Registration Tokens feature does not work

ilovewingchun commented 1 year ago

Hi I'm trying this Registration Tokens feature but when I click RegTokens button I always get "404 - Glitch in the Matrix" error. I'm using the docker deployment. Everything else works fine.

ilovewingchun commented 1 year ago

Here is what I see from console after enabling debug mode in docker when I click the "RegTokens" button:

webapp_1     | [E 230714 08:06:09 web:1871] Uncaught exception GET /admin/regtoken/create (192.168.89.39)
webapp_1     |     HTTPServerRequest(protocol='http', host='192.168.89.253:8888', method='GET', uri='/admin/regtoken/create', version='HTTP/1.1', remote_ip='192.168.89.39')
webapp_1     |     Traceback (most recent call last):
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/web.py", line 1784, in _execute
webapp_1     |         result = method(*self.path_args, **self.path_kwargs)
webapp_1     |       File "/opt/rtb/libs/SecurityDecorators.py", line 112, in wrapper
webapp_1     |         return method(self, *args, **kwargs)
webapp_1     |       File "/opt/rtb/libs/SecurityDecorators.py", line 67, in wrapper
webapp_1     |         return method(self, *args, **kwargs)
webapp_1     |       File "/opt/rtb/libs/SecurityDecorators.py", line 151, in wrapper
webapp_1     |         return method(self, *args, **kwargs)
webapp_1     |       File "/opt/rtb/handlers/AdminHandlers/AdminGameHandlers.py", line 192, in get
webapp_1     |         uri[args[0]]()
webapp_1     |       File "/opt/rtb/handlers/AdminHandlers/AdminGameHandlers.py", line 215, in create
webapp_1     |         self.render("admin/create/token.html", token=token)
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/web.py", line 940, in render
webapp_1     |         html = self.render_string(template_name, **kwargs)
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/web.py", line 1089, in render_string
webapp_1     |         return t.generate(**namespace)
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/template.py", line 362, in generate
webapp_1     |         return execute()
webapp_1     |       File "admin/create/token_html.generated.py", line 33, in _tt_execute
webapp_1     |         _tt_tmp = _tt_utf8(xhtml_escape(_tt_tmp))  # admin/create/token.html:10 (via main.html:32)
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/escape.py", line 55, in xhtml_escape
webapp_1     |         lambda match: _XHTML_ESCAPE_DICT[match.group(0)], to_basestring(value)
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/escape.py", line 229, in to_unicode
webapp_1     |         return value.decode("utf-8")
webapp_1     |     UnicodeDecodeError: 'utf-8' codec can't decode byte 0xaf in position 0: invalid start byte
webapp_1     | [E 230714 08:06:09 BaseHandlers:196] Request from 192.168.89.39 resulted in an error code 500:
webapp_1     |     Traceback (most recent call last):
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/web.py", line 1784, in _execute
webapp_1     |         result = method(*self.path_args, **self.path_kwargs)
webapp_1     |       File "/opt/rtb/libs/SecurityDecorators.py", line 112, in wrapper
webapp_1     |         return method(self, *args, **kwargs)
webapp_1     |       File "/opt/rtb/libs/SecurityDecorators.py", line 67, in wrapper
webapp_1     |         return method(self, *args, **kwargs)
webapp_1     |       File "/opt/rtb/libs/SecurityDecorators.py", line 151, in wrapper
webapp_1     |         return method(self, *args, **kwargs)
webapp_1     |       File "/opt/rtb/handlers/AdminHandlers/AdminGameHandlers.py", line 192, in get
webapp_1     |         uri[args[0]]()
webapp_1     |       File "/opt/rtb/handlers/AdminHandlers/AdminGameHandlers.py", line 215, in create
webapp_1     |         self.render("admin/create/token.html", token=token)
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/web.py", line 940, in render
webapp_1     |         html = self.render_string(template_name, **kwargs)
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/web.py", line 1089, in render_string
webapp_1     |         return t.generate(**namespace)
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/template.py", line 362, in generate
webapp_1     |         return execute()
webapp_1     |       File "admin/create/token_html.generated.py", line 33, in _tt_execute
webapp_1     |         _tt_tmp = _tt_utf8(xhtml_escape(_tt_tmp))  # admin/create/token.html:10 (via main.html:32)
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/escape.py", line 55, in xhtml_escape
webapp_1     |         lambda match: _XHTML_ESCAPE_DICT[match.group(0)], to_basestring(value)
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/escape.py", line 229, in to_unicode
webapp_1     |         return value.decode("utf-8")
webapp_1     |     UnicodeDecodeError: 'utf-8' codec can't decode byte 0xaf in position 0: invalid start byte
webapp_1     |     
webapp_1     | [E 230714 08:06:09 web:2344] 500 GET /admin/regtoken/create (192.168.89.39) 86.02ms
webapp_1     | [I 230714 08:06:09 web:2344] 101 GET /connect/notifications/updates (192.168.89.39) 2.25ms

eljeffeg commented 1 year ago

I pushed a fix if you can test it. Thanks!

ilovewingchun commented 1 year ago

I pushed a fix if you can test it. Thanks!

The fix works, thanks! Now I can create token:

However, the "View & Delete" button under RegTokens does not work:

webapp_1     | [E 230715 00:01:57 web:1871] Uncaught exception GET /admin/regtoken/view (192.168.89.39)
webapp_1     |     HTTPServerRequest(protocol='http', host='192.168.89.253:8888', method='GET', uri='/admin/regtoken/view', version='HTTP/1.1', remote_ip='192.168.89.39')
webapp_1     |     Traceback (most recent call last):
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/web.py", line 1784, in _execute
webapp_1     |         result = method(*self.path_args, **self.path_kwargs)
webapp_1     |       File "/opt/rtb/libs/SecurityDecorators.py", line 112, in wrapper
webapp_1     |         return method(self, *args, **kwargs)
webapp_1     |       File "/opt/rtb/libs/SecurityDecorators.py", line 67, in wrapper
webapp_1     |         return method(self, *args, **kwargs)
webapp_1     |       File "/opt/rtb/libs/SecurityDecorators.py", line 151, in wrapper
webapp_1     |         return method(self, *args, **kwargs)
webapp_1     |       File "/opt/rtb/handlers/AdminHandlers/AdminGameHandlers.py", line 192, in get
webapp_1     |         uri[args[0]]()
webapp_1     |       File "/opt/rtb/handlers/AdminHandlers/AdminGameHandlers.py", line 219, in view
webapp_1     |         self.render("admin/view/token.html", errors=None)
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/web.py", line 940, in render
webapp_1     |         html = self.render_string(template_name, **kwargs)
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/web.py", line 1089, in render_string
webapp_1     |         return t.generate(**namespace)
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/template.py", line 362, in generate
webapp_1     |         return execute()
webapp_1     |       File "admin/view/token_html.generated.py", line 86, in _tt_execute
webapp_1     |         _tt_tmp = token.getvalue()  # admin/view/token.html:42 (via main.html:32)
webapp_1     |       File "/opt/rtb/models/RegistrationToken.py", line 63, in getvalue
webapp_1     |         return  decode(self.value)
webapp_1     |       File "/opt/rtb/libs/StringCoding.py", line 57, in decode
webapp_1     |         rv, length = codec.decode(s, *args, **kwargs)
webapp_1     |       File "/usr/local/lib/python3.8/encodings/utf_8.py", line 16, in decode
webapp_1     |         return codecs.utf_8_decode(input, errors, True)
webapp_1     |     UnicodeDecodeError: 'utf-8' codec can't decode byte 0xdf in position 1: invalid continuation byte
webapp_1     | [E 230715 00:01:57 BaseHandlers:196] Request from 192.168.89.39 resulted in an error code 500:
webapp_1     |     Traceback (most recent call last):
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/web.py", line 1784, in _execute
webapp_1     |         result = method(*self.path_args, **self.path_kwargs)
webapp_1     |       File "/opt/rtb/libs/SecurityDecorators.py", line 112, in wrapper
webapp_1     |         return method(self, *args, **kwargs)
webapp_1     |       File "/opt/rtb/libs/SecurityDecorators.py", line 67, in wrapper
webapp_1     |         return method(self, *args, **kwargs)
webapp_1     |       File "/opt/rtb/libs/SecurityDecorators.py", line 151, in wrapper
webapp_1     |         return method(self, *args, **kwargs)
webapp_1     |       File "/opt/rtb/handlers/AdminHandlers/AdminGameHandlers.py", line 192, in get
webapp_1     |         uri[args[0]]()
webapp_1     |       File "/opt/rtb/handlers/AdminHandlers/AdminGameHandlers.py", line 219, in view
webapp_1     |         self.render("admin/view/token.html", errors=None)
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/web.py", line 940, in render
webapp_1     |         html = self.render_string(template_name, **kwargs)
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/web.py", line 1089, in render_string
webapp_1     |         return t.generate(**namespace)
webapp_1     |       File "/usr/local/lib/python3.8/site-packages/tornado/template.py", line 362, in generate
webapp_1     |         return execute()
webapp_1     |       File "admin/view/token_html.generated.py", line 86, in _tt_execute
webapp_1     |         _tt_tmp = token.getvalue()  # admin/view/token.html:42 (via main.html:32)
webapp_1     |       File "/opt/rtb/models/RegistrationToken.py", line 63, in getvalue
webapp_1     |         return  decode(self.value)
webapp_1     |       File "/opt/rtb/libs/StringCoding.py", line 57, in decode
webapp_1     |         rv, length = codec.decode(s, *args, **kwargs)
webapp_1     |       File "/usr/local/lib/python3.8/encodings/utf_8.py", line 16, in decode
webapp_1     |         return codecs.utf_8_decode(input, errors, True)
webapp_1     |     UnicodeDecodeError: 'utf-8' codec can't decode byte 0xdf in position 1: invalid continuation byte
webapp_1     |     
webapp_1     | [E 230715 00:01:57 web:2344] 500 GET /admin/regtoken/view (192.168.89.39) 76.36ms
webapp_1     | [I 230715 00:01:57 web:2344] 101 GET /connect/notifications/updates (192.168.89.39) 1.50ms

I would also recommend we can bulk create multiple tokens in case we need many players to join the game. Thanks!

eljeffeg commented 1 year ago

I expect this is due to the tokens that were created prior to the fix that are still in the database. I'd try to go into the database table registration_token and delete the old tokens out.

ilovewingchun commented 1 year ago

I expect this is due to the tokens that were created prior to the fix that are still in the database. I'd try to go into the database table registration_token and delete the old tokens out.

You are right! It works after I git clone the project again and start over. Thanks!

ilovewingchun commented 1 year ago

BTW there were indeed unrecognizable characters in the registration_token table, and the "View & Delete" button works again after deleting all the rows:

root@c18dbcc254df:/# sqlite3 ./opt/rtb/files/rootthebox.db 
SQLite version 3.40.1 2022-12-28 14:03:47
Enter ".help" for usage hints.
sqlite> .tables
alembic_version      ip_address           team_to_flag       
box                  market_item          team_to_game_level 
category             notification         team_to_hint       
corporation          password_token       team_to_item       
email_token          paste_bin            team_to_source_code
file_upload          penalty              theme              
flag                 permission           theme_file         
flag_attachment      registration_token   user               
flag_choice          source_code          user_to_flag       
game_history         swat                 wall_of_sheep      
game_level           team               
hint                 team_to_box 

sqlite> select * from registration_token;
1|2023-07-12 05:29:29.573436|[�|0
2|2023-07-12 05:29:46.533605|6i�|0
3|2023-07-12 05:30:10.902763|sX<|0
4|2023-07-12 05:30:21.486414|��|0
5|2023-07-12 05:30:23.687323|b��|0
6|2023-07-12 05:30:24.718523|�Z�|0
7|2023-07-12 05:30:34.561960|��|0
8|2023-07-12 05:30:37.920141|(�C|0
9|2023-07-12 05:35:16.641055|�~�|0
10|2023-07-12 05:35:35.355246|V��|0
11|2023-07-12 05:35:38.036359|�U|0
12|2023-07-12 05:36:13.401461|��|0
13|2023-07-12 05:36:16.579057|�[{|0
14|2023-07-12 05:36:19.505409|���|0
15|2023-07-12 05:36:20.908324|���|0
16|2023-07-12 05:36:28.561262|��@|0
17|2023-07-12 05:37:04.376565|��1|0
18|2023-07-12 05:37:08.104751|Xz|0
19|2023-07-12 05:37:45.489553|?m�|0
20|2023-07-12 05:37:48.782313|
                              #�|0
21|2023-07-12 05:38:31.428986|�
�|0
22|2023-07-15 00:06:38.132008|5bba16|0
23|2023-07-15 00:06:39.324919|90e858|0
sqlite> 
sqlite> delete from registration_token;
sqlite> 
sqlite> select * from registration_token;
sqlite>

moloch-- / RootTheBox

Registration Tokens feature does not work #575