I have problem with running beef-xss with my public IP address.
here is my config.yaml:
#Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net#Browser Exploitation Framework (BeEF) - https://beefproject.com#See the file 'doc/COPYING' for copying permission#BeEF Configuration filebeef: version: '0.5.4.0' # More verbose messages (server-side) debug: false # More verbose messages (client-side) client_debug: true # Used for generating secure tokens crypto_default_value_length: 80 # Credentials to authenticate in BeEF. # Used by both the RESTful API and the Admin interface credentials: user: "beef" passwd: "hreoz" # Interface / IP restrictions restrictions: # subnet of IP addresses that can hook to the framework permitted_hooking_subnet: ["0.0.0.0/0", "::/0"] # subnet of IP addresses that can connect to the admin UI #permitted_ui_subnet: ["127.0.0.1/32", "::1/128"] permitted_ui_subnet: ["0.0.0.0/0", "::/0"] # subnet of IP addresses that cannot be hooked by the framework excluded_hooking_subnet: [] # slow API calls to 1 every api_attempt_delay seconds api_attempt_delay: "0.05" # HTTP server http: debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace. host: "0.0.0.0" port: "4444" # Decrease this setting to 1,000 (ms) if you want more responsiveness # when sending modules and retrieving results. # NOTE: A poll timeout of less than 5,000 (ms) might impact performance # when hooking lots of browsers (50+). # Enabling WebSockets is generally better (beef.websocket.enable) xhr_poll_timeout: 1000 # Public Domain Name / Reverse Proxy / Port Forwarding # # In order for the client-side BeEF JavaScript hook to be able to connect to BeEF, # the hook JavaScript needs to be generated with the correct connect-back details. # # If you're using a public domain name, reverse proxy, or port forwarding you must # configure the public-facing connection details here. public: host: "41.98.71.13" # public hostname/IP address port: "4444" # public port (443 if the public server is using HTTPS) https: true # true/false # If using any reverse proxy you should also set allow_reverse_proxy to true below. # Note that this causes the BeEF server to trust the X-Forwarded-For HTTP header. # If the BeEF server is directly accessible, clients can spoof their connecting # IP address using this header to bypass the IP address permissions/exclusions. allow_reverse_proxy: false # Hook hook_file: "/hook.js" hook_session_name: "BEEFHOOK" # Allow one or multiple origins to access the RESTful API using CORS # For multiple origins use: "http://browserhacker.com, http://domain2.com" restful_api: allow_cors: false cors_allowed_domains: "http://browserhacker.com" # Prefer WebSockets over XHR-polling when possible. websocket: enable: false port: 61985 # WS: good success rate through proxies # Use encrypted 'WebSocketSecure' # NOTE: works only on HTTPS domains and with HTTPS support enabled in BeEF secure: true secure_port: 61986 # WSSecure ws_poll_timeout: 5000 # poll BeEF every x second, this affects how often the browser can have a command execute on it ws_connect_timeout: 500 # useful to help fingerprinting finish before establishing the WS channel # Imitate a specified web server (default root page, 404 default error page, 'Server' HTTP response header) web_server_imitation: enable: true type: "apache" # Supported: apache, iis, nginx hook_404: false # inject BeEF hook in HTTP 404 responses hook_root: false # inject BeEF hook in the server home page # Experimental HTTPS support for the hook / admin / all other Thin managed web services https: enable: false # In production environments, be sure to use a valid certificate signed for the value # used in beef.http.public (the domain name of the server where you run BeEF) key: "beef_key.pem" cert: "beef_cert.pem" database: file: "beef.db" # Autorun Rule Engine autorun: # this is used when rule chain_mode type is nested-forward, needed as command results are checked via setInterval # to ensure that we can wait for async command results. The timeout is needed to prevent infinite loops or eventually # continue execution regardless of results. # If you're chaining multiple async modules, and you expect them to complete in more than 5 seconds, increase the timeout. result_poll_interval: 300 result_poll_timeout: 5000 # If the modules doesn't return status/results and timeout exceeded, continue anyway with the chain. # This is useful to call modules (nested-forward chain mode) that are not returning their status/results. continue_after_timeout: true # Enables DNS lookups on zombie IP addresses dns_hostname_lookup: false # IP Geolocation geoip: enable: true # GeoLite2 City database created by MaxMind, available from https://www.maxmind.com database: '/usr/share/GeoIP/GeoLite2-City.mmdb' # You may override default extension configuration parameters here # Note: additional experimental extensions are available in the 'extensions' directory # and can be enabled via their respective 'config.yaml' file extension: admin_ui: enable: true base_path: "/ui" demos: enable: true events: enable: true evasion: enable: false requester: enable: true proxy: enable: true network: enable: true metasploit: enable: false social_engineering: enable: false xssrays: enable: truehere is my iptables forwarding :
# sudo iptables -t nat --line-numbers -Lnum target prot opt source destination 1 DNAT tcp -- anywhere anywhere tcp dpt:https to:192.168.1.14:4432 DNAT tcp -- anywhere anywhere tcp dpt:4444 to:192.168.1.14:44443 DNAT tcp -- anywhere anywhere tcp dpt:postgresql to:192.168.1.14:54324 DNAT tcp -- anywhere anywhere tcp dpt:55552 to:192.168.1.14:555525 DNAT tcp -- anywhere anywhere tcp dpt:3001 to:192.168.1.14:30006 DNAT tcp -- anywhere anywhere tcp dpt:http to:192.168.1.14:80807 DNAT tcp -- anywhere anywhere tcp dpt:ftp to:192.168.1.14:2121router forwarding:
router forwarding is the same
terminal :
Can you please help me running beef-xss with public IP. What seems to be problem here?