Inbox not working

[digininja]

The in app inbox isn't working. Mail is set up correctly and I can see mail landing in /var/spool/mail/fiercephish but nothing is showing in the inbox in the web app. Any ideas?

[Raikia]

This is done via a "cron" (subtask of the primary cron job running) running every minute. The cron executes:

 php /var/www/fiercephish/artisan fp:checkmail

You can try running that command on your own to see what the output is to see if there is an issue there. Aside from that, just ensure the main cron is setup properly (" * /usr/bin/env php /var/www/fiercephish/artisan schedule:run >> /dev/null 2>&1").

The subtask is spawned here: https://github.com/Raikia/FiercePhish/blob/master/app/Console/Kernel.php#L31

And the "check mail" code is here: https://github.com/Raikia/FiercePhish/blob/master/app/Console/Commands/CheckMail.php#L48

I do have better email handling in v2.0 though so this may get fixed with that? We'll see.

[digininja]

This probably explains why it is failing

root@phish:/var/www/fiercephish#  php /var/www/fiercephish/artisan fp:checkmail
Starting email fetch.
Running
Found 4 emails!

  [ErrorException]                           
  Undefined property: stdClass::$message_id  

PHP Fatal error:  Uncaught ErrorException: Unknown: SECURITY PROBLEM: insecure server advertised AUTH=PLAIN (errflg=1) in Unknown:0
Stack trace:
#0 [internal function]: Illuminate\Foundation\Bootstrap\HandleExceptions->handleError(8, 'Unknown: SECURI...', 'Unknown', 0, NULL)
#1 {main}
  thrown in Unknown on line 0
Segmentation fault (core dumped)

[digininja]

This is a stock install using the automated installer so I've not tweaked anything.

[Raikia]

Yeah, so I've seen this once before actually and its caused by an erroneous corrupt email header. I'll put more error checking in the code to fix it on a larger scale, but this is caused because php's imap module (which is horrifically terrible I might add) doesn't find the Message ID header for an email (which is a required header).

Then because the error codes aren't read from the php imap module , php segfaults because for some reason the imap module requires all errors to always be read otherwise it will segfault....lol (hence this: https://github.com/Raikia/FiercePhish/blob/master/app/Console/Commands/CheckMail.php#L110-L111 )

So yeah, the short-term solution for you is to do a "echo '' > /var/spool/mail/fiercephish" but it will remove the existing emails you have in there. The better solution is for me to just handle not finding a message id here: https://github.com/Raikia/FiercePhish/blob/master/app/Console/Commands/CheckMail.php#L77 . I will implement this fix shortly.

[digininja]

Still failing. I cleared it out then tried sending a mail to it through mail on the command line, it failed. I then cleared it and mailed it from Gmail and it still failed, slightly different error this time:

# php /var/www/fiercephish/artisan fp:checkmail
Starting email fetch.
Running
Found 0 emails!
PHP Fatal error:  Uncaught ErrorException: Unknown: SECURITY PROBLEM: insecure server advertised AUTH=PLAIN (errflg=1) in Unknown:0
Stack trace:
#0 [internal function]: Illuminate\Foundation\Bootstrap\HandleExceptions->handleError(8, 'Unknown: SECURI...', 'Unknown', 0, NULL)
#1 {main}
  thrown in Unknown on line 0
Segmentation fault (core dumped)

There are now two mails in the mail spool, both have the Message-ID field.

[Raikia]

Interesting.........that never used to be a fatal error. I wonder if php's imap module updated and now made that from a warning to a fatal error.

Great...

I'll do some research into it and figure it out. Sorry!

[digininja]

no problem, happy to keep retesting things, just tell me what you need

On Tue, 19 Jun 2018 at 16:54 Chris King notifications@github.com wrote:

Interesting.........that never used to be a fatal error. I wonder if php's imap module updated and now made that from a warning to a fatal error.

Great...

I'll do some research into it and figure it out. Sorry!

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Raikia/FiercePhish/issues/68#issuecomment-398450460, or mute the thread https://github.com/notifications/unsubscribe-auth/AAHJWYCeHvAShLHgqQhafFXqzoTTUkcJks5t-R61gaJpZM4UtuNH .

[wilsonfisk77]

Any update plz im facing the same issue.