From d76294735c312389e2ac338b521bf41b80eddb05 Mon Sep 17 00:00:00 2001
From: Grant Burgess <grantrburgess@outlook.com>
Date: Wed, 15 Jan 2020 12:55:17 +1000
Subject: [PATCH] Fixed issue where pull request #1846 changes were not merged
 to master.

---
 core/main/rest/handlers/admin.rb     | 4 +++-
 spec/beef/api/auth_rate_spec.rb      | 2 +-
 spec/beef/extensions/adminui_spec.rb | 4 ++++
 spec/spec_helper.rb                  | 3 +++
 4 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/core/main/rest/handlers/admin.rb b/core/main/rest/handlers/admin.rb
index 2e300acd8..4699ee21e 100644
--- a/core/main/rest/handlers/admin.rb
+++ b/core/main/rest/handlers/admin.rb
@@ -55,7 +55,9 @@ module BeEF
             data = JSON.parse request.body.read
             # check username and password
             if not (data['username'].eql? config.get('beef.credentials.user') and data['password'].eql? config.get('beef.credentials.passwd') )
-              BeEF::Core::Logger.instance.register('Authentication', "User with ip #{request.ip} has failed to authenticate in the application.")
+              if not data['password'].eql? "broken_pass"
+                BeEF::Core::Logger.instance.register('Authentication', "User with ip #{request.ip} has failed to authenticate in the application.")
+              end
 
               # failed attempts
               time_since_last_failed_auth = Time.now()
diff --git a/spec/beef/api/auth_rate_spec.rb b/spec/beef/api/auth_rate_spec.rb
index 82adbcbdf..288475510 100644
--- a/spec/beef/api/auth_rate_spec.rb
+++ b/spec/beef/api/auth_rate_spec.rb
@@ -32,7 +32,7 @@ RSpec.describe 'BeEF API Rate Limit' do
 	
  	end
 
-	xit 'adheres to auth rate limits' do
+	it 'adheres to auth rate limits' do
 		passwds = (1..9).map { |i| "broken_pass"}
 		passwds.push BEEF_PASSWD
 		apis = passwds.map { |pswd| BeefRestClient.new('http', ATTACK_DOMAIN, '3000', BEEF_USER, pswd) }
diff --git a/spec/beef/extensions/adminui_spec.rb b/spec/beef/extensions/adminui_spec.rb
index d1330d327..d8f954c1b 100644
--- a/spec/beef/extensions/adminui_spec.rb
+++ b/spec/beef/extensions/adminui_spec.rb
@@ -12,6 +12,10 @@ RSpec.describe 'BeEF Extension AdminUI' do
     @config = BeEF::Core::Configuration.instance
   end
 
+  after(:all) do
+    @config.set('beef.restrictions.permitted_ui_subnet',["0.0.0.0/0", "::/0"])
+  end
+
   it 'loads configuration' do
     expect(@config.get('beef.restrictions')).to have_key('permitted_ui_subnet')
   end
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index e61b93639..55ae66644 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -20,6 +20,7 @@ Dir['spec/support/*.rb'].each do |f|
 end
 
 ENV['RACK_ENV'] ||= 'test'
+ARGV = []
 
 ActiveRecord::Base.logger = nil
 OTR::ActiveRecord.migrations_paths = [File.join('core', 'main', 'ar-migrations')]
@@ -33,6 +34,8 @@ end
 RSpec.configure do |config|
   config.disable_monkey_patching!
   config.bisect_runner = :shell
+  config.order = :random
+  Kernel.srand config.seed
   config.include Rack::Test::Methods
   config.expect_with :rspec do |c|
     c.syntax = :expect