search

SecurityRiskAdvisors / VECTR

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios
1.34k stars 156 forks source link

Bug: Tomcat Server.xml Issue #258

Closed dylapp closed 3 months ago

dylapp commented 3 months ago

Describe the bug After docker-compose up for vectr 9.0, I can't hit the web server: there's an issue with the server.xml configuration file used by Tomcat within your Docker container. Specifically, the error points to a problem on line 57, column 39 of the server.xml file. The message "The reference to entity 'Rp' must end with the ';' delimiter" suggests that there's likely a syntax error in the XML, where an entity reference (something like &Rp) is not correctly terminated with a semicolon (;).

To Reproduce

  1. Followed migration tool and got successful migration per instructions here: https://github.com/SecurityRiskAdvisors/vectr-sql-migration/tree/main
  2. Followed migration steps here: https://docs.vectr.io/postgresmigration/
  3. Tried with and without migration sqldump file, same result

Expected behavior Met with console for 9.0

Screenshots logs below

User Platform(please complete the following information):

VECTR Host(please complete the following information):

Additional context 02-Apr-2024 18:29:07.255 SEVERE [main] org.apache.catalina.startup.Catalina.start Cannot start server, server instance is not configured vectr-tomcat_1 | RUNNING run-parts vectr-tomcat_1 | run-parts: executing /opt/vectr/release/scripts/docker-entrypoint.d/1_configure vectr-tomcat_1 | run-parts: executing /opt/vectr/release/scripts/docker-entrypoint.d/2_build_certs vectr-tomcat_1 | run-parts: executing /opt/vectr/release/scripts/docker-entrypoint.d/3_auth_setup vectr-tomcat_1 | Standard Commons Logging discovery in action with spring-jcl: please remove commons-logging.jar from classpath in order to avoid potential conflicts vectr-tomcat_1 | 2024-04-02 18:29:13,259 INFO [com.sra.vectr.auth.setup.ConsoleApplication] - Starting ConsoleApplication using Java 17.0.10 with PID 71 (/opt/vectr/release/scripts/shared/auth-setup-tool.jar started by vectr in /usr/local/tomcat) vectr-tomcat_1 | 2024-04-02 18:29:13,273 INFO [com.sra.vectr.auth.setup.ConsoleApplication] - No active profile set, falling back to 1 default profile: "default" vectr-tomcat_1 | 2024-04-02 18:29:15,292 INFO [com.sra.vectr.auth.setup.ConsoleApplication] - Started ConsoleApplication in 3.407 seconds (process running for 6.724) vectr-tomcat_1 | 2024-04-02 18:29:15,304 INFO [com.sra.vectr.auth.setup.ConsoleApplication$$SpringCGLIB$$0] - Configuring app data vectr-tomcat_1 | 2024-04-02 18:29:16,459 WARN [org.flywaydb.core.internal.command.DbMigrate] - Schema "auth" has a version (2.01) that is newer than the latest available migration (2.01) ! vectr-tomcat_1 | 2024-04-02 18:29:16,665 INFO [com.sra.vectr.auth.setup.ConsoleApplication$$SpringCGLIB$$0] - - Done vectr-tomcat_1 | 02-Apr-2024 18:29:17.076 WARNING [main] org.apache.catalina.startup.ClassLoaderFactory.validateFile Problem with directory [/usr/local/tomcat/shared/lib], exists: [false], isDirectory: [false], canRead: [false] vectr-tomcat_1 | 02-Apr-2024 18:29:17.084 WARNING [main] org.apache.catalina.startup.ClassLoaderFactory.validateFile Problem with directory [/usr/local/tomcat/shared/lib], exists: [false], isDirectory: [false], canRead: [false] vectr-tomcat_1 | 02-Apr-2024 18:29:17.374 SEVERE [main] org.apache.tomcat.util.digester.Digester.fatalError Parse fatal error at line [57] column [39] vectr-tomcat_1 | org.xml.sax.SAXParseException; systemId: file:/usr/local/tomcat/conf/server.xml; lineNumber: 57; columnNumber: 39; The reference to entity "Rp" must end with the ';' delimiter. vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(Unknown Source) vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(Unknown Source) vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(Unknown Source) vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(Unknown Source) vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(Unknown Source) vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.impl.XMLScanner.scanAttributeValue(Unknown Source) vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanAttribute(Unknown Source) vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanStartElement(Unknown Source) vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(Unknown Source) vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(Unknown Source) vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source) vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source) vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source) vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(Unknown Source) vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(Unknown Source) vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown Source) vectr-tomcat_1 | at org.apache.tomcat.util.digester.Digester.parse(Digester.java:1522) vectr-tomcat_1 | at org.apache.catalina.startup.Catalina.parseServerXml(Catalina.java:603) vectr-tomcat_1 | at org.apache.catalina.startup.Catalina.load(Catalina.java:693) vectr-tomcat_1 | at org.apache.catalina.startup.Catalina.load(Catalina.java:731) vectr-tomcat_1 | at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) vectr-tomcat_1 | at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) vectr-tomcat_1 | at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) vectr-tomcat_1 | at java.base/java.lang.reflect.Method.invoke(Unknown Source) vectr-tomcat_1 | at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:302) vectr-tomcat_1 | at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:475) vectr-tomcat_1 | 02-Apr-2024 18:29:17.383 WARNING [main] org.apache.catalina.startup.Catalina.parseServerXml Unable to load server configuration from [/usr/local/tomcat/conf/server.xml] vectr-tomcat_1 | org.xml.sax.SAXParseException; systemId: file:/usr/local/tomcat/conf/server.xml; lineNumber: 57; columnNumber: 39; The reference to entity "Rp" must end with the ';' delimiter. vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(Unknown Source) vectr-tomcat_1 | at java.xml/com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown Source) vectr-tomcat_1 | at org.apache.tomcat.util.digester.Digester.parse(Digester.java:1522) vectr-tomcat_1 | at org.apache.catalina.startup.Catalina.parseServerXml(Catalina.java:603) vectr-tomcat_1 | at org.apache.catalina.startup.Catalina.load(Catalina.java:693) vectr-tomcat_1 | at org.apache.catalina.startup.Catalina.load(Catalina.java:731) vectr-tomcat_1 | at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) vectr-tomcat_1 | at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) vectr-tomcat_1 | at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) vectr-tomcat_1 | at java.base/java.lang.reflect.Method.invoke(Unknown Source) vectr-tomcat_1 | at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:302) vectr-tomcat_1 | at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:475) vectr-tomcat_1 | 02-Apr-2024 18:29:17.388 SEVERE [main] org.apache.catalina.startup.Catalina.start Cannot start server, server instance is not configured vectr-tomcat_1 | RUNNING run-parts

thebleucheese commented 3 months ago

This looks like a non-escaped character issue. You may need to quote the value of your PostgreSQL password in your .env file if you are using docker compose v2 and are using special characters like "<" or ">". Alternatively, you could modify your db password to avoid those characters.

dylapp commented 3 months ago

Thanks, I tried both and upgraded docker compose ( I am now vesrion v2.12.2) This got rid of the original error and I can now hit the web server but a new error when bringing containers up:

caused by: org.postgresql.util.PSQLException: FATAL: password authentication failed for user "vectr" and a 404 with "Message The requested resource [/auth/login] is not available

Description The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.

I tried character variation of passwords in the .env file and double quote/single quote, etc no luck, any thoughts? Thanks for the help.

thebleucheese commented 3 months ago

Thanks, I tried both and upgraded docker compose ( I am now vesrion v2.12.2) This got rid of the original error and I can now hit the web server but a new error when bringing containers up:

caused by: org.postgresql.util.PSQLException: FATAL: password authentication failed for user "vectr" and a 404 with "Message The requested resource [/auth/login] is not available

Description The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.

I tried character variation of passwords in the .env file and double quote/single quote, etc no luck, any thoughts? Thanks for the help.

A couple things to try for further debugging:

  1. There could still be an issue reading the password. It might be worth temporarily trying an alphanumeric password to rule out the database container encoding or otherwise incorrectly reading special characters.
  2. It's possible the first attempt at loading with the password in the .env file not being read correctly caused a problem. You could destroy the container volumes to rule out complications from this (warning that this is destructive and will delete data on the instances, ... which shouldn't be a problem since you haven't been able to startup and login). docker-compose down -v from your VECTR directory with the docker-compose.yml file will bring down the containers and remove existing volumes. After this, you can try to start the containers.
dylapp commented 3 months ago

destroying the volumes did it, thanks for the help!