Main Content

Exploiting Local Dev Envs

Table Of Contents

Running Locally


How does BeEF work?

  1. Bob visits a page with malicious Javascript
    • Ex: Mallory's DOM XSS loaded
  2. hook.js interacts with Mallory's Command and Control (C&C) server
  3. Through the C&C server, Mallory launches attacks from the victim's browser
    • BeEF allows Mallory to…
      1. Find servers on the victim's local area network (LAN)
        • Including servers listening on localhost
      2. Make REST requests to these servers if CORS isn't strict
      3. Execute arbitrary Javascript payloads within the victim's browser

Demo: How To Find A Dev's ES Instance

Demo: Finding A Prod ES Instance

Demo: Finding A Prod ES Instance (CONT.)

Exfiltrating Data

Demo: Searching The PROD Cluster

Assumption Recap


Knowledge Dependency Tree