Closed redAngel9012 closed 2 weeks ago
Is this a fresh install or an older one from before? The password in the .env
file is only used the very first time Mythic starts up to create the initial user. After that, the username and password in the .env
file aren't used.
This install is an older one. I left the Mythic C2 instance idle for a while, then tried logging back in today and that's when I got the error.
hmm did you ever change your password? There's no built-in way to recover your password. If you want to keep the data you had there, then you need to:
docker exec -it mythic_postgres /bin/bash
.env
for postgresIf you don't want to keep the data you had before, then you can do:
sudo ./mythic-cli database reset
sudo ./mythic-cli start
and everything will be wiped clean and your username/password in the .env file will be used to create the first operator again
I was able to log on with the username and password set in the .env file after resetting the database and starting up the service. I went in and changed the password from the settings page. Thanks!
I'm unable to log onto the Mythic UI using username mythic_admin with the password set in the .env file. I tried changing it to another password, then restarted the service using sudo ./mythic-cli restart, but it continues to give me an http 403 error and to check the logs. Here are the last few lines of the logs:
sudo ./mythic-cli logs mythic_server
{"level":"error","error":"sql: no rows in result set","func":"github.com/its-a-feature/Mythic/rabbitmq.updatePayloadTypeWrappers","line":633,"wrapper":"scarecrow_wrapper","wrapped":"apollo","time":"2024-10-07T13:36:52Z","message":"Failed to find payloadtype to associate for wrapping"} {"level":"error","error":"sql: no rows in result set","func":"github.com/its-a-feature/Mythic/rabbitmq.updatePayloadTypeWrappers","line":633,"wrapper":"service_wrapper","wrapped":"apollo","time":"2024-10-07T13:36:52Z","message":"Failed to find payloadtype to associate for wrapping"} {"level":"error","error":"Need a bot account assigned to this operation that's active and not deleted","func":"github.com/its-a-feature/Mythic/rabbitmq.createGraphQLSpectatorAPITokenAndSendOnStartMessage","line":160,"time":"2024-10-07T13:36:53Z","message":"operation"} {"level":"error","error":"sql: no rows in result set","func":"github.com/its-a-feature/Mythic/rabbitmq.updatePayloadTypeC2Profiles","line":577,"c2profile":"webshell","c2profiles":["webshell","websocket","httpx","dynamichttp"],"time":"2024-10-07T13:36:53Z","message":"Failed to get c2profile to associate with payloadtype"} {"level":"error","error":"sql: no rows in result set","func":"github.com/its-a-feature/Mythic/rabbitmq.updatePayloadTypeC2Profiles","line":577,"c2profile":"websocket","c2profiles":["webshell","websocket","httpx","dynamichttp"],"time":"2024-10-07T13:36:53Z","message":"Failed to get c2profile to associate with payloadtype"} {"level":"error","error":"sql: no rows in result set","func":"github.com/its-a-feature/Mythic/rabbitmq.updatePayloadTypeC2Profiles","line":577,"c2profile":"httpx","c2profiles":["webshell","websocket","httpx","dynamichttp"],"time":"2024-10-07T13:36:53Z","message":"Failed to get c2profile to associate with payloadtype"} {"level":"error","error":"sql: no rows in result set","func":"github.com/its-a-feature/Mythic/rabbitmq.updatePayloadTypeC2Profiles","line":577,"c2profile":"dynamichttp","c2profiles":["webshell","websocket","httpx","dynamichttp"],"time":"2024-10-07T13:36:53Z","message":"Failed to get c2profile to associate with payloadtype"} {"level":"error","error":"Need a bot account assigned to this operation that's active and not deleted","func":"github.com/its-a-feature/Mythic/rabbitmq.createGraphQLSpectatorAPITokenAndSendOnStartMessage","line":160,"time":"2024-10-07T13:36:53Z","message":"operation"} {"level":"error","time":"2024-10-07T13:37:01Z","message":"[-] No 'apitoken` or 'Authorization: Bearer' token values supplied"} {"level":"error","error":"Missing JWT header","func":"github.com/its-a-feature/Mythic/authentication.TokenValid","line":72,"time":"2024-10-07T13:37:01Z","message":"Failed to extract apitoken"} {"level":"error","error":"Failed login","func":"github.com/its-a-feature/Mythic/webserver/controllers.Login","line":29,"time":"2024-10-07T13:41:32Z","message":"Failed Authentication"} {"level":"error","error":"Failed login","func":"github.com/its-a-feature/Mythic/webserver/controllers.Login","line":29,"time":"2024-10-07T14:04:11Z","message":"Failed Authentication"}
sudo ./mythic-cli logs mythic_nginx
172.18.0.1 - - [07/Oct/2024:14:04:11 +0000] "POST /auth HTTP/1.1" 403 33 "https://127.0.0.1:7443/new/login" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" "-" 127.0.0.1 - - [07/Oct/2024:14:04:30 +0000] "GET /new/login HTTP/1.1" 200 585 "-" "curl/8.5.0" "-" 127.0.0.1 - - [07/Oct/2024:14:05:00 +0000] "GET /new/login HTTP/1.1" 200 585 "-" "curl/8.5.0" "-" 127.0.0.1 - - [07/Oct/2024:14:05:30 +0000] "GET /new/login HTTP/1.1" 200 585 "-" "curl/8.5.0" "-" 127.0.0.1 - - [07/Oct/2024:14:06:00 +0000] "GET /new/login HTTP/1.1" 200 585 "-" "curl/8.5.0" "-" 127.0.0.1 - - [07/Oct/2024:14:06:30 +0000] "GET /new/login HTTP/1.1" 200 585 "-" "curl/8.5.0" "-" 127.0.0.1 - - [07/Oct/2024:14:07:00 +0000] "GET /new/login HTTP/1.1" 200 585 "-" "curl/8.5.0" "-" 127.0.0.1 - - [07/Oct/2024:14:07:30 +0000] "GET /new/login HTTP/1.1" 200 585 "-" "curl/8.5.0" "-" 127.0.0.1 - - [07/Oct/2024:14:08:00 +0000] "GET /new/login HTTP/1.1" 200 585 "-" "curl/8.5.0" "-" 127.0.0.1 - - [07/Oct/2024:14:08:30 +0000] "GET /new/login HTTP/1.1" 200 585 "-" "curl/8.5.0" "-" 172.18.0.1 - - [07/Oct/2024:14:08:43 +0000] "POST /auth HTTP/1.1" 403 33 "https://127.0.0.1:7443/new/login" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" "-" 127.0.0.1 - - [07/Oct/2024:14:09:00 +0000] "GET /new/login HTTP/1.1" 200 585 "-" "curl/8.5.0" "-" 127.0.0.1 - - [07/Oct/2024:14:09:31 +0000] "GET /new/login HTTP/1.1" 200 585 "-" "curl/8.5.0" "-"
I even restarted my Kali instance which is running the Mythic C2 service, but that didn't resolve the issue. Is there anything else I can try?