#### Hook url not working (ERR_CONNECTION_TIMED_OUT)

[gitman99]

Environment

What version/revision of BeEF are you using?
0.4.7.0-alpha last one i reinstall it yesterday
On what version of Ruby?
last one i just update it (sudo apt-get install ruby-full)

On what browser?
Google chrome , Mozilla

On what operating system?
zombie machine vm windows10 and win 8.1
win 7
and i'm currently using kali linux

Configuration

here is my yaml config

Copyright (c) 2006-2016 Wade Alcorn - [email protected]

Browser Exploitation Framework (BeEF) - http://beefproject.com

See the file 'doc/COPYING' for copying permission

BeEF Configuration file

beef:
version: '0.4.7.0-alpha'
# More verbose messages (server-side)
debug: false
# More verbose messages (client-side)
client_debug: false
# Used for generating secure tokens
crypto_default_value_length: 80

# Interface / IP restrictions
restrictions:
    # subnet of IP addresses that can hook to the framework
    permitted_hooking_subnet: "0.0.0.0/0"
    # subnet of IP addresses that can connect to the admin UI
    #permitted_ui_subnet: "127.0.0.1/32"
    permitted_ui_subnet: "0.0.0.0/0"

# HTTP server
http:
    debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
    host: "0.0.0.0"
    port: "3000"

    # Decrease this setting to 1,000 (ms) if you want more responsiveness
    #  when sending modules and retrieving results.
    # NOTE: A poll timeout of less than 5,000 (ms) might impact performance
    #  when hooking lots of browsers (50+).
    # Enabling WebSockets is generally better (beef.websocket.enable)
    xhr_poll_timeout: 1000

    # Reverse Proxy / NAT
    # If BeEF is running behind a reverse proxy or NAT
    #  set the public hostname and port here
    #public: ""      # public hostname/IP address
    #public_port: "" # experimental

    # DNS
    dns_host: "localhost"
    dns_port: 53

    # Web Admin user interface URI
    web_ui_basepath: "/ui"

    # Hook
    hook_file: "/hook.js"
    hook_session_name: "BEEFHOOK"
    session_cookie_name: "BEEFSESSION"

    # Allow one or multiple origins to access the RESTful API using CORS
    # For multiple origins use: "http://browserhacker.com, http://domain2.com"
    restful_api:
        allow_cors: false
        cors_allowed_domains: "http://browserhacker.com"

    # Prefer WebSockets over XHR-polling when possible.
    websocket:
        enable: false
        port: 61985 # WS: good success rate through proxies
        # Use encrypted 'WebSocketSecure'
        # NOTE: works only on HTTPS domains and with HTTPS support enabled in BeEF
        secure: true
        secure_port: 61986 # WSSecure
        ws_poll_timeout: 1000 # poll BeEF every second

    # Imitate a specified web server (default root page, 404 default error page, 'Server' HTTP response header)
    web_server_imitation:
        enable: true
        type: "apache" # Supported: apache, iis, nginx
        hook_404: false # inject BeEF hook in HTTP 404 responses
        hook_root: false # inject BeEF hook in the server home page
    # Experimental HTTPS support for the hook / admin / all other Thin managed web services
    https:
        enable: false
        # In production environments, be sure to use a valid certificate signed for the value
        # used in beef.http.dns_host (the domain name of the server where you run BeEF)
        key: "beef_key.pem"
        cert: "beef_cert.pem"

database:
    # For information on using other databases please read the
    # README.databases file

    # supported DBs: sqlite, mysql, postgres
    # NOTE: you must change the Gemfile adding a gem require line like:
    #   gem "dm-postgres-adapter"
    # or
    #   gem "dm-mysql-adapter"
    # if you want to switch drivers from sqlite to postgres (or mysql).
    # Finally, run a 'bundle install' command and start BeEF.
    driver: "sqlite"

    # db_file is only used for sqlite
    db_file: "beef.db"

    # db connection information is only used for mysql/postgres
    db_host: "localhost"
    db_port: 3306
    db_name: "beef"
    db_user: "beef"
    db_passwd: "beef"
    db_encoding: "UTF-8"

# Credentials to authenticate in BeEF.
# Used by both the RESTful API and the Admin_UI extension
credentials:
    user:   "beef"
    passwd: "beef"

# Autorun Rule Engine
autorun:
    # this is used when rule chain_mode type is nested-forward, needed as command results are checked via setInterval
    # to ensure that we can wait for async command results. The timeout is needed to prevent infinite loops or eventually
    # continue execution regardless of results.
    # If you're chaining multiple async modules, and you expect them to complete in more than 5 seconds, increase the timeout.
    result_poll_interval: 300
    result_poll_timeout: 5000

    # If the modules doesn't return status/results and timeout exceeded, continue anyway with the chain.
    # This is useful to call modules (nested-forward chain mode) that are not returning their status/results.
    continue_after_timeout: true

# Enables DNS lookups on zombie IP addresses
dns_hostname_lookup: false

# IP Geolocation
# NOTE: requires MaxMind database:
#   curl -O http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
#   gunzip GeoLiteCity.dat.gz && mkdir /opt/GeoIP && mv GeoLiteCity.dat /opt/GeoIP
geoip:
    enable: false
    database: '/opt/GeoIP/GeoLiteCity.dat'

# Integration with PhishingFrenzy
# If enabled BeEF will try to get the UID parameter value from the hooked URI, as this is used by PhishingFrenzy
# to uniquely identify the victims. In this way you can easily associate phishing emails with hooked browser.
integration:
    phishing_frenzy:
        enable: false

# You may override default extension configuration parameters here
extension:
    requester:
        enable: true
    proxy:
        enable: true
        key: "beef_key.pem"
        cert: "beef_cert.pem"
    metasploit:
        enable: false
    social_engineering:
        enable: true
    evasion:
        enable: false
    console:
         shell:
            enable: false
    ipec:
        enable: true
    # this is still experimental..
    dns:
        enable: true
    # this is still experimental..
    dns_rebinding:
        enable: false

Have you enabled or disabled any BeEF extensions?
metasploit set it to true

Summary

the problem is really simple, the hook url is working in my own browser but not in other machines

Expected Behavior

display the basic demo page

Actual Behaviour

it display this error when you click on the hook url: err_connection_timed_out

Additional Information

i switched my network config in the vm to bridge so it could have it own ip
i tried to set the time out to 5000ms. but no result

[bcoles]

That's unusual.

Did you remember to (re)start BeEF after changing the adapter to bridged, and use the appropriate hook URL for the bridged IP address?

Can the other hosts access pages apart from the demo pages?

Does it work with the metasploit extension disabled?

[gitman99]

"Did you remember to (re)start BeEF after changing the adapter to bridged" yes did that, also the win7 is not on wm, and it doesn't work, same problem err_connection_timed_out
"Can the other hosts access pages apart from the demo pages?"i tried it with the second url where there is meat images, still not working
"Does it work with the metasploit extension disabled?" i disabled it still not working
thanks for fast respond, sorry for my bad English

[bcoles]

Thanks for providing your config.yaml - that's helpful.

It sounds like a network issue.

Can you ping the BeEF server from the zombie? Can you access the BeEF admin panel /ui/panel from the zombie?

[gitman99]

"Can you ping the BeEF server from the zombie" ping is 215ms
"Can you access the BeEF admin panel /ui/panel from the zombie?" no i can't
i've changed my connection access point still again the same problem

this site can't be reached
192...... took too long to respond
ERR_CONNECTION_TIMED_OUT

[mcnightstricker]

well guys i am using beef on kali linux 32

On Fri, Apr 1, 2016 at 11:30 AM, gitman99 [email protected] wrote:

"Can you ping the BeEF server from the zombie" ping is 215ms
"Can you access the BeEF admin panel /ui/panel from the zombie?" no i
can't
i've changed my connection access point still again the same problem

this site can't be reached
192...... took too long to respond
ERR_CONNECTION_TIMED_OUT

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub
#1237 (comment)

[gitman99]

@mcnightstricker i'm using it on 64 but i don't think that there is much difference, any way it's still not working and google is not giving answers
so i reinstall it manually and didn't miss any step but the result still the same, not working
@antisnatchor @bcoles

[ryeacierto]

same issue here is BeEF broken at the moment?

[bcoles]

@ryeacierto @gitman99 @mcnightstricker - confirming you all have the same issue:

• The Admin UI panel is inaccessible and you receive a network timeout in the browser console attempting to access it.
• You're using the default configuration (websockets disabled, console disabled, metasploit disabled, ARE enabled, https disabled)
• You're using the latest version of BeEF from the git repo.

If this is not what you're experiencing please create a new issue.

Moving on, your description indicates the web server is not starting properly (or is firewalled). This is bad, as both the Admin UI and JS hook are served from the web server.

Please try the following and let us know how it goes:

• Ensure you're using Ruby 2.x: ruby --version
• Check if the port is open: netstat -an | grep 3000
• Check if the port is accessible from a remote host: nc <BeEF> 3000 -v
• Check your firewall rules: iptables -L
• Try enabling debugging and web server debugging and see if you get any clues in the debugging output. (set beef.debug: true and beef.http.debug: true in config.yaml)
• gem update bundler to ensure you're using the latest version of bundler.
• Make sure you have node and npm installed and have run bundle install
• Try running ./beef -x (note: this will clear the database).

BeEF is working fine for me on Fedora 19 and Kali 1.0.6 and 2016.1 with various versions of Ruby. I had to install rbenv on Kali 2016.1 to manage Ruby versions as the default Ruby install was causing me issues with several tools (BeEF, metasploit, bettercap, etc...)

[bcoles]

@ryeacierto @gitman99 @mcnightstricker Looks like this might be an issue with the DNS extension as per #1249. Likely related to the version of the rubydns gem.

Can you try disabling the DNS extension in /etc/beef-xss/config.yaml by setting beef.extension.dns.enabled: false and let us know how it goes?

[ziflar]

yes the problem appears when ruby is updated to the 2.3.0 version
for the first installation of kali rolling, I proceeded as follows::
BEFORE DOING an apt-update,apt-upgrade,apt dist-upgrade.!!!!!!

                 echo " ruby hold" | dpkg --set-selections
                 echo " ruby2.2 hold" | dpkg --set-selections
                 echo " ruby2.2-dev:amd64 hold" | dpkg --set-selections
                 apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y

I just block the ruby updating and it works fine

[gitman99]

my sata cable, i'll try this when i get my laptop fixed
tnx for the replays

[unknownvision]

Hey, I'm new to Kali linux.
Any help will be much appreciated.

I'm running Kali on VirtualBox, and I'm running into the same issue.
When ever I open the URL/ Hook on the victim's computer I happen to get the same error.
It's not only with the BeEF, it's with other malicious URLs from Metasploit and Venom.

Thank you for your time. :)

[aditya324jhj]

Can you please help I cannot still fix it
I am using kali linux in windows using wsl2