I'm not sure if I discovered a possible bug. I already reported to Bettercap's staff on their Bettercap's Github but as you can see on that link, it seems the problem is not on Bettercap's side. Maybe is a BeEF bug or I am missing something... that's what I try to identify. Let's see if some experienced user can throw light on this.
The problem is long to explain, so I'll summarize it a lot and if you want all details (versions of operating systems, version of Bettercap and BeEF, etc), you can check the link I wrote down above.
The problem is I get an error trying to entering to the BeEF ui control panel: "ERROR: invalid username or password". At first sight you can think is a silly user/pass error but the user and password are ok (defaults beef/beef). The problem only happens if I activate the ui panel IP restriction and Bettercap.
There is an access restriction to BeEF ui control panel that can be done in BeEF config file. By default is: permitted_ui_subnet: "0.0.0.0/0" but I want to restrict it to permitted_ui_subnet: "127.0.0.1/32"
The BeEF config file is ok. If I launch it, it works, even with the ui panel IP restriction. As I said the problem only happens with Bettercap and activating the ui panel IP restriction. Some test results:
- Executing only BeEF without the ui panel restriction -> this is working fine
- Executing only BeEF with ui panel restriction -> this is working fine too
- Executing BeEF without ui panel restriction + Bettercap -> this is working fine
- Executing BeEF with ui panel restriction + Bettercap -> Error in login
"ERROR: invalid username or password"
It happens on different Linux, with different ruby versions, etc... even tested with default BeEF config only changing the ui panel IP restriction, so I think is not a BeEF config issue.
The questions are: Has somebody experienced something like this? Am I doing something wrong? If some user can test this, could be very nice! I mean Bettercap + BeEF with ui panel IP restriction activated and try to log with default credentials. Thank you.
EDIT I already opened an issue on BeEF's github. Will see what happens: https://github.com/beefproject/beef/issues/1337
EDIT2 The conflicting Bettercap part is the proxy. If I launch Bettercap withou proxy, there is no problem, but I don't understand why because I launch proxy for Bettercap on port 8080 and I looked for http requests on BeEF login and all shown are on port 3000 which is not related... and of course there is no iptables involved in the process, so it makes no sense... I tried to launch Bettercap's proxy in other port different than 8080. I tried using 26210 trying to avoid possible port conflict, but same unsuccessful result.
