HOOKIN' AIN'T EASY: BEEF INJECTION WITH MITM presented at BlackHat USA 2012

by Ryan Linn, Steve Ocepek,

Tags: Exploitation Browser Man-in-the-middle

Summary : Kiddies gotta make the money, and it don\'t come easy when those mean users don\'t click our links. And if there aren\'t any ports open, what\'s a PenTest John to do?? If you are curious about hooking browsers without yucky social engineering or XSS, getting the goods through proxy hosts, or even if you\'re just BeEF-curious, this is the one you\'ve been waiting for.
This talk is about, that\'s right, BEEF INJECTION: a completely unabashed love story between MITM and the BeEF Framework. Through demos and new code, we\'ll show you how to hook up with browsers using old pickup lines like ARP Poisoning and Karma Attacks, and once you get their digits, we\'ll even show you how to maintain that relationship, and use it to get even more connections you never dreamed of. Featuring in-depth BeEF tips by Ryan Linn, author of "Coding for Penetration Testers", and Steve Ocepek, creator of thicknet and the seminal favorite, "How to Get a Date Using Unshielded Twisted Pair and a Hot Glue Gun", you too can get in on the Pro Tips and up your IEEE 802 dating game.