Kali下beEF关联metasploit的攻击模块

首先我们需要了解下beEF和metasploit的几个目录，

beEF的目录在：/usr/share/beef-xss下，

一、进入

root@kali:/usr/share/beef-xss#

二、使用vim编辑器打开

root@kali:/usr/share/beef-xss# vim config.yaml

三、进入

root@kali:/usr/share/beef-xss/extensions/metasploit#

1 #
2 # Copyright (c) 2006-2014 Wade Alcorn – wade@bindshell.net
3 # Browser Exploitation Framework (BeEF) – http://beefproject.com
4 # See the file ‘doc/COPYING’ for copying permission
5 #
6 # Enable MSF by changing extension:metasploit:enable to true
7 # Then set msf_callback_host to be the public IP of your MSF server
8 #
9 # Ensure you load the xmlrpc interface in Metasploit
10 # msf > load msgrpc ServerHost=10.211.55.2 Pass=abc123
11 # Please note that the ServerHost parameter must have the same value of host     and callback_host variables here below.
12 # Also always use the IP of your machine where MSF is listening.
13 beef:
14     extension:
15         metasploit:
16             name: ‘Metasploit’
17             enable: true
18             host: “192.168.34.220”
19             port: 55552
20             user: “msf”
21             pass: “abc123”
22             uri: ‘/api’

四、如何加载；

msf > load msgrpc ServerHost=192.168.34.220 Pass=abc123
[*] MSGRPC Service:  192.168.34.220:55552
[*] MSGRPC Username: msf
[*] MSGRPC Password: abc123
[*] Successfully loaded plugin: msgrpc
msf >

五、启动BeeF

root@kali:~# cd /usr/share/beef-xss/
root@kali:/usr/share/beef-xss# ./beef
[17:28:28][*] Bind socket [imapeudora1] listening on [0.0.0.0:2000].
[17:28:28][*] Browser Exploitation Framework (BeEF) 0.4.4.9-alpha
[17:28:28]    |   Twit: @beefproject
[17:28:28]    |   Site: http://beefproject.com
[17:28:28]    |   Blog: http://blog.beefproject.com
[17:28:28]    |_  Wiki: https://github.com/beefproject/beef/wiki
[17:28:28][*] Project Creator: Wade Alcorn (@WadeAlcorn)
[17:28:30][*] Successful connection with Metasploit.
[17:28:42][*] Loaded 293 Metasploit exploits.
[17:28:43][*] BeEF is loading. Wait a few seconds…