INTERVIEW: Inter-protocol exploitation with BeEF creator Wade Alcorn

Where's the BeEF, chief?
16 May 2011 » Risky Business Extra, AusCERT

In this interview we're chatting with Wade Alcorn. By day he's NGS Security's general manager for Asia Pacific, but by night he's out there maintaining BeEF -- the browser exploitation framework.

If you haven't heard of beef it's a very cool tool. If you can get someone to load it into your browser, either by them visiting a site you control directly, or alternatively through some sort of cross site scripting bug, then you can get the browser to do all sorts of stuff for you -- like portscan the victim's LAN, attack JBOss servers and stuff like that.

I caught up with Wade and asked him to tell us all about BeEF and what's the latest. With beef. Here's the beef.