Add ability to specify the bind IP for RESTful API

empire

@@ -162,14 +162,15 @@ class MyJsonEncoder(JSONEncoder):
 #
 ####################################################################
 
-def start_restful_api(empireMenu: MainMenu, suppress=False, headless=False, username=None, password=None, port=1337):
+def start_restful_api(empireMenu: MainMenu, suppress=False, headless=False, username=None, password=None, ip='0.0.0.0', port=1337):
     """
     Kick off the RESTful API with the given parameters.
 
     empireMenu  -   Main empire menu object
     suppress    -   suppress most console output
     username    -   optional username to use for the API, otherwise pulls from the empire.db config
     password    -   optional password to use for the API, otherwise pulls from the empire.db config
+    ip          -   ip to bind the API to, defaults to 0.0.0.0
     port        -   port to start the API on, defaults to 1337 ;)
     """
     app = Flask(__name__)
@@ -187,7 +188,7 @@ def start_restful_api(empireMenu: MainMenu, suppress=False, headless=False, user
         main.users.update_password(1, password[0])
 
     print('')
-    print(" * Starting Empire RESTful API on port: %s" % (port))
+    print(" * Starting Empire RESTful API on %s:%s" % (ip, port))
 
     oldStdout = sys.stdout
     if suppress:
@@ -1678,7 +1679,7 @@ def start_restful_api(empireMenu: MainMenu, suppress=False, headless=False, user
 
     context = ssl.SSLContext(proto)
     context.load_cert_chain("%s/empire-chain.pem" % (certPath), "%s/empire-priv.key" % (certPath))
-    app.run(host='0.0.0.0', port=int(port), ssl_context=context, threaded=True)
+    app.run(host=ip, port=int(port), ssl_context=context, threaded=True)
 
 
 def start_sockets(empire_menu: MainMenu, port: int = 5000, suppress: bool = False):
@@ -1787,7 +1788,7 @@ def start_sockets(empire_menu: MainMenu, port: int = 5000, suppress: bool = Fals
     proto = ssl.PROTOCOL_TLS
     context = ssl.SSLContext(proto)
     context.load_cert_chain("{}/empire-chain.pem".format(cert_path), "{}/empire-priv.key".format(cert_path))
-    socketio.run(app, host='0.0.0.0', port=port, ssl_context=context)
+    socketio.run(app, host=ip, port=port, ssl_context=context)
 
 
 if __name__ == '__main__':
@@ -1799,6 +1800,11 @@ if __name__ == '__main__':
     else:
         args.restport = args.restport[0]
 
+    if not args.restip:
+        args.restip = '0.0.0.0'
+    else:
+        args.restip = args.restip[0]
+
     if not args.socketport:
         args.socketport = '5000'
     else:
@@ -1859,8 +1865,7 @@ if __name__ == '__main__':
         def thread_api(empireMenu):
 
             try:
-                start_restful_api(empireMenu=empireMenu, suppress=False, username=args.username, password=args.password,
-                                  port=args.restport)
+                start_restful_api(empireMenu=empireMenu, suppress=False, username=args.username, password=args.password, ip=args.restip, port=args.restport)
             except SystemExit as e:
                 pass
 
@@ -1890,7 +1895,7 @@ if __name__ == '__main__':
         def thread_api(empireMenu):
 
             try:
-                start_restful_api(empireMenu=empireMenu, suppress=True, username=args.username, password=args.password,
+                start_restful_api(empireMenu=empireMenu, suppress=True, username=args.username, password=args.password, ip=args.restip,
                                   port=args.restport)
             except SystemExit as e:
                 pass