0005311: beef-xss: Unable to execute any commands - Kali Linux Bug Tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0005311	Kali Linux	Kali Package Bug	public	2019-03-13 14:55	2019-03-14 08:44

Reporter	Skyr	Assigned To	sbrun
Priority	normal	Severity	major	Reproducibility	always
Status	resolved	Resolution	fixed
Product Version	2019.1

Summary	0005311: beef-xss: Unable to execute any commands
Description	Bug experiences with beef-xss version 0.4.7.1-0kali1 beef service starts as expected, it is possible to log into the web console, hooked browsers appear as expected. Executing any command yields no result; beef logs "Module not found". In the network tab of the browser's developer tools, the periodic requests for hook.js end with 500 internal server error. The good news: I found the cause ;-)
Steps To Reproduce	Start beef service: systemctl start beef-xss.service Log into beef console (localhost:3000) Open a "victim" browser, use the demo hook link from the beef start page Open network tab in victim browser - the hook.js is successfully requested every second In beef: Execute any command (e.g. get browser plugins) In network tab of victim browsers: The requests to hook.js turn red (status code 500)
Additional Information	Solution: beef searches the commands in subdirectories relative to the working directory of the server. To get beef working properly again, add a "WorkingDirectory" statement to the systemd service description /lib/systemd/system/beef-xss.service which points to the beef installation directory: [Service] Type=simple User=beef-xss ExecStart=/usr/share/beef-xss/beef WorkingDirectory=/usr/share/beef-xss

Date Modified	Username	Field	Change
2019-03-13 14:55	Skyr	New Issue
2019-03-14 08:44	sbrun	Assigned To	=> sbrun
2019-03-14 08:44	sbrun	Status	new => resolved
2019-03-14 08:44	sbrun	Resolution	open => fixed
2019-03-14 08:44	sbrun	Note Added: 0010417