search

lachlan2k / phatcrack

Modern web-based distributed hashcracking solution, built on hashcat
MIT License
109 stars 8 forks source link

Bug inserting hashes (v0.1.4) #31

Closed JSmith-Aura closed 9 months ago

JSmith-Aura commented 9 months ago

Howdy, getting this issues when a user tries to start a job?

Its a little bit unclear about how or why this bug is occuring, sorry. 

code=500, message=Something went wrong creating attack job (error id 3f6080ca-b681-4fb1-8f70-25efc143eaac), internal=ERROR: insert or update on table \"jobs\" violates foreign key constraint \"fk_attacks_jobs\" (SQLSTATE 23503)
2023/12/04 21:27:10 /app/api/internal/db/job.go:365 ERROR: insert or update on table "jobs" violates foreign key constraint "fk_attacks_jobs" (SQLSTATE 23503)
[5.206ms] [rows:0] INSERT INTO "jobs" ("created_at","updated_at","deleted_at","hashlist_version","attack_id","hashcat_params","target_hashes","hash_type","assigned_agent_id") VALUES ('2023-12-04 21:27:10.819','2023-12-04 21:27:10.819',NULL,1,'07ba7758-54b6-466c-817f-61caf6897c9c','{"attack_mode":0,"hash_type":13100,"mask":"","mask_increment":false,"mask_increment_min":0,"mask_increment_max":0,"mask_sharded_charset":"","mask_custom_charsets":[],"wordlist_filenames":["1b82c71a-49b7-4f6e-8cd4-115788202fbc"],"rules_filenames":["5b5bfbe6-e25c-42d5-9ecb-47ae80832de8"],"additional_args":[],"optimized_kernels":true,"slow_candidates":false,"skip":0,"limit":3004579076}',

Hashes omitted obv

lachlan2k commented 9 months ago

As far as I can tell, the most likely explanation is that the user deleted the attack while it was still distributing.

Therefore, the attack_id referenced in the fk was unable to be created.

I don't think this error would therefore ever be presented to the user (because if they've deleted the attack, there is nowhere to store or display an error ID).

I'm going to cautiously say this is "working as intended". If my proposed explanation was correct, then this error correctly caused the code to exit and prevent zombie jobs.

The best way to "solve" this confusing error would be to kill any distribution goroutines when a user deletes an attack, with a cancelable context, but I probably won't do that any time soon.

lachlan2k commented 9 months ago

Closing for now, as upon further review, I'm pretty sure my analysis was right.