# Browser Exploitation Framework (BeEF) - http://beefproject.com
4# See the file 'doc/COPYING' for copying permission
5#
6# BeEF Configuration file
7
8beef:
9 version: '0.4.7.1-alpha'
10 # More verbose messages (server-side)
11 debug: false
12 # More verbose messages (client-side)
13 client_debug: false
14 # Used for generating secure tokens
15 crypto_default_value_length: 80
16
17 # Credentials to authenticate in BeEF.
18 # Used by both the RESTful API and the Admin interface
19 credentials:
20 user: "beef"
21 passwd: "beef"
22
23 # Interface / IP restrictions
24 restrictions:
25 # subnet of IP addresses that can hook to the framework
26 permitted_hooking_subnet: "0.0.0.0/0"
27 # subnet of IP addresses that can connect to the admin UI
28 #permitted_ui_subnet: "127.0.0.1/32"
29 permitted_ui_subnet: "0.0.0.0/0"
30 # slow API calls to 1 every api_attempt_delay seconds
31 api_attempt_delay: "0.05"
32
33 # HTTP server
34 http:
35 debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
36 host: "0.0.0.0"
37 port: "3000"
38
39 # Decrease this setting to 1,000 (ms) if you want more responsiveness
40 # when sending modules and retrieving results.
41 # NOTE: A poll timeout of less than 5,000 (ms) might impact performance
42 # when hooking lots of browsers (50+).
43 # Enabling WebSockets is generally better (beef.websocket.enable)
44 xhr_poll_timeout: 1000
45
46 # Host Name / Domain Name
47 # If you want BeEF to be accessible via hostname or domain name (ie, DynDNS),
48 # set the public hostname below:
49 #public: "" # public hostname/IP address
50
51 # Reverse Proxy / NAT
52 # If you want BeEF to be accessible behind a reverse proxy or NAT,
53 # set both the publicly accessible hostname/IP address and port below:
54 #public: "" # public hostname/IP address
55 #public_port: "" # public port (experimental)
56
57 # Hook
58 hook_file: "/hook.js"
59 hook_session_name: "BEEFHOOK"
60
61 # Allow one or multiple origins to access the RESTful API using CORS
62 # For multiple origins use: "http://browserhacker.com, http://domain2.com"
63 restful_api:
64 allow_cors: false
65 cors_allowed_domains: "http://browserhacker.com"
66
67 # Prefer WebSockets over XHR-polling when possible.
68 websocket:
69 enable: false
70 port: 61985 # WS: good success rate through proxies
71 # Use encrypted 'WebSocketSecure'
72 # NOTE: works only on HTTPS domains and with HTTPS support enabled in BeEF
73 secure: true
74 secure_port: 61986 # WSSecure
75 ws_poll_timeout: 1000 # poll BeEF every second
76 ws_connect_timeout: 500 # useful to help fingerprinting finish before establishing the WS channel
77
78 # Imitate a specified web server (default root page, 404 default error page, 'Server' HTTP response header)
79 web_server_imitation:
80 enable: true
81 type: "apache" # Supported: apache, iis, nginx
82 hook_404: false # inject BeEF hook in HTTP 404 responses
83 hook_root: false # inject BeEF hook in the server home page
84 # Experimental HTTPS support for the hook / admin / all other Thin managed web services
85 https:
86 enable: false
87 # In production environments, be sure to use a valid certificate signed for the value
88 # used in beef.http.public (the domain name of the server where you run BeEF)
89 key: "beef_key.pem"
90 cert: "beef_cert.pem"
91
92 database:
93 # For information on using other databases please read the
94 # README.databases file
95
96 # supported DBs: sqlite, mysql, postgres
97 # NOTE: you must change the Gemfile adding a gem require line like:
98 # gem "dm-postgres-adapter"
99 # or
100 # gem "dm-mysql-adapter"
101 # if you want to switch drivers from sqlite to postgres (or mysql).
102 # Finally, run a 'bundle install' command and start BeEF.
103 driver: "sqlite"
104
105 # db_file is only used for sqlite
106 db_file: "db/beef.db"
107
108 # db connection information is only used for mysql/postgres
109 db_host: "localhost"
110 db_port: 3306
111 db_name: "beef"
112 db_user: "beef"
113 db_passwd: "beef"
114 db_encoding: "UTF-8"
115
116 # Autorun Rule Engine
117 autorun:
118 # this is used when rule chain_mode type is nested-forward, needed as command results are checked via setInterval
119 # to ensure that we can wait for async command results. The timeout is needed to prevent infinite loops or eventually
120 # continue execution regardless of results.
121 # If you're chaining multiple async modules, and you expect them to complete in more than 5 seconds, increase the timeout.
122 result_poll_interval: 300
123 result_poll_timeout: 5000
124
125 # If the modules doesn't return status/results and timeout exceeded, continue anyway with the chain.
126 # This is useful to call modules (nested-forward chain mode) that are not returning their status/results.
127 continue_after_timeout: true
128
129 # Enables DNS lookups on zombie IP addresses
130 dns_hostname_lookup: false
131
132 # IP Geolocation
133 # NOTE: requires MaxMind database. Run geoipupdate to install.
134 geoip:
135 enable: true
136 database: '/var/lib/GeoIP/GeoLite2-City.mmdb'
137
138 # Integration with PhishingFrenzy
139 # If enabled BeEF will try to get the UID parameter value from the hooked URI, as this is used by PhishingFrenzy
140 # to uniquely identify the victims. In this way you can easily associate phishing emails with hooked browser.
141 integration:
142 phishing_frenzy:
143 enable: false
144
145 # You may override default extension configuration parameters here
146 # Note: additional experimental extensions are available in the 'extensions' directory
147 # and can be enabled via their respective 'config.yaml' file
148 extension:
149 admin_ui:
150 enable: true
151 base_path: "/ui"
152 demos:
153 enable: true
154 events:
155 enable: true
156 evasion:
157 enable: false
158 requester:
159 enable: true
160 proxy:
161 enable: true
162 network:
163 enable: true
164 metasploit:
165 enable: false
166 social_engineering:
167 enable: true
168 xssrays:
169 enable: true