Email Issue

[g33kroid]

Hi Team

I am trying to configure the Email Server for Reset Password but I get the below error

[E 221003 08:52:32 web:1798] Uncaught exception POST /reset (162.158.56.149)
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:     HTTPServerRequest(protocol='https', host='taajeer.saluslab.net', method='POST', uri='/reset', version='HTTP/1.1', remote_ip='162.158>
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:     Traceback (most recent call last):
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:       File "/usr/local/lib/python3.8/dist-packages/tornado/web.py", line 1711, in _execute
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:         result = method(*self.path_args, **self.path_kwargs)
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:       File "/root/RootTheBox/handlers/PublicHandlers.py", line 758, in post
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:         self.create_reset_message(user, reset_token)
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:       File "/root/RootTheBox/handlers/PublicHandlers.py", line 814, in create_reset_message
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:         f.read()
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:     TypeError: replace() argument 2 must be str, not None
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]: [E 221003 08:52:32 BaseHandlers:195] Request from 162.158.56.149 resulted in an error code 500:
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:     Traceback (most recent call last):
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:       File "/usr/local/lib/python3.8/dist-packages/tornado/web.py", line 1711, in _execute
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:         result = method(*self.path_args, **self.path_kwargs)
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:       File "/root/RootTheBox/handlers/PublicHandlers.py", line 758, in post
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:         self.create_reset_message(user, reset_token)
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:       File "/root/RootTheBox/handlers/PublicHandlers.py", line 814, in create_reset_message
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:         f.read()
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:     TypeError: replace() argument 2 must be str, not None
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]:
Oct 03 08:52:32 hwsrv-1004696.hostwindsdns.com rootthebox.py[76543]: [E 221003 08:52:32 web:2271] 500 POST /reset (162.158.56.149) 17.65ms

I am using Yandex SMTP SSL with App Username and Password.

Cheers

[eljeffeg]

It appears this is the line causing you an issue. It reads the template and replaces the various parameters with those from your environment / user.

f.read()
.replace("\n", "")
.replace("[Product Name]", options.game_name)
.replace("{{name}}", user.name)
.replace("{{action_url}}", reset_url)
.replace("{{remote_ip}}", remote_ip)
.replace("https://example.com", origin)

I think the only one that could be None is probably remote_ip, so I'd make sure your x_headers config is set to True.

This is what sets the remote_ip:

remote_ip = (
        self.request.headers.get("X-Real-IP")
        or self.request.headers.get("X-Forwarded-For")
        or self.request.remote_ip
)

I could add an or '127.0.0.1' which would clear the None issue, but that's sort of a symptom of not being able to get the remote IP.

[eljeffeg]

The remote IP, in this case, is only used as a security measure to tell the user what IP requested the password reset.

[g33kroid]

Hey Thank you so much for ur support.

I have added the x_Headers but now I have different error

# [ Mail ]
mail_host = "smtp.yandex.com"
mail_port = 465
mail_username = "no-reply@saluslab.net"
mail_password = "" # Password Here 
mail_sender = "no-reply@saluslab.net"

# [ Server ]
origin = "ws://localhost:443"
listen_port = 443
listen_interface = "0.0.0.0"
session_age = 2880
x_headers = True
ssl = True
certfile = "/etc/letsencrypt/live/taajeer.saluslab.net/cert.pem"
keyfile = "/etc/letsencrypt/live/taajeer.saluslab.net/privkey.pem"
admin_ips = []
autoreload_source = True
webhook_url = None

the Error is the following

root@hwsrv-1004696:~/RootTheBox# ./rootthebox.py --setup=prod
Traceback (most recent call last):
  File "./rootthebox.py", line 1098, in <module>
    options.parse_config_file(options.config)
  File "/usr/local/lib/python3.8/dist-packages/tornado/options.py", line 417, in parse_config_file
    exec_in(native_str(f.read()), config, config)
  File "/usr/local/lib/python3.8/dist-packages/tornado/util.py", line 161, in exec_in
    exec(code, glob, loc)
  File "<string>", line 1, in <module>
NameError: name 'x' is not defined

Any idea with how to fix it

[g33kroid]

my bad there were typos at beginning of the config file. I will test it out now

[g33kroid]

It looks like its doing something but its loading forever any idea how to debug or extract logs

root@hwsrv-1004696:~/RootTheBox# nano files/rootthebox.cfg
root@hwsrv-1004696:~/RootTheBox# ./rootthebox.py --start --debug
[I 221005 09:42:45 __init__:267] Checking for Database Updates...
[I 221005 09:42:45 migration:204] Context impl MySQLImpl.
[I 221005 09:42:45 migration:207] Will assume non-transactional DDL.
[I 221005 09:42:45 GameHistory:54] Loading game history from database ...
[I 221005 09:42:45 GameHistory:71] History load complete.
[*] Starting RTB on https://localhost:443
[W 221005 09:42:45 __init__:329] Debug mode is enabled; DO NOT USE THIS IN PRODUCTION
/root/RootTheBox/libs/Scoreboard.py:55: RuntimeWarning: coroutine 'Scoreboard._update_gamestate' was never awaited
  asyncio.ensure_future(self._update_gamestate(self, app))
RuntimeWarning: Enable tracemalloc to get the object allocation traceback
[I 221005 09:42:54 web:2271] 200 GET /reset (94.200.228.50) 11.16ms
[I 221005 09:42:56 web:2271] 101 GET /connect/notifications/updates (94.200.228.50) 0.89ms

And the Platform froze I can't cancel the request or load another page

[g33kroid]

so I changed the websocket channel to 127.0.0.1:80

and yet the connection time out with the below logs

root@hwsrv-1004696:~/RootTheBox# ./rootthebox.py --start --debug --logging=debug
[D 221005 09:52:00 rootthebox:1097] Parsing config file `/root/RootTheBox/files/rootthebox.cfg`
[D 221005 09:52:01 DatabaseConnection:112] Configured to use MySQL for a database
[D 221005 09:52:01 selector_events:59] Using selector: EpollSelector
[D 221005 09:52:01 BotManager:117] Removing old botnet database file
[D 221005 09:52:01 BotManager:119] Created botnet database at: sqlite:///files/botnet.db
[I 221005 09:52:01 __init__:267] Checking for Database Updates...
[D 221005 09:52:01 DatabaseConnection:112] Configured to use MySQL for a database
[I 221005 09:52:01 migration:204] Context impl MySQLImpl.
[I 221005 09:52:01 migration:207] Will assume non-transactional DDL.
[I 221005 09:52:01 GameHistory:54] Loading game history from database ...
[D 221005 09:52:01 protocol:428] Getting key snapshot.173
[D 221005 09:52:01 protocol:440] Value Length: 4. Body length: 60. Data type: 0
[D 221005 09:52:01 protocol:428] Getting key snapshot.174
[D 221005 09:52:01 protocol:440] Value Length: 4. Body length: 60. Data type: 0
[D 221005 09:52:01 protocol:428] Getting key snapshot.175
[D 221005 09:52:01 protocol:440] Value Length: 4. Body length: 60. Data type: 0
[D 221005 09:52:01 protocol:428] Getting key snapshot.176
[D 221005 09:52:01 protocol:440] Value Length: 4. Body length: 60. Data type: 0
[D 221005 09:52:01 protocol:428] Getting key snapshot.177
[D 221005 09:52:01 protocol:440] Value Length: 4. Body length: 60. Data type: 0
[D 221005 09:52:01 protocol:428] Getting key snapshot.178
[D 221005 09:52:01 protocol:440] Value Length: 4. Body length: 60. Data type: 0
[D 221005 09:52:01 protocol:428] Getting key snapshot.179
[D 221005 09:52:01 protocol:440] Value Length: 4. Body length: 60. Data type: 0
[D 221005 09:52:01 protocol:428] Getting key snapshot.180
[D 221005 09:52:01 protocol:440] Value Length: 4. Body length: 60. Data type: 0
[D 221005 09:52:01 protocol:428] Getting key snapshot.181
[D 221005 09:52:01 protocol:440] Value Length: 4. Body length: 60. Data type: 0
[D 221005 09:52:01 protocol:428] Getting key snapshot.182
[D 221005 09:52:01 protocol:440] Value Length: 4. Body length: 60. Data type: 0
[I 221005 09:52:01 GameHistory:71] History load complete.
[*] Starting RTB on https://localhost:443
[D 221005 09:52:01 locale:174] Supported locales: ['ar', 'bn', 'ca', 'de', 'en_US', 'es', 'fr', 'hi', 'ja', 'ko', 'pt', 'ru', 'zh']
[W 221005 09:52:01 __init__:329] Debug mode is enabled; DO NOT USE THIS IN PRODUCTION
/root/RootTheBox/libs/Scoreboard.py:55: RuntimeWarning: coroutine 'Scoreboard._update_gamestate' was never awaited
  asyncio.ensure_future(self._update_gamestate(self, app))
RuntimeWarning: Enable tracemalloc to get the object allocation traceback
[I 221005 09:52:07 web:2271] 200 GET /reset (162.158.56.149) 15.01ms
[D 221005 09:52:08 BaseHandlers:314] Checking request origin 'ParseResult(scheme='https', netloc='taajeer.saluslab.net', path='', params='', query='', fragment='')' ends with 'ParseResult(scheme='ws', netloc='127.0.0.1:80', path='', params='', query='', fragment='')'
[I 221005 09:52:08 web:2271] 101 GET /connect/notifications/updates (162.158.56.140) 1.58ms
[D 221005 09:52:08 NotificationHandlers:46] [Web Socket] Opened public notification socket.
[E 221005 09:57:21 web:1798] Uncaught exception POST /reset (162.158.56.149)
    HTTPServerRequest(protocol='https', host='taajeer.saluslab.net', method='POST', uri='/reset', version='HTTP/1.1', remote_ip='162.158.56.149')
    Traceback (most recent call last):
      File "/usr/lib/python3.8/smtplib.py", line 391, in getreply
        line = self.file.readline(_MAXLINE + 1)
      File "/usr/lib/python3.8/socket.py", line 669, in readinto
        return self._sock.recv_into(b)
    ConnectionResetError: [Errno 104] Connection reset by peer

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
      File "/usr/local/lib/python3.8/dist-packages/tornado/web.py", line 1711, in _execute
        result = method(*self.path_args, **self.path_kwargs)
      File "/root/RootTheBox/handlers/PublicHandlers.py", line 760, in post
        smtpObj = smtplib.SMTP(options.mail_host, port=options.mail_port)
      File "/usr/lib/python3.8/smtplib.py", line 255, in __init__
        (code, msg) = self.connect(host, port)
      File "/usr/lib/python3.8/smtplib.py", line 341, in connect
        (code, msg) = self.getreply()
      File "/usr/lib/python3.8/smtplib.py", line 394, in getreply
        raise SMTPServerDisconnected("Connection unexpectedly closed: "
    smtplib.SMTPServerDisconnected: Connection unexpectedly closed: [Errno 104] Connection reset by peer
[E 221005 09:57:21 BaseHandlers:195] Request from 162.158.56.149 resulted in an error code 500:
    Traceback (most recent call last):
      File "/usr/lib/python3.8/smtplib.py", line 391, in getreply
        line = self.file.readline(_MAXLINE + 1)
      File "/usr/lib/python3.8/socket.py", line 669, in readinto
        return self._sock.recv_into(b)
    ConnectionResetError: [Errno 104] Connection reset by peer

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
      File "/usr/local/lib/python3.8/dist-packages/tornado/web.py", line 1711, in _execute
        result = method(*self.path_args, **self.path_kwargs)
      File "/root/RootTheBox/handlers/PublicHandlers.py", line 760, in post
        smtpObj = smtplib.SMTP(options.mail_host, port=options.mail_port)
      File "/usr/lib/python3.8/smtplib.py", line 255, in __init__
        (code, msg) = self.connect(host, port)
      File "/usr/lib/python3.8/smtplib.py", line 341, in connect
        (code, msg) = self.getreply()
      File "/usr/lib/python3.8/smtplib.py", line 394, in getreply
        raise SMTPServerDisconnected("Connection unexpectedly closed: "
    smtplib.SMTPServerDisconnected: Connection unexpectedly closed: [Errno 104] Connection reset by peer

[E 221005 09:57:21 web:2271] 500 POST /reset (162.158.56.149) 309376.98ms

[g33kroid]

A side note I noticed the Platform keeps logging me out every 5 to 10 min so if I am generating user Register token or creating boxes it logged me out and I had to login again

[eljeffeg]

Just for troubleshooting clarification, you running a docker instance or full install? And if full install, what Python version.

[g33kroid]

I am using the Bare-metal (Full Deployment). Python Version 3.8.10 on Ubuntu 20.04 LTS and the Latest Version of HTB. It was a fresh VM and I ran the depends.sh script as the guide mentioned.

[eljeffeg]

I pushed up a change that might help or at least provide a little more logging. Give it a try. If no luck, then you might want to try creating a simple test script using libsmtp to see if things are connecting right. Then we can try to narrow down the issue.

[eljeffeg]

I also looked at the session and I didn't see anything off. You have it set to 2 days, so not quite sure what could be causing that. Not sure if it matters, because I think we autocorrect, but your origin should have wss:// if it's ssl.

[eljeffeg]

Some additional email updates were added in the 3.12.0 branch - reopen if that release doesn't resolve your issues.