Guides - Deploy BeEF through the Linode Marketplace
Quickly deploy a Compute Instance with many various software applications pre-installed and ready to use.
BeEF (The Browser Exploitation Framework) is a penetration testing tool that focuses on the web browser. BeEF offers an efficient and affective penetration test tool to assess the actual security posture of a target environment by using client-side attack vectors. BeEF looks beyond just the network perimeter and client system. It allows you to examine exploitability within the context of the web browser.
The Linode Marketplace allows you to easily deploy software on a Compute Instance using the Cloud Manager. See Get Started with Marketplace Apps for complete steps.
Log in to the Cloud Manager and select the Marketplace link from the left navigation menu. This displays the Linode Create page with the Marketplace tab pre-selected.
Under the Select App section, select the app you would like to deploy.
Complete the form by following the steps and advice within the Creating a Compute Instance guide. Depending on the Marketplace App you selected, there may be additional configuration options available. See the Configuration Options section below for compatible distributions, recommended plans, and any additional configuration options available for this Marketplace App.
Click the Create Linode button. Once the Compute Instance has been provisioned and has fully powered on, wait for the software installation to complete. If the instance is powered off or restarted before this time, the software installation will likely fail.
To verify that the app has been fully installed, see Get Started with Marketplace Apps > Verify Installation. Once installed, follow the instructions within the Getting Started After Deployment section to access the application and start using it.
- Supported distributions: Ubuntu 22.04 LTS
- Recommended plan: All plan types and sizes can be used.
- BeEF Password (required): Enter a strong password to use for the BeEF admin user.
- Email address (required): Enter the email address to use for generating the SSL certificates.
You can optionally fill out the following fields to automatically create a limited user for your new Compute Instance. This is recommended for most deployments as an additional security measure. This account will be assigned to the sudo group, which provides elevated permission when running commands with the
- Limited sudo user: Enter your preferred username for the limited user.
- Password for the limited user: Enter a strong password for the new user.
- SSH public key for the limited user: If you wish to login as the limited user through public key authentication (without entering a password), enter your public key here. See Creating an SSH Key Pair and Configuring Public Key Authentication on a Server for instructions on generating a key pair.
- Disable root access over SSH: To block the root user from logging in over SSH, select Yes (recommended). You can still switch to the root user once logged in and you can also log in as root through Lish.
If you wish to automatically configure a custom domain, you first need to configure your domain to use Linode’s name servers. This is typically accomplished directly through your registrar. See Use Linode’s Name Servers with Your Domain. Once that is finished, you can fill out the following fields for the Marketplace App:
- Linode API Token: If you wish to use the Linode’s DNS Manager to manage DNS records for your custom domain, create a Linode API Personal Access Token on your account with Read/Write access to Domains. If this is provided along with the subdomain and domain fields (outlined below), the installation attempts to create DNS records via the Linode API. See Get an API Access Token. If you do not provide this field, you need to manually configure your DNS records through your DNS provider and point them to the IP address of the new instance.
- Subdomain: The subdomain you wish to use, such as www for
- Domain: The domain name you wish to use, such as example.com.
") within any of the App-specific configuration fields, including user and database password fields. This special character may cause issues during deployment.
Once the app has been fully deployed, view the BeEF completion message through one of the methods below:
Lish Console: Within the Cloud Manager, navigate to Linodes from the left menu, select the Compute Instance you just deployed, and click the Launch LISH Console button. See Using the Lish Console.
SSH: Log in to your Compute Instance over SSH using the
rootuser and run the following command. See Connecting to a Remote Server Over SSH for assistance.
The completion message contains the Endpoint URL, as shown in the example below.
############################## # BEEF INSTALLATION COMPLETE # ############################## Endpoint: https://192-0-2-1.ip.linodeusercontent.com:3000/ui/panel Credentials can be found here: /home/beef/config.yaml Happy hunting!
Navigate to this URL in a web browser to display the login prompt.
beefas the username and use the password you entered into the BeEF Password field when you created the Instance.
If you forget this password, run the following command when logged in through Lish or SSH:
Scroll down until you see the credentials section with the user and passwd parameters as shown in the example output below:
# Credentials to authenticate in BeEF. # Used by both the RESTful API and the Admin interface credentials: user: "beef" passwd: "T$a%T1O*&2kP"
Now that you’ve accessed your BeEF instance, check out the official BeEF documentation to learn how to further utilize your BeEF instance.
You may wish to consult the following resources for additional information on this topic. While these are provided in the hope that they will be useful, please note that we cannot vouch for the accuracy or timeliness of externally hosted materials.
This page was originally published on