Error when accessing hashview, new install.

khatfull commented 4 years ago

Greetings,

Got a new installation setup, took a bit but finally got RVM and other pieces all working. Database setup went fine. Hashview starts apparently with no error.

But as soon as I hit the site:

00:35:59 web.1 | [2020-06-30 00:35:59] ERROR OpenSSL::SSL::SSLError: SSL_accept returned=1 errno=0 state=SSLv3 read client certificate A: sslv3 alert certificate unknown 00:35:59 web.1 | /usr/share/rvm/rubies/ruby-2.4.4/lib/ruby/2.4.0/webrick/server.rb:300:in accept' 00:35:59 web.1 | /usr/share/rvm/rubies/ruby-2.4.4/lib/ruby/2.4.0/webrick/server.rb:300:inblock (2 levels) in start_thread' 00:35:59 web.1 | /usr/share/rvm/rubies/ruby-2.4.4/lib/ruby/2.4.0/webrick/utils.rb:264:in timeout' 00:35:59 web.1 | /usr/share/rvm/rubies/ruby-2.4.4/lib/ruby/2.4.0/webrick/server.rb:298:inblock in start_thread' 00:35:59 web.1 | [2020-06-30 00:35:59] ERROR OpenSSL::SSL::SSLError: SSL_accept returned=1 errno=0 state=SSLv3 read client certificate A: sslv3 alert certificate unknown 00:35:59 web.1 | /usr/share/rvm/rubies/ruby-2.4.4/lib/ruby/2.4.0/webrick/server.rb:300:in accept' 00:35:59 web.1 | /usr/share/rvm/rubies/ruby-2.4.4/lib/ruby/2.4.0/webrick/server.rb:300:inblock (2 levels) in start_thread' 00:35:59 web.1 | /usr/share/rvm/rubies/ruby-2.4.4/lib/ruby/2.4.0/webrick/utils.rb:264:in timeout' 00:35:59 web.1 | /usr/share/rvm/rubies/ruby-2.4.4/lib/ruby/2.4.0/webrick/server.rb:298:inblock in start_thread' 00:35:59 web.1 | 2020-06-30 00:35:59 - Sequel::Error - can't express "66744a63f5cb1ccee4da76f0f75377dee1567324e9856f11f0739c2b258f576e" as a SQL literal: 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sequel-5.33.0/lib/sequel/dataset/sql.rb:1291:in literal_other_append' 00:35:59 web.1 | /home/<user>/.rvm/gems/ruby-2.4.4/gems/sequel-5.33.0/lib/sequel/dataset/sql.rb:111:inliteral_append' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sequel-5.33.0/lib/sequel/dataset/sql.rb:408:in complex_expression_sql_append' 00:35:59 web.1 | /home/<user>/.rvm/gems/ruby-2.4.4/gems/sequel-5.33.0/lib/sequel/adapters/shared/mysql.rb:652:incomplex_expression_sql_append' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sequel-5.33.0/lib/sequel/model/associations.rb:2855:in complex_expression_sql_append' 00:35:59 web.1 | /home/<user>/.rvm/gems/ruby-2.4.4/gems/sequel-5.33.0/lib/sequel/sql.rb:112:into_s_append' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sequel-5.33.0/lib/sequel/dataset/sql.rb:1249:in literal_expression_append' 00:35:59 web.1 | /home/<user>/.rvm/gems/ruby-2.4.4/gems/sequel-5.33.0/lib/sequel/dataset/sql.rb:89:inliteral_append' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sequel-5.33.0/lib/sequel/dataset/sql.rb:1495:in select_where_sql' 00:35:59 web.1 | /home/<user>/.rvm/gems/ruby-2.4.4/gems/sequel-5.33.0/lib/sequel/dataset/sql.rb:246:inselect_sql' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sequel-5.33.0/lib/sequel/dataset/actions.rb:705:in single_record!' 00:35:59 web.1 | /home/<user>/.rvm/gems/ruby-2.4.4/gems/sequel-5.33.0/lib/sequel/dataset/actions.rb:245:infirst' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sequel-5.33.0/lib/sequel/model/plugins.rb:33:in first' 00:35:59 web.1 | /home/<user>/hashview/models/master.rb:85:inisValid?' 00:35:59 web.1 | /home//hashview/helpers/sessions.rb:4:in validSession?' 00:35:59 web.1 | ./hashview.rb:46:inblock in

00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:1636:in call' 00:35:59 web.1 | /home/<user>/.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:1636:inblock in compile!' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:1035:in

block in process_route' 00:35:59 web.1               |  /home/<user>/.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:1033:in

catch' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:1033:in

process_route' 00:35:59 web.1               |  /home/<user>/.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:978:in

block in filter!' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:978:in each' 00:35:59 web.1 | /home/<user>/.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:978:infilter!' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:1097:in

block in dispatch!' 00:35:59 web.1               |  /home/<user>/.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:1072:in

block in invoke' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:1072:in

catch' 00:35:59 web.1               |  /home/<user>/.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:1072:in

invoke' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:1095:in

dispatch!' 00:35:59 web.1               |  /home/<user>/.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:919:in

block in call!' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:1072:in

block in invoke' 00:35:59 web.1               |  /home/<user>/.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:1072:in

catch' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:1072:in

invoke' 00:35:59 web.1               |  /home/<user>/.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:919:in

call!' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:908:in

call' 00:35:59 web.1               |  /home/<user>/.rvm/gems/ruby-2.4.4/gems/rack-protection-2.0.8.1/lib/rack/protection/escaped_params.rb:53:in

call' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/rack-protection-2.0.8.1/lib/rack/protection/xss_header.rb:18:in

call' 00:35:59 web.1               |  /home/<user>/.rvm/gems/ruby-2.4.4/gems/rack-protection-2.0.8.1/lib/rack/protection/base.rb:50:in

call' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/rack-protection-2.0.8.1/lib/rack/protection/base.rb:50:in

call' 00:35:59 web.1               |  /home/<user>/.rvm/gems/ruby-2.4.4/gems/rack-protection-2.0.8.1/lib/rack/protection/path_traversal.rb:16:in

call' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/rack-protection-2.0.8.1/lib/rack/protection/json_csrf.rb:26:in

call' 00:35:59 web.1               |  /home/<user>/.rvm/gems/ruby-2.4.4/gems/rack-protection-2.0.8.1/lib/rack/protection/base.rb:50:in

call' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/rack-protection-2.0.8.1/lib/rack/protection/base.rb:50:in

call' 00:35:59 web.1               |  /home/<user>/.rvm/gems/ruby-2.4.4/gems/rack-protection-2.0.8.1/lib/rack/protection/frame_options.rb:31:in

call' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:266:in

context' 00:35:59 web.1               |  /home/<user>/.rvm/gems/ruby-2.4.4/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:260:in

call' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/rack-2.2.3/lib/rack/logger.rb:17:in call' 00:35:59 web.1 | /home/<user>/.rvm/gems/ruby-2.4.4/gems/rack-2.2.3/lib/rack/common_logger.rb:38:incall' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:231:in call' 00:35:59 web.1 | /home/<user>/.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:224:incall' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/rack-2.2.3/lib/rack/head.rb:12:in

call' 00:35:59 web.1               |  /home/<user>/.rvm/gems/ruby-2.4.4/gems/rack-2.2.3/lib/rack/method_override.rb:24:in

call' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:194:in call' 00:35:59 web.1 | /home/<user>/.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:1951:incall' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:1503:in

block in call' 00:35:59 web.1               |  /home/<user>/.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:1730:in

synchronize' 00:35:59 web.1 | /home//.rvm/gems/ruby-2.4.4/gems/sinatra-2.0.8.1/lib/sinatra/base.rb:1503:in

call' 00:35:59 web.1               |  /home/<user>/.rvm/gems/ruby-2.4.4/gems/rack-2.2.3/lib/rack/handler/webrick.rb:95:in

service' 00:35:59 web.1 | /usr/share/rvm/rubies/ruby-2.4.4/lib/ruby/2.4.0/webrick/httpserver.rb:140:in service' 00:35:59 web.1 | /usr/share/rvm/rubies/ruby-2.4.4/lib/ruby/2.4.0/webrick/httpserver.rb:96:inrun' 00:35:59 web.1 | /usr/share/rvm/rubies/ruby-2.4.4/lib/ruby/2.4.0/webrick/server.rb:308:in `block in start_thread'

Get the same thing every time I refresh the browser and get the dreaded "INternal Server Error" message.

I've uninstalled and reinstalled several times. Before I whack the machine and try from scratch I thought I'd try here. Has to be some ruby/RVM deal...I'm just at a loss at this point as I;m certainly not an expert on those issues.

Any help appreciated.

Thanks.

ccammilleri commented 4 years ago

@khatfull honestly, I can tell what is going on here. Perhaps a permission issue on files? I always recommend installing RVM as non-root to avoid permission issues. Not sure if that's whats happening here.

What OS flavor and version are you using?

khatfull commented 3 years ago

Sorry for the tardy reply.

Ubuntu 14.04 LTS

Looks like the crux of the issue is:

2020-07-17 16:25:06 - Sequel::Error - can't express "1fb10eb015e3e410e0985739011b4d2323e1a1e6bd160d2a78e1d1d371d3ebbe" as a SQL literal:

Every time I refresh the page and get the "Internal Server Error" and the messages in the OP appear. Otherwise it just sits there and heartbeats.

Here's a screenshot, may be easier to read.

error

Natasha-B commented 3 years ago

Hello, Has anyone found a solution to this issue ?

khatfull commented 3 years ago

I never did. I did a clean install (OS, nVidia drivers, the whole schmear), this time as a non-root user, and everything worked out ok. Whether or not the fact that I did the first install as a root user was germane I have no idea. The clean install was ok with me. Took about two hours. One thing, when importing large wordlists be prepared for them to take a LONG time to show up. On import it does a wc against them and on wordlists like weakpass_2a that takes a chunk of time. That threw me for a loop and I thought it was messed up again.

Natasha-B commented 3 years ago

Thank you for your answer ! I will try to reinstall everything and see if it works.

ccammilleri commented 2 years ago

Closing since issue appears resolved or was related to permissions

ccammilleri commented 2 years ago

haha i just discovered the fix for this. looks like a .to_s_append is our issue here. Fixed it by typecasting .to_s on the session key.

hashview / hashview-old

Error when accessing hashview, new install. #478