github-actions[bot]
commented
1 year ago This issue as been marked as stale due to inactivity and will be closed in 7 days
Open bcoles opened 1 year ago
github-actions[bot]
commented
1 year ago This issue as been marked as stale due to inactivity and will be closed in 7 days
The "IP address has changed" functionality is dodgy. Worse, when
allow_reverse_proxyis used, theX-Forwarded-Forheader is trusted implicitly without validation.https://github.com/beefproject/beef/blob/943a6fd2266f2652e64885c499e8f8fb5735ac10/core/main/handlers/hookedbrowsers.rb#L93-L102
Here's an example someone provided, showing that the stored IP address contains two IP addresses separated by
,.It may also result in many "IP address has changed" events in load balanced environments. Although I'm not sure that this is avoidable.