Now lets look at another example on hooking people to the BeEF when they exist outside our network. So again, we're going to have the example against the same Windows machine that's in a completely different network, and we'll see how we can hook that machine to the BeEF. We're going to start the BeEF browser with just one click on the BeEF framework icon. We will go to log in with the username beef, and password is beef as well. Now, we're going to use the same basic hook method that we did before in Chapter 13, Client-Side Attacks - Social Engineering, so in that method we need to get the script code, and we did this before - it has the same procedure, and we placed the script in our Apache web server, we placed it in an HTML page, which was in the Apache web home /var/www/html directory. We are going to open the index.html file and then open the text editor, and paste the code inside index.html, which we got from the BeEF Terminal. The only thing that we want to change all instances where we used to use our normal IP with our external IP so that people, when they try to connect, they'll actually be able to find our computer, because if we use the internal IP they won't be able to connect. We are going to use the IP that we saw on Google when we typed in whats my IP, and save the file.
Once we have done that we need to enable port 3000, which is the port that the BeEF works on. We need to tell the router, again in the IP forwarding settings, to forward any requests that we get on port 3000 to our Kali machine, which is at 192.168.0.11. Now, go to the Windows machine and we're going to go to our website, which is basically the external IP of our Kali machine. This will run index.html automatically, and we should be hooked to the BeEF as soon as we browse to the IP. As we can see in the following screenshot, we have got a Windows machine hooked and it's using Firefox 5.0, and now we can run all the commands that the BeEF allows us to run:
Now, let's just throw an alert and see if it works. As we can see in the following screenshot, it just says BeEF Alert Dialog:
We're just going to execute it to make sure that everything is working properly. As we can see in the following screenshot that we are hooked to a machine that exists in a completely different network:
Again all we have to do is use the external IP address. Whenever we are sending it outside the network, use the IP that we see when we type in what's our IP on Google. When we are on our own machine, use the local IP and make sure we configure the router to redirect the port that we are listening on to the Kali machine, to the IP address, and to the private IP address of the Kali machine.
As an alternative to using IP forwarding, we can set the Kali machine as a DMZ host. Now, not all routers support DMZ, that's why we didn't show it from the start; but if it supports it, we can use it. What DMZ does is it's basically IP forwarding, but it forwards all ports. So, if we put the IP address of the Kali machine in here, the router is going to get a request for any port, it'll forward that request to the Kali machine, regardless of what port it is. Therefore with port forwarding, we actually select which ports we want to forward to Kali; with DMZ, it will forward all the ports to the IP that we put in here. Now and again, both of these methods can be used to allow devices on different networks to access our computer, so we can receive connections, we can allow them to access a website if we are hosting a website on our web server, we can allow them to access fake websites, and we can allow them to access the BeEF, the hook, or anything where we are listening on a port we can use this method to allow people to access it if the people exist on a completely different network than our own network.