Closed Blababam closed 1 month ago
github-actions[bot]
commented
1 month ago Looks like your first issue -- we aim to respond to issues as quickly as possible. In the meantime, check out our documentation here: http://caldera.readthedocs.io/
uruwhy
commented
1 month ago Can you restart your server with the --log DEBUG argument and provide the terminal output from starting the server and attempting to log in?
Bachi2256
commented
1 month ago Hello! I have the same issues than Blababam on differents OS.
Here is the logs from serving launching in debug mode:
2024-09-30 16:35:31 WARNING --insecure flag set. Caldera will use server.py:226
the default user accounts in
default.yml config file.
INFO Using main config from server.py:235
conf/default.yml
INFO Setting VueJS environment file. server.py:151
INFO Building VueJS front-end. server.py:273
up to date, audited 768 packages in 2s
100 packages are looking for funding
run `npm fund` for details
16 vulnerabilities (8 moderate, 7 high, 1 critical)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
> magma@0.0.0 build
> node prebundle.js && vite build
Copying all plugin GUI source files to magma
Copying over "access" files...
Copying over "atomic" files...
Copying over "builder" files...
Copying over "compass" files...
Copying over "debrief" files...
Copying over "emu" files...
Copying over "gameboard" files...
Copying over "human" files...
Copying over "manx" files...
Copying over "response" files...
Copying over "sandcat" files...
Copying over "ssl" files...
Copying over "stockpile" files...
Copying over "training" files...
Plugin GUI source files copied!
vite v2.9.15 building for production...
✓ 1483 modules transformed.
dist/assets/favicon.cc1c341b.ico 69.07 KiB
dist/assets/caldera-logo.6a24b35b.png 16.51 KiB
dist/assets/caldera-logo-mtn.88f0ff8a.png 36.07 KiB
dist/assets/darwin-icon-privileged.ffa7a1c2.svg 0.68 KiB
dist/assets/darwin-icon.95280721.svg 0.67 KiB
dist/assets/linux-icon-privileged.d1ede01c.svg 3.66 KiB
dist/assets/linux-icon.df96f069.svg 3.65 KiB
dist/assets/windows-icon-privileged.e4e076e8.svg 0.39 KiB
dist/assets/windows-icon.2e7338a5.svg 0.37 KiB
dist/index.html 0.46 KiB
dist/assets/access.99152918.js 12.71 KiB / gzip: 3.97 KiB
dist/assets/atomic.14c1a336.js 1.05 KiB / gzip: 0.62 KiB
dist/assets/builder.6ed8e34f.js 1.31 KiB / gzip: 0.71 KiB
dist/assets/compass.9c93073b.js 5.22 KiB / gzip: 2.22 KiB
dist/assets/debrief.7a1c24f5.js 28.20 KiB / gzip: 7.40 KiB
dist/assets/emu.18f358c5.js 1.56 KiB / gzip: 0.70 KiB
dist/assets/gameboard.c4ac16c4.js 21.79 KiB / gzip: 6.09 KiB
dist/assets/human.4e7a81eb.js 11.80 KiB / gzip: 3.46 KiB
dist/assets/manx.d65a4640.js 6.54 KiB / gzip: 2.46 KiB
dist/assets/response.824330bc.js 1.60 KiB / gzip: 0.83 KiB
dist/assets/sandcat.2b247b3d.js 0.68 KiB / gzip: 0.44 KiB
dist/assets/ssl.28b916d0.js 0.98 KiB / gzip: 0.62 KiB
dist/assets/stockpile.278d5b64.js 1.61 KiB / gzip: 0.76 KiB
dist/assets/training.ff363c9c.js 8.96 KiB / gzip: 3.54 KiB
dist/assets/access.b689ce59.css 0.32 KiB / gzip: 0.20 KiB
dist/assets/compass.4b402f52.css 0.12 KiB / gzip: 0.12 KiB
dist/assets/debrief.854158fe.css 0.79 KiB / gzip: 0.34 KiB
dist/assets/gameboard.430857df.css 2.01 KiB / gzip: 0.68 KiB
dist/assets/human.d7b43e12.css 2.31 KiB / gzip: 0.78 KiB
dist/assets/manx.fdacbfd3.css 3.11 KiB / gzip: 1.51 KiB
dist/assets/response.9692d0ec.css 0.20 KiB / gzip: 0.13 KiB
dist/assets/training.9d43ffbb.css 3.86 KiB / gzip: 1.06 KiB
dist/assets/index.b7b89f4c.css 248.36 KiB / gzip: 33.84 KiB
dist/assets/index.d0e3f54f.js 1646.08 KiB / gzip: 528.96 KiB
(!) Some chunks are larger than 500 KiB after minification. Consider:
- Using dynamic import() to code-split the application
- Use build.rollupOptions.output.manualChunks to improve chunking: https://rollupjs.org/guide/en/#outputmanualchunks
- Adjust chunk size limit for this warning via build.chunkSizeWarningLimit.
2024-09-30 16:35:46 INFO VueJS front-end build complete. server.py:276
INFO Invalid Github Gist personal API contact_gist.py:70
token provided. Gist C2 contact
will not be started.
INFO Generating temporary SSH private tunnel_ssh.py:26
key. Was unable to use provided
SSH private key
INFO Enabled plugin: compass app_svc.py:128
INFO Enabled plugin: debrief app_svc.py:128
INFO Enabled plugin: magma app_svc.py:128
INFO Enabled plugin: manx app_svc.py:128
2024-09-30 16:35:47 INFO Enabled plugin: response app_svc.py:128
INFO Enabled plugin: access app_svc.py:128
2024-09-30 16:35:49 INFO Enabled plugin: sandcat app_svc.py:128
INFO Enabled plugin: fieldmanual app_svc.py:128
2024-09-30 16:36:16 INFO Enabled plugin: atomic app_svc.py:128
INFO Enabled plugin: stockpile app_svc.py:128
INFO Enabled plugin: training app_svc.py:128
ERROR Error importing plugin=builder, No c_plugin.py:91
module named 'docker'
ERROR Error loading plugin=builder, c_plugin.py:59
'NoneType' object has no attribute
'description'
INFO Creating SSH listener on 0.0.0.0, logging.py:92
port 8022
INFO serving on 0.0.0.0:2222 server.py:741
WARNING Unable to properly load .donut for data_svc.py:436
payload
plugins.stockpile.app.donut.donut_h
andler due to failed import
WARNING upx does not meet the minimum app_svc.py:183
version of 0.0.0. Upx is an optional
dependency which adds more
functionality.
2024-09-30 16:36:30 INFO Docs built successfully with the hook.py:56
following warnings
/home/vect/Documents/caldera/plugins/fie
ldmanual/sphinx-docs/The-REST-API.md:3:
WARNING: 'myst' cross-reference target
not found: '/api/docs'
INFO All systems ready. server.py:104
██████╗ █████╗ ██╗ ██████╗ ███████╗██████╗ █████╗
██╔════╝██╔══██╗██║ ██╔══██╗██╔════╝██╔══██╗██╔══██╗
██║ ███████║██║ ██║ ██║█████╗ ██████╔╝███████║
██║ ██╔══██║██║ ██║ ██║██╔══╝ ██╔══██╗██╔══██║
╚██████╗██║ ██║███████╗██████╔╝███████╗██║ ██║██║ ██║
╚═════╝╚═╝ ╚═╝╚══════╝╚═════╝ ╚══════╝╚═╝ ╚═╝╚═╝ ╚═╝To reproduce
Juste follow the installation steps in README.MD
Error message
When accessing the caldera server on localhost with http://localhost:8888, the server return:
500 Internal Server Error Server got itself in trouble
Blababam
commented
1 month ago Here is the result of Debugging after starting the server, still unable to login or even see the login screen.
brandon@caldera:~/caldera$ python3 server.py --insecure --log DEBUG
2024-09-30 18:01:48 WARNING --insecure flag set. Caldera will server.py:226
use the default user accounts in
default.yml config file.
INFO Using main config from server.py:235
conf/default.yml
2024-09-30 18:01:49 DEBUG Loaded 2 parsers learning_svc.py:20
DEBUG Collision in ability name c_ability.py:103
detected for
b73d58b20bcb138a26175f240cca9de
2 and
44705da4b28c8fa57fc2a2940b34565
a (System Information Discovery
(2)). Modifying name of the
second ability to System
Information Discovery (2)
(2)...
DEBUG Restored data from persistent data_svc.py:116
storage
DEBUG There are 0 jobs in the data_svc.py:117
scheduler
DEBUG Restored data from base_knowledge_svc.py:308
persistent storage
DEBUG Registered contact: ftp contact_svc.py:38
DEBUG Registered contact: tcp contact_svc.py:38
DEBUG Registered contact: udp contact_svc.py:38
DEBUG Registered contact: slack contact_svc.py:38
DEBUG Registered contact: gist contact_svc.py:38
DEBUG Registered contact: dns contact_svc.py:38
DEBUG Registered contact: html contact_svc.py:38
DEBUG Registered contact: websocket contact_svc.py:38
DEBUG Registered contact: http contact_svc.py:38
DEBUG Registered contact tunnel: contact_svc.py:53
ssh_tunneling
INFO Invalid Github Gist personal contact_gist.py:70
API token provided. Gist C2
contact will not be started.
INFO Generating temporary SSH tunnel_ssh.py:26
private key. Was unable to use
provided SSH private key
INFO Enabled plugin: access app_svc.py:128
DEBUG Loaded gocat extension module: sand_svc.py:94
shells
DEBUG Loaded gocat extension module: sand_svc.py:94
native
DEBUG Loaded gocat extension module: sand_svc.py:94
shellcode
DEBUG Loaded gocat extension module: sand_svc.py:94
shared
DEBUG Loaded gocat extension module: sand_svc.py:94
donut
DEBUG Loaded gocat extension module: sand_svc.py:94
proxy_http
DEBUG Loaded gocat extension module: sand_svc.py:94
dns_tunneling
DEBUG Loaded gocat extension module: sand_svc.py:94
slack
INFO Enabled plugin: sandcat app_svc.py:128
INFO Enabled plugin: fieldmanual app_svc.py:128
INFO Enabled plugin: training app_svc.py:128
INFO Enabled plugin: compass app_svc.py:128
DEBUG Configuration (agents) update, base_world.py:46
setting
deployments=['1837b43e-4fff-46b
2-a604-a602f7540469',
'2f34977d-9558-4c12-abad-349716
777c6b',
'356d1722-7784-40c4-822b-0cf864
b0b36d',
'0ab383be-b819-41bf-91b9-1bd440
4d83bf']
INFO Enabled plugin: response app_svc.py:128
INFO Enabled plugin: magma app_svc.py:128
INFO Enabled plugin: atomic app_svc.py:128
INFO Enabled plugin: stockpile app_svc.py:128
INFO Enabled plugin: manx app_svc.py:128
ERROR Error importing plugin=builder, c_plugin.py:91
No module named 'docker'
ERROR Error loading plugin=builder, c_plugin.py:59
'NoneType' object has no
attribute 'description'
2024-09-30 18:01:50 INFO Enabled plugin: debrief app_svc.py:128
INFO Creating SSH listener on 0.0.0.0, logging.py:92
port 8022
INFO serving on 0.0.0.0:2222 server.py:741
WARNING Unable to properly load .donut data_svc.py:436
for payload
plugins.stockpile.app.donut.donu
t_handler due to failed import
WARNING upx does not meet the minimum app_svc.py:183
version of 0.0.0. Upx is an
optional dependency which adds
more functionality.
2024-09-30 18:02:06 INFO Docs built successfully. hook.py:58
DEBUG Using default login handler. auth_svc.py:209
DEBUG Created authentication group: auth_svc.py:72
blue
DEBUG Created authentication group: red auth_svc.py:72
DEBUG = connection is CONNECTING protocol.py:255
DEBUG > GET /system/ready HTTP/1.1 client.py:115
DEBUG > Host: 0.0.0.0:7012 client.py:117
DEBUG > Upgrade: websocket client.py:117
DEBUG > Connection: Upgrade client.py:117
DEBUG > Sec-WebSocket-Key: client.py:117
BRDjIpbma3sRRyZ5vX3x5w==
DEBUG > Sec-WebSocket-Version: 13 client.py:117
DEBUG > Sec-WebSocket-Extensions: client.py:117
permessage-deflate;
client_max_window_bits
DEBUG > User-Agent: Python/3.12 client.py:117
websockets/11.0.3
DEBUG < HTTP/1.1 101 Switching Protocols client.py:148
DEBUG < Upgrade: websocket client.py:150
DEBUG < Connection: Upgrade client.py:150
DEBUG < Sec-WebSocket-Accept: client.py:150
NSasn7f5LiNkvsbYxjtGLERSU+E=
DEBUG < Sec-WebSocket-Extensions: client.py:150
permessage-deflate;
server_max_window_bits=12;
client_max_window_bits=12
DEBUG < Date: Mon, 30 Sep 2024 18:02:06 client.py:150
GMT
DEBUG < Server: Python/3.12 client.py:150
websockets/11.0.3
DEBUG = connection is OPEN protocol.py:356
DEBUG < CLOSE 1000 (OK) [2 bytes] protocol.py:1168
DEBUG = connection is CLOSING protocol.py:1223
DEBUG > CLOSE 1000 (OK) [2 bytes] protocol.py:1174
DEBUG = connection is CLOSED protocol.py:1494
INFO All systems ready. server.py:104
Pandoome
commented
1 month ago Same issue for me.
Blababam
commented
1 month ago Solved by updating the requirements.txt file aiohttp version to 3.10.8
I have attempted to install Caldera on ubuntu live server 24, and 22. most recently i have made the install on ubuntu live server 24 and am able to build the server and attempt to access it. Upon loading the webpage at my servers ip port 2222 it loads an invalid http response. If i go to my ip at port 8888 it loads an internal server error 500 server got itself into trouble. Please let me know what logs need provided in order to resolve this.