I have used a VM on Microsoft Azure and have set up my beef hook and the UI panel by editing the “config.yaml” located inside Beef folder. I have added a public IP and Port so that I can access my Beef Setup from any device . The OS of my Vm is Debian 11
Basically I have everything setup, it’s working perfectly I just wanted to know if there is any way to get SSL certificate for my hook so that the victim’s browser finds it to be secure. I also tried editing the “config.yaml” such a way that the Beef setup runs on https but since there is no SSL certificate it throws error while running Beef.
Is ther any way I can have the SSL certifciate without using anything rather than configuring my Azure VM to have the SSL certificate on the public IP?
Or do I just have to host my Beef Hook and get SSL from the host?
Linode ( a cloud hosting company) makes it really easy to setup the Beef but unfortunately I don’t have access to it.
maybe this would help….
Alternatively, you could put BeEF behind a reverse proxy which uses a trusted certificate.
If you can intercept and modify HTTPS traffic with bettercap, then you can inject a
<script>
tag with the hook. You’ll still run into the same issue that the BeEF certificate is not trusted.You could also downgrade every connection from HTTPS to HTTP. This way, both the hooked page and the BeEF hook would be hosted on HTTP.
#copied_answer
source::
https://issueantenna.com/repo/beefproject/beef/issues/2126
I was looking for a way to get the SSL through Azure itself by letting the Public IP run on https. Thanks for clearing my doubt, now I can just paste my hook inside a html file which is hosted on a SSL certified domain?