How config HTTPS ports? Beef config payload urls which doesn't work.

[veronicanike]

I use latest beef version 0.5.4.0 in docker, made with Dockerfile. Why hook_session doesn't work on 443 port by https. I have ssl cert and don't understand how it's work. I'm trying different options.

Case 1:

config.yaml

    http:
        debug: true #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
        host: "0.0.0.0"
        port: "3000"

        public:
            host: "my-domain.com" # public hostname/IP address
            port: "443" # public port (443 if the public server is using HTTPS)
            https: true # true/false

        https:
            enable: true
            # In production environments, be sure to use a valid certificate signed for the value
            # used in beef.http.public (the domain name of the server where you run BeEF)
            key: "privkey.txt"
            cert: "my-domain.crt"

payload : https://my-domain.com:3000/hook.js

Beef config payload by pass "my-domain.com:443/hook.js" but it's not correct and doesn't work. If I make payloads "my-domain.com:3000/hook.js" then Firefox download hook.js but doesn't establishment session.

---

Case 2:

config.yaml

    http:
        debug: true #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
        host: "0.0.0.0"
        port: "443"

        public:
            host: "my-domain.com" # public hostname/IP address
            port: "443" # public port (443 if the public server is using HTTPS)
            https: true # true/false

        https:
            enable: true
            # In production environments, be sure to use a valid certificate signed for the value
            # used in beef.http.public (the domain name of the server where you run BeEF)
            key: "privkey.txt"
            cert: "my-domain.crt"

payload : https://my-domain.com:443/hook.js

If beef.http.port == 443 -> beef doesn't work, doesn't matter which port in beef.http.public,port. Always the same errors.

---

Case 3:

config.yaml
    http:
        debug: true #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
        host: "0.0.0.0"
        port: "3000"

        public:
            host: "my-domain.com" # public hostname/IP address
            port: "3000" # public port (443 if the public server is using HTTPS)
            https: true # true/false

        https:
            enable: true
            # In production environments, be sure to use a valid certificate signed for the value
            # used in beef.http.public (the domain name of the server where you run BeEF)
            key: "privkey.txt"
            cert: "my-domain.crt"

payload : https://my-domain.com:443/hook.js

Firefox download hook.js and establishment session but it's doesn't what I would like.
And one more thing, when I added domain name, "admin_ui" doesn't work by pass "my-domain.com:3000/ui/panel". I see "Internal server error" in my browser.

[bcoles]

And one more thing, when I added domain name, "admin_ui" doesn't work by pass "my-domain.com:3000/ui/panel". I see "Internal server error" in my browser.

Set allow_reverse_proxy: true if you're using a reverse proxy.

[veronicanike]

@bcoles
I don;t use reverse. The same errors if set allow_reverse_proxy: true

ERROR -- : Unexpected error while processing request: undefined method each' for nil:NilClass /usr/local/bundle/gems/rack-2.2.9/lib/rack/utils.rb:447:in initialize'
/usr/local/bundle/gems/rack-2.2.9/lib/rack/utils.rb:440:in new' /usr/local/bundle/gems/rack-2.2.9/lib/rack/utils.rb:440:in []'
/usr/local/bundle/gems/rack-2.2.9/lib/rack/common_logger.rb:39:in call' /usr/local/bundle/gems/sinatra-3.2.0/lib/sinatra/base.rb:261:in call'
/usr/local/bundle/gems/thin-1.8.2/lib/thin/connection.rb:86:in block in pre_process' /usr/local/bundle/gems/thin-1.8.2/lib/thin/connection.rb:84:in catch'
/usr/local/bundle/gems/thin-1.8.2/lib/thin/connection.rb:84:in pre_process' /usr/local/bundle/gems/thin-1.8.2/lib/thin/connection.rb:53:in process'
/usr/local/bundle/gems/thin-1.8.2/lib/thin/connection.rb:39:in receive_data' /usr/local/bundle/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in run_machine'
/usr/local/bundle/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in run' /usr/local/bundle/gems/thin-1.8.2/lib/thin/backends/base.rb:75:in start'
/usr/local/bundle/gems/thin-1.8.2/lib/thin/server.rb:162:in start' /beef/core/main/server.rb:156:in start'
/beef/beef:281:in `

'

[Sanz93]

But are you able to accest dashboard with beef when you made the changes with reverse proxy to open up with https? if yes, can you tell me how to do ? This is the 4th i install the beef program again without any sucess..

[github-actions]

This issue as been marked as stale due to inactivity and will be closed in 7 days

[Binkie86]

#`

Details

`