beef

https://gems.ruby-china.org/是国内的ruby镜像站点 十分霸道 记录下过程 其实并不难 curl -L https://get.rvm.io | bash -s stable --autolibs=enabled curl -L https://get.rvm.io | bash -s stable gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 或者 curl -sSL https://rvm.io/mpapis.asc | gpg --import - 如果提示少了gpg 就执行提示的代码如上 logout #退出一下再进入或者 source ~/.rvm/scripts/rvm rvm autolibs enable rvm requirements "/usr/local/rvm/config/db" ruby-lang.org 替换成 ruby-china.org rvm autolibs readline #看一下git再选择装什么版本 2.1.0不适用新版本了 cd 进入文件夹 rvm --install 2.3.3 --with-readline-dir=$rvm_path/usr rvm --install

EXPLOITATION - XSS VULNS EXPLOITING XSS Run any javascript code. Beef framework can be used to hook targets. Inject Beef hook in vulnerable pages. Execute code from beef. BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. https://github.com/beefproject/beef Start the BeEF service. Login the DVWA website, then open the XSS Stored page. Sign one record on the guestbook. (Modify the maxlength if necessary) Open the DVWA web site on the victim PC. Then login to the BeEF Control Panel. You can find the information about the hooked

Basic BeEF commands: Login the BeEF Control Panel, and go to Commands page. Create Alert Dialog: Run Raw JavaScript Spyder Eye Redirect Browser Delivering Malware using BeEF 来源： https://www.cnblogs.com/keepmoving1113/p/11521066.html