Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #
- # Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
- # Browser Exploitation Framework (BeEF) - http://beefproject.com
- # See the file 'doc/COPYING' for copying permission
- #
- # BeEF Configuration file
- beef:
- version: '0.4.4.5-alpha'
- debug: false
- restrictions:
- # subnet of browser ip addresses that can hook to the framework
- permitted_hooking_subnet: "0.0.0.0/0"
- # subnet of browser ip addresses that can connect to the UI
- # permitted_ui_subnet: "127.0.0.1/32"
- permitted_ui_subnet: "0.0.0.0/0"
- http:
- debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
- host: "0.0.0.0"
- port: "3000"
- # Decrease this setting up to 1000 if you want more responsiveness when sending modules and retrieving results.
- # It's not advised to decrease it with tons of hooked browsers (more than 50),
- # because it might impact performance. Also, enable WebSockets is generally better.
- xhr_poll_timeout: 5000
- # if running behind a nat set the public ip address here
- #public: ""
- #public_port: "" # port setting is experimental
- # DNS
- dns_host: "localhost"
- dns_port: 53
- panel_path: "/ui/panel"
- hook_file: "/hook.js"
- hook_session_name: "BEEFHOOK"
- session_cookie_name: "BEEFSESSION"
- # Allow one or multiple domains to access the RESTful API using CORS
- # For multiple domains use: "http://browserhacker.com, http://domain2.com"
- restful_api:
- allow_cors: false
- cors_allowed_domains: "http://browserhacker.com"
- # Prefer WebSockets over XHR-polling when possible.
- websocket:
- enable: false
- secure: true # use WebSocketSecure work only on https domain and whit https support enabled in BeEF
- port: 61985 # WS: good success rate through proxies
- secure_port: 61986 # WSSecure
- ws_poll_timeout: 1000 # poll BeEF every second
- # Imitate a specified web server (default root page, 404 default error page, 'Server' HTTP response header)
- web_server_imitation:
- enable: true
- type: "apache" #supported: apache, iis
- # Experimental HTTPS support for the hook / admin / all other Thin managed web services
- https:
- enable: false
- # In production environments, be sure to use a valid certificate signed for the value
- # used in beef.http.dns_host (the domain name of the server where you run BeEF)
- key: "beef_key.pem"
- cert: "beef_cert.pem"
- database:
- # For information on using other databases please read the
- # README.databases file
- # supported DBs: sqlite, mysql, postgres
- # NOTE: you must change the Gemfile adding a gem require line like:
- # gem "dm-postgres-adapter"
- # or
- # gem "dm-mysql-adapter"
- # if you want to switch drivers from sqlite to postgres (or mysql).
- # Finally, run a 'bundle install' command and start BeEF.
- driver: "sqlite"
- # db_file is only used for sqlite
- db_file: "beef.db"
- # db connection information is only used for mysql/postgres
- db_host: "localhost"
- db_port: 5432
- db_name: "beef"
- db_user: "beef"
- db_passwd: "beef123"
- db_encoding: "UTF-8"
- # Credentials to authenticate in BeEF. Used by both the RESTful API and the Admin_UI extension
- credentials:
- user: "beef"
- passwd: "beef"
- # Autorun modules as soon the browser is hooked.
- # NOTE: only modules with target type 'working' or 'user_notify' can be run automatically.
- autorun:
- enable: true
- # set this to FALSE if you don't want to allow auto-run execution for modules with target->user_notify
- allow_user_notify: true
- crypto_default_value_length: 80
- # Enable client-side debugging
- client:
- debug: false
- # You may override default extension configuration parameters here
- extension:
- requester:
- enable: true
- proxy:
- enable: true
- metasploit:
- enable: true
- social_engineering:
- enable: true
- evasion:
- enable: false
- console:
- shell:
- enable: false
- ipec:
- enable: true
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement