search

e-m-b-a / embark

EMBArk - The firmware security scanning environment
https://www.securefirmware.de
MIT License
319 stars 46 forks source link

Cannot register user. No access to webapp #15

Closed muddydev closed 2 years ago

muddydev commented 2 years ago

Problem accessing EMBark. Cannot register user

Curl user data is invalid OR Web app form "Something went wrong when signing up the user."

Authentication Before accessing EMBArk you need to register yourself with username and password:

Option 1: curl -XPOST 'http://0.0.0.0:80/signup' -d '{"email": "test@gmail.com", "password": "test", "confirm_password": "test"}'

└──╼ $curl -XPOST 'http://127.0.0.1:80/signup' -d '{"email": "test@gmail.com", "password": "test", "confirm_password": "test"}'

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="utf-8"/>
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"/>

    <link rel="icon" type="image/png" href="/static/content/images/favicon.png"/>

    <title>EMBArk register</title>

    <!-- jQuery-confirm style sheet -->
    <link rel="stylesheet" href="/static/external/css/confirm.css"/>

    <!-- Bootstrap and jquery-confirm style sheet -->
    <link rel="stylesheet" href="/static/external/css/bootstrap.css"/>

    <!--DataTables style sheets-->
    <link rel="stylesheet" type="text/css" href="/static/external/css/datatable.css"/>

    <!-- Style sheets-->
    <link rel="stylesheet" type="text/css" href="/static/content/css/globalStyle.css"/>
    <link rel="stylesheet" type="text/css" href="/static/content/css/login.css"/>

    <!-- jQuery script -->
    <script type="text/javascript" src="/static/external/scripts/jquery.js"></script>

    <!-- jQuery confirm script -->
    <script type="text/javascript" src="/static/external/scripts/confirm.js"></script>

    <!-- Bootstrap script -->
    <script type="text/javascript" src="/static/external/scripts/bootstrap.js"></script>

    <!--DataTables script-->
    <script type="text/javascript" src="/static/external/scripts/datatable.js"></script>

    <!-- Charts script -->
    <script type="text/javascript" src="/static/external/scripts/charts.js"></script>

    <!-- local Javascript files-->
    <script type="text/javascript" src="/static/scripts/main.js"></script>
    <script type="text/javascript" src="/static/scripts/alertBox.js"></script>

</head>
<body>
    <div class="container-fluid">

        <!--Main container-->
        <div class="main">

    <div class="login-form-container">

        <div class="alert alert-danger alert-dismissible fade show" role="alert">
            <medium>User data is invalid.</medium>
        </div>

        <div id="embarkLogo"><img src="/static/content/images/embark_logo.svg" alt="EMBArk logo graphic" height="auto" width="auto"/></div>
        <div class="login">
            <form action="/signup" class="login-form" method="POST" novalidate>
            <h2 class="title">Register</h2>
            <div class="input-field" data-error="Username is required">
                <svg viewBox="0 -2 25 25" xmlns="http://www.w3.org/2000/svg"><path d="m7.5.5c1.65685425 0 3 1.34314575 3 3v2c0 1.65685425-1.34314575 3-3 3s-3-1.34314575-3-3v-2c0-1.65685425 1.34314575-3 3-3zm7 14v-.7281753c0-3.1864098-3.6862915-5.2718247-7-5.2718247s-7 2.0854149-7 5.2718247v.7281753c0 .5522847.44771525 1 1 1h12c.5522847 0 1-.4477153 1-1z" fill="none" stroke="#000" stroke-linecap="round" stroke-linejoin="round" transform="translate(3 2)"/></svg>
                <input type="text" placeholder="Username" name="username" required/>
            </div>
            <div class="input-field">
                <svg viewBox="0 -2 25 25" xmlns="http://www.w3.org/2000/svg"><g fill="none" fill-rule="evenodd" transform="translate(4 1)"><path d="m2.5 8.5-.00586729-1.99475098c-.00728549-4.00349935 1.32800361-6.00524902 4.00586729-6.00524902s4.0112203 2.00174967 4.0000699 6.00524902v1.99475098m-8.0000699 0h8.0225317c1.0543618 0 1.9181652.81587779 1.9945143 1.8507377l.0054778.1548972-.0169048 6c-.0031058 1.1023652-.8976224 1.9943651-1.999992 1.9943651h-8.005627c-1.1045695 0-2-.8954305-2-2v-6c0-1.1045695.8954305-2 2-2z" stroke="#000" stroke-linecap="round" stroke-linejoin="round"/><circle cx="6.5" cy="13.5" fill="#000" r="1.5"/></g></svg>
                <input type="password" placeholder="Password" name="password" required/>
            </div>
            <div class="input-field">
                <svg viewBox="0 -2 25 25" xmlns="http://www.w3.org/2000/svg"><g fill="none" fill-rule="evenodd" transform="translate(4 1)"><path d="m2.5 8.5-.00586729-1.99475098c-.00728549-4.00349935 1.32800361-6.00524902 4.00586729-6.00524902s4.0112203 2.00174967 4.0000699 6.00524902v1.99475098m-8.0000699 0h8.0225317c1.0543618 0 1.9181652.81587779 1.9945143 1.8507377l.0054778.1548972-.0169048 6c-.0031058 1.1023652-.8976224 1.9943651-1.999992 1.9943651h-8.005627c-1.1045695 0-2-.8954305-2-2v-6c0-1.1045695.8954305-2 2-2z" stroke="#000" stroke-linecap="round" stroke-linejoin="round"/><circle cx="6.5" cy="13.5" fill="#000" r="1.5"/></g></svg>
                <input type="password" placeholder="Confirm password" name="confirm_password" required/>
            </div>
            <input id="loginButton" type="submit" class="solid btn-login" value="Register" />
            </form>
        </div>
        <div id="login_footer">
            <a href="/">
                <input class="solid btn-login" type="submit" value="Back" />
            </a>
        </div>
    </div>

        </div>
    </div>

</body>
</html>
m-1-k-3 commented 2 years ago

Are you able to reach the web interface via your browser? There is also the manual registration area. Could you try this please. Additionally we need the logs ./embark/logs/* during registration. Can you also check your installation output regarding errors and post them in here please.

muddydev commented 2 years ago

Yes the web interface is working fine (well its visible and the login functions appear but the functionality looks to be missing). I have also tried manual user registration through the web interface and received "Something went wrong when signing up the user." in a banner

Here are logs whilst logging in.

tail -f web.log
django.db.utils.ProgrammingError: (1146, "Table 'embark.users_user' doesn't exist")
2021-11-11 18:59:42 web          DEBUG    <QueryDict: {'username': ['m-1-k-3@git.com'], 'password': ['password'], 'confirm_password': ['password']}>
2021-11-11 18:59:42 web          DEBUG    {'username': 'm-1-k-3@git.com', 'password': 'password', 'confirm_password': 'password'}
2021-11-11 18:59:42 web          DEBUG    Passwords match. Creating user
2021-11-11 18:59:42 web          ERROR    Wide exception in Signup: (1146, "Table 'embark.users_user' doesn't exist")
Traceback (most recent call last):
  File "/root/.local/lib/python3.9/site-packages/django/db/backends/utils.py", line 84, in _execute
    return self.cursor.execute(sql, params)
  File "/root/.local/lib/python3.9/site-packages/django/db/backends/mysql/base.py", line 73, in execute
    return self.cursor.execute(query, args)
  File "/root/.local/lib/python3.9/site-packages/MySQLdb/cursors.py", line 206, in execute
    res = self._query(query)
  File "/root/.local/lib/python3.9/site-packages/MySQLdb/cursors.py", line 319, in _query
    db.query(q)
  File "/root/.local/lib/python3.9/site-packages/MySQLdb/connections.py", line 259, in query
    _mysql.connection.query(self, query)
MySQLdb._exceptions.ProgrammingError: (1146, "Table 'embark.users_user' doesn't exist")

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "/app/embark/./users/views.py", line 69, in signup
    user = User.objects.create(username=username)
  File "/root/.local/lib/python3.9/site-packages/django/db/models/manager.py", line 85, in manager_method
    return getattr(self.get_queryset(), name)(*args, **kwargs)
  File "/root/.local/lib/python3.9/site-packages/django/db/models/query.py", line 453, in create
    obj.save(force_insert=True, using=self.db)
  File "/root/.local/lib/python3.9/site-packages/django/contrib/auth/base_user.py", line 67, in save
    super().save(*args, **kwargs)
  File "/root/.local/lib/python3.9/site-packages/django/db/models/base.py", line 726, in save
    self.save_base(using=using, force_insert=force_insert,
  File "/root/.local/lib/python3.9/site-packages/django/db/models/base.py", line 763, in save_base
    updated = self._save_table(
  File "/root/.local/lib/python3.9/site-packages/django/db/models/base.py", line 868, in _save_table
    results = self._do_insert(cls._base_manager, using, fields, returning_fields, raw)
  File "/root/.local/lib/python3.9/site-packages/django/db/models/base.py", line 906, in _do_insert
    return manager._insert(
  File "/root/.local/lib/python3.9/site-packages/django/db/models/manager.py", line 85, in manager_method
    return getattr(self.get_queryset(), name)(*args, **kwargs)
  File "/root/.local/lib/python3.9/site-packages/django/db/models/query.py", line 1270, in _insert
    return query.get_compiler(using=using).execute_sql(returning_fields)
  File "/root/.local/lib/python3.9/site-packages/django/db/models/sql/compiler.py", line 1416, in execute_sql
    cursor.execute(sql, params)
  File "/root/.local/lib/python3.9/site-packages/django/db/backends/utils.py", line 98, in execute
    return super().execute(sql, params)
  File "/root/.local/lib/python3.9/site-packages/django/db/backends/utils.py", line 66, in execute
    return self._execute_with_wrappers(sql, params, many=False, executor=self._execute)
  File "/root/.local/lib/python3.9/site-packages/django/db/backends/utils.py", line 75, in _execute_with_wrappers
    return executor(sql, params, many, context)
  File "/root/.local/lib/python3.9/site-packages/django/db/backends/utils.py", line 84, in _execute
    return self.cursor.execute(sql, params)
  File "/root/.local/lib/python3.9/site-packages/django/db/utils.py", line 90, in __exit__
    raise dj_exc_value.with_traceback(traceback) from exc_value
  File "/root/.local/lib/python3.9/site-packages/django/db/backends/utils.py", line 84, in _execute
    return self.cursor.execute(sql, params)
  File "/root/.local/lib/python3.9/site-packages/django/db/backends/mysql/base.py", line 73, in execute
    return self.cursor.execute(query, args)
  File "/root/.local/lib/python3.9/site-packages/MySQLdb/cursors.py", line 206, in execute
    res = self._query(query)
  File "/root/.local/lib/python3.9/site-packages/MySQLdb/cursors.py", line 319, in _query
    db.query(q)
  File "/root/.local/lib/python3.9/site-packages/MySQLdb/connections.py", line 259, in query
    _mysql.connection.query(self, query)
django.db.utils.ProgrammingError: (1146, "Table 'embark.users_user' doesn't exist")

$sudo tail -f uwsgi.log
[pid: 38|app: 0|req: 92/168] 10.64.29.150 () {48 vars in 1075 bytes} [Thu Nov 11 19:04:45 2021] POST /signup => generated 4869 bytes in 10 msecs (HTTP/1.1 200) 5 headers in 167 bytes (1 switches on core 7)

All other logs in /opt/embark/embark/logs do not have any additional info when logging in.

I have checked all the containers are running ok with portainer. They are

Can you also check your installation output regarding errors and post them in here please. I don't know where to find those. Apologies

m-1-k-3 commented 2 years ago

Something went wrong during installation and/or migration: django.db.utils.ProgrammingError: (1146, "Table 'embark.users_user' doesn't exist")

You can try to restart EMBArk with: docker-compose restart embark With this the migration process should also be executed and hopefully your database is generated.

Currently there are no installation logs in a file, only on the terminal. If restarting the docker environment does not help I suggest to do a full reinstall (./installer.sh -r) and check the output on your terminal for errors. Especially if there are issues with disk space during building of the environment. Currently we need a lot of disk space.

muddydev commented 2 years ago

docker-compose restart embark_embark_1 This worked ^

I can now register users and login to the application. FYI I installed this on the latest KALI and the latest ParrotOS and it failed on both. The version I have working now is on the latest Parrot.

I'm guessing the containers booted in the wrong order?

I do actually have the installation still running in a screen. ill output the terminal session to a txt

m-1-k-3 commented 2 years ago

Great that it is now working!

Today I had also some issues with the newest Kali Linux and some installations around EMBA. After finishing the work on EMBA I will do a full rebuild this weekend to get a better overview of this issue on EMBArk.

m-1-k-3 commented 2 years ago

With the latest updates from the EMBA installer it should install without issues.

Thanks for using EMBArk.

p4cx commented 2 years ago

I ran the installer with the latest changes and now it works perfectly.