SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data

[wir3casp3r]

After updating mythic C2 following the official documentation: https://docs.mythic-c2.net/installation/updating-mythic

Whenever I try to log in I am met with the following error:

Error getting JSON from server: SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data

I was unable to find anything in relation to this. I had stored a backup of the /Mythic/ folder prior to the update, but reverting back to that backup still prompts the same JSON error.

Any ideas what this issue is and how it can be fixed? I have some valuable data in the database which I would hate to lose..

[wir3casp3r]

Doing a database reset seems to have fixed this. But I'm still not able to access my previous database now....

[its-a-feature]

Let's see if we can figure out what's going on.

• What version did you upgrade from? I'm guessing you updated to the latest on github?
• Can you run sudo ./mythic-cli status and see if any of the containers restarting or have up times that are really short?
• What's the output from sudo ./mythic-cli logs mythic_server and sudo ./mythic-cli logs mythic_graphql

[dirtybirthdaycake]

I was getting this error as well after receiving a HTTP 500 error from the /auth endpoint. It doesn't seem that the web UI is checking that the AJAX call was a successful HTTP 2xx, and it seems to be trying to parse the HTML from the HTTP 500 error page as JSON, resulting in this error.

In the logs the following message appears: {"level":"error","error":"pq: password authentication failed for user \"mythic_user\"","func":"[github.com/its-a-feature/Mythic/database.getNewDbConnection](http://github.com/its-a-feature/Mythic/database.getNewDbConnection)","line":164,"host":"mythic_postgres","port":5432,"time":"2024-01-04T19:28:59Z","message":"Failed to connect to database"}

I was not able to replicate this issue after reinstalling Mythic a half dozen times, both creating the .env prior to ./mythic-cli start and by allowing mythic-cli start to create the file. Unfortunately I'm not sure how I ended up in this situation to begin with.

[its-a-feature]

Just pushed a check for this in the UI in case the response code from auth isn't 200, it'll display a toast warning instead. Really not sure how you ended up with the database password being different than what was supplied, but I'm glad it's not something you were able to keep repeating. If you do find a way to consistently do it, please let me know!

[wir3casp3r]

Hey @its-a-feature thanks for your response and apologies for the delay in getting back. I was on shutdown and have just got back to work :)

So, my logs are pretty much exactly like @junghandy showed in his response above. Does this mean that I can no longer access the underlying database which has a record of my previous engagements? I'm assuming so, since I no longer have the old database password due to the git pull that I had performed to update Mythic. Is my assumption correct?

Thanks for your help! Wish you both a great new year :)

[its-a-feature]

no worries!

A git pull shouldn't adjust your .env file, so I'm not sure how both of you ended up with modified .env files. Did anything else in there get adjusted on you?

You're not out of luck though. You just need to do a few things:

1. stop postgres with sudo ./mythic-cli stop mythic_postgres
2. update the auth mechanism - in Mythic/postgres-docker/pg_hba.conf at the bottom you'll see two rows that end in md5. Change those from md5 to trust. In Mythic/postgres-docker/database/pg_hba.conf you'll see the same thing and also change the two bottom md5 to trust.
3. restart postgres with these changes with sudo ./mythic-cli build mythic_postgres
4. exec into postgres with sudo docker exec -it mythic_postgres /bin/bash
5. connect to the database as the mythic_user with psql -U mythic_user mythic_db
6. change the password via \password and supply the new password for postgres that's in your .env
7. exit out of all that
8. stop postgres again with sudo ./mythic-cli stop mythic_postgres
9. adjust those trust values back to md5 for both of those files
10. restart postgres with sudo ./mythic-cli build mythic_postgres

at this point, services should be able to auth to postgres again with the new password in your .env file. That should allow you to get back into your old database with your new password

[wir3casp3r]

Hey thanks for the in-depth process @its-a-feature. I managed to follow your instructions up till step 4 -> exec into postgres with sudo docker exec -it mythic_postgres /bin/bash.

Unfortunately, this is a no go because the postgres container is looping into a restart continuously.

Whenever I run the above command, I'm getting:

Error response from daemon: Container df8640bc9a686d9989ab7014e5fb0580fa6478f54b83a8ac6f2f7692896958ad is restarting, wait until the container is running.

Unsure why postgres keeps restarting. In fact, when I run sudo ./mythic-cli status mythic_postgres is in a restarting STATE and the STATUS shows Restarting (1) X seconds ago.

[its-a-feature]

Is there any output when you run: sudo ./mythic-cli logs mythic_postgres? I'm not sure why your postgres container would be having issues 🤔

[its-a-feature]

Are you able to try a new deployment? I wonder if there was something else that was causing an issue?

[dirtybirthdaycake]

I've got a CI/CD workflow setup that calls mythic-cli database reset --force which runs a few times a day and I've still not encountered this issue again. I'm not on the latest, but pretty recent.

[its-a-feature]

@wir3casp3r are you still having this issue?

[wir3casp3r]

@its-a-feature haven't gotten around testing and checking postgres logs to be honest. We just lost one engagement's worth of data so not too important. We were working fine with a fresh install and never got around to checking the postgres logs.

[its-a-feature]

Ok, well if this is working fine for you now I'm gonna go ahead and close this, but if you run into issues again please open up an issue again or re-open this one