Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
beefproject
GitHub Repository: beefproject/beef
 Path: blob/master/extensions/admin_ui/controllers/authentication/authentication.rb
1154 views
1
#

2
# Copyright (c) 2006-2025 Wade Alcorn - [email protected]

3
# Browser Exploitation Framework (BeEF) - https://beefproject.com

4
# See the file 'doc/COPYING' for copying permission

5
#

6
module BeEF

7
  module Extension

8
    module AdminUI

9
      module Controllers

10
        #

11
        # The authentication web page for BeEF.

12
        #

13
        class Authentication < BeEF::Extension::AdminUI::HttpController

14
          #

15
          # Constructor

16
          #

17
          def initialize

18
            super({

19
              'paths' => {

20
                '/' => method(:index),

21
                '/login' => method(:login),

22
                '/logout' => method(:logout)

23
              }

24
            })

25


26
            @session = BeEF::Extension::AdminUI::Session.instance

27
          end

28


29
          # Function managing the index web page

30
          def index

31
            @headers['Content-Type'] = 'text/html; charset=UTF-8'

32
            @headers['X-Frame-Options'] = 'sameorigin'

33
          end

34


35
          #

36
          # Function managing the login

37
          #

38
          def login

39
            username = @params['username-cfrm'] || ''

40
            password = @params['password-cfrm'] || ''

41
            @headers['Content-Type'] = 'application/json; charset=UTF-8'

42
            @headers['X-Frame-Options'] = 'sameorigin'

43
            @body = { success: false }.to_json

44


45
            config = BeEF::Core::Configuration.instance

46
            ua_ip = config.get('beef.http.allow_reverse_proxy') ? @request.ip : @request.get_header('REMOTE_ADDR')

47


48
            # check if source IP address is permitted to authenticate

49
            unless permitted_source?(ua_ip)

50
              BeEF::Core::Logger.instance.register('Authentication', "IP source address (#{ua_ip}) attempted to authenticate but is not within permitted subnet.")

51
              return

52
            end

53


54
            # check if under brute force attack

55
            return unless BeEF::Core::Rest.timeout?('beef.extension.admin_ui.login_fail_delay',

56
                                                    @session.get_auth_timestamp,

57
                                                    ->(time) { @session.set_auth_timestamp(time) })

58


59
            # check username and password

60
            unless username.eql?(config.get('beef.credentials.user')) && password.eql?(config.get('beef.credentials.passwd'))

61
              BeEF::Core::Logger.instance.register('Authentication', "User with ip #{ua_ip} has failed to authenticate in the application.")

62
              return

63
            end

64


65
            # establish an authenticated session

66
            @session.set_logged_in(ua_ip)

67
            session_cookie_name = config.get('beef.extension.admin_ui.session_cookie_name') # get session cookie name

68
            Rack::Utils.set_cookie_header!(@headers, session_cookie_name, { value: @session.get_id, path: '/', httponly: true })

69


70
            BeEF::Core::Logger.instance.register('Authentication', "User with ip #{ua_ip} has successfully authenticated in the application.")

71
            @body = { success: true }.to_json

72
          end

73


74
          #

75
          # Function managing the logout

76
          #

77
          def logout

78
            @body = { success: true }.to_json

79


80
            unless @session.valid_nonce?(@request)

81
              print_error 'invalid nonce'

82
              return

83
            end

84


85
            unless @session.valid_session?(@request)

86
              print_error 'invalid session'

87
              return

88
            end

89


90
            @headers['Content-Type'] = 'application/json; charset=UTF-8'

91
            @headers['X-Frame-Options'] = 'sameorigin'

92


93
            # set the session to be log out

94
            @session.set_logged_out

95


96
            # clean up UA and expire the session cookie

97
            config = BeEF::Core::Configuration.instance

98
            session_cookie_name = config.get('beef.extension.admin_ui.session_cookie_name') # get session cookie name

99
            Rack::Utils.set_cookie_header!(@headers, session_cookie_name, { value: '', path: '/', httponly: true, expires: Time.now })

100


101
            ua_ip = config.get('beef.http.allow_reverse_proxy') ? @request.ip : @request.get_header('REMOTE_ADDR')

102
            BeEF::Core::Logger.instance.register('Authentication', "User with ip #{ua_ip} has successfully logged out.")

103
          end

104


105
          #

106
          # Check the UI browser source IP is within the permitted subnet

107
          #

108
          def permitted_source?(ip)

109
            return false unless BeEF::Filters.is_valid_ip?(ip)

110


111
            permitted_ui_subnet = BeEF::Core::Configuration.instance.get('beef.restrictions.permitted_ui_subnet')

112
            return false if permitted_ui_subnet.nil?

113
            return false if permitted_ui_subnet.empty?

114


115
            permitted_ui_subnet.each do |subnet|

116
              return true if IPAddr.new(subnet).include?(ip)

117
            end

118


119
            false

120
          end

121
        end

122
      end

123
    end

124
  end

125
end

126


127