search

nilsteampassnet / TeamPass

Collaborative Passwords Manager
https://www.teampass.net
1.68k stars 548 forks source link

Hacking attempt... after clear install v2.1.25 #1272

Closed johnluxor closed 7 years ago

johnluxor commented 8 years ago

I have installed teampass. I try to login with admin credentials, and get hacking attempt in file http://teampass.rocketfirm.net/sources/identify.php

I viewed it in firebug panel

My software. Debian 8.4 PHP 5.6.19 with all extensions MySQL 5.5.47

mannes commented 8 years ago

Same here using 2.1.27 branch. Tried removing cache and cookies in browser

Debian 8.2 PHP 5.6.13 Mysql 5.5.44

nilsteampassnet commented 8 years ago

Don't use 2.1.27 branch. It has not been updated with 2.1.26. Latest is 2.1.26 development branch

odraude commented 8 years ago

Hi @nilsteampassnet

I'm using version 2.1.26 (TeamPass 2.1.26 2009 - 2016) and I've had the same problem.

My Server:

nilsteampassnet commented 8 years ago

Can you please indicate what 2.1.26 package pre-release you use?

But in any case something is wrong with installation on server. If it is a fresh install, clean current folder, reupload and reinstall.

timo002 commented 8 years ago

Same issue here, I've installed is twice now but I'm keeping the same issue.

I've installed this on my VPS, running on CentOS 6.8 (Final)‬ with Plesk 12.5. Installation is going fine, but after that, I can't login. If I look at the call that is done after login, it returns "Hacking attempt..."

I've installed the latest version, downloaded by using this URL: https://github.com/nilsteampassnet/TeamPass/archive/master.zip

Also if I only change the language, I already get an "Hacking attempt..." response.

odraude commented 8 years ago

Can you please indicate what 2.1.26 package pre-release you use?

Hi,

The release is 2.1.26 (14) (Release 2.1.26 (14))

Kind regards

kkongr commented 8 years ago

Hi,

We have the same issue as timo002. Cannot login at all!

We are on the login page but after insert the credentials (any username/password) we just see the "loading bars" next to "Please identify yourself" as on the attachedc file. teampasslogin

We have tried Chrome, Firefox, IE 11.

The installation of Teampass is 2.1.26 on VPS running on Centos 7.2 with Plesk 12.5.30

Can you please help us?

Best Regards,

nilsteampassnet commented 8 years ago

What package of 2.1.26 do you use? What are the Firebug error message you receive ?

If it is an upgrade,have you over write all the files ? Have you cleared the cache ? Have you run the upgrade file ?

kkongr commented 8 years ago

Hello,

First thank you for your response.

I managed to successfully install teampass version 2.1.26 (14). Till now, what i have seen works fine.

The issue was a setting on the Plesk PHP version for security purposes.

For your reference and other users also, my setup is a Plesk Server 12.5.30 Update #45 running on ‪CentOS Linux 7.2.1511 (Core)‬. The setup that worked was using PHP version 5.5.38 running as FastCGI application served by Apache. Further i had to change into PHP settings the field "open_basedir" to "none" instead of the default one. After these changes i run the installation without any issues.

Best Regards,

Carol007robot commented 8 years ago

Hey, I have the same Hacking attempt issue, our docker image ID is fcdcd385ce63, the installation of Teampass is 2.1.26.

Could you please help us?

Best Regards,

nilsteampassnet commented 8 years ago

Please provide logs from Apache and Firebug error message

Carol007robot commented 8 years ago

Thanks for replying this question, here is our Apache log, we met this issue on Firefox/Chrome/IE, I'll try to track the browse error log, but could you please take a look the Apache error log first ?

This is the log when we got the error: #015 I think is our folder number that saved in database? I haven't download the frebug log yet, but when I opened the debug log, seems no errors: Nov 9 11:03:48 docker-pioneer docker-current[11780]: #015 Nov 9 11:03:48 docker-pioneer docker-current[11780]: ==> /var/log/apache2/error.log <==#015 Nov 9 11:03:48 docker-pioneer docker-current[11780]: [Wed Nov 09 03:03:48.118853 2016] [:error] [pid 408] [client 172.17.0.3:51142] PHP Notice: Undefined index: settings in /teampass/www/index.php on line 110#015 Nov 9 11:03:48 docker-pioneer docker-current[11780]: [Wed Nov 09 03:03:48.118949 2016] [:error] [pid 408] [client 172.17.0.3:51142] PHP Warning: require_once(/includes/language/english.php): failed to open stream: No such file or directory in /teampass/www/index.php on line 110#015 Nov 9 11:03:48 docker-pioneer docker-current[11780]: [Wed Nov 09 03:03:48.118966 2016] [:error] [pid 408] [client 172.17.0.3:51142] PHP Fatal error: require_once(): Failed opening required '/includes/language/english.php' (include_path='.:/usr/share/php:/usr/share/pear') in /teampass/www/index.php on line 110#015 Nov 9 11:03:48 docker-pioneer docker-current[11780]: #015 Nov 9 11:03:48 docker-pioneer docker-current[11780]: ==> /var/log/apache2/access.log <==#015 Nov 9 11:03:48 docker-pioneer docker-current[11780]: 172.17.0.3 - - [09/Nov/2016:03:03:48 +0000] "GET / HTTP/1.1" 500 3718 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.90 Safari/537.36"#015 Nov 9 11:03:48 docker-pioneer docker-current[11780]: #015 Nov 9 11:03:48 docker-pioneer docker-current[11780]: ==> /var/log/apache2/error.log <==#015 Nov 9 11:03:48 docker-pioneer docker-current[11780]: [Wed Nov 09 03:03:48.506425 2016] [:error] [pid 406] [client 172.17.0.3:51144] PHP Notice: Undefined index: SSL_SERVER_CERT in /teampass/www/sources/core.php on line 276, referer: https://teampass.odw.com.cn/#015 Nov 9 11:03:48 docker-pioneer docker-current[11780]: [Wed Nov 09 03:03:48.506465 2016] [:error] [pid 406] [client 172.17.0.3:51144] PHP Warning: Invalid argument supplied for foreach() in /teampass/www/sources/core.php on line 278, referer: https://teampass.odw.com.cn/#015 Nov 9 11:03:48 docker-pioneer docker-current[11780]: [Wed Nov 09 03:03:48.506476 2016] [:error] [pid 406] [client 172.17.0.3:51144] PHP Notice: Undefined variable: cert_issuer in /teampass/www/sources/core.php on line 286, referer: https://teampass.odw.com.cn/#015 Nov 9 11:03:48 docker-pioneer docker-current[11780]: #015 Nov 9 11:03:48 docker-pioneer docker-current[11780]: ==> /var/log/apache2/access.log <==#015 Nov 9 11:03:48 docker-pioneer docker-current[11780]: 172.17.0.3 - - [09/Nov/2016:03:03:48 +0000] "GET /index.php HTTP/1.1" 200 13095 "https://teampass.odw.com.cn/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.90 Safari/537.36"#015 Nov 9 11:03:49 docker-pioneer docker-current[11780]: #015 Nov 9 11:03:49 docker-pioneer docker-current[11780]: ==> /var/log/apache2/error.log <==#015 Nov 9 11:03:49 docker-pioneer docker-current[11780]: [Wed Nov 09 03:03:49.389669 2016] [:error] [pid 406] [client 172.17.0.3:51144] PHP Notice: Undefined index: SSL_SERVER_CERT in /teampass/www/sources/core.php on line 276#015 Nov 9 11:03:49 docker-pioneer docker-current[11780]: [Wed Nov 09 03:03:49.389711 2016] [:error] [pid 406] [client 172.17.0.3:51144] PHP Warning: Invalid argument supplied for foreach() in /teampass/www/sources/core.php on line 278#015 Nov 9 11:03:49 docker-pioneer docker-current[11780]: [Wed Nov 09 03:03:49.389720 2016] [:error] [pid 406] [client 172.17.0.3:51144] PHP Notice: Undefined variable: cert_issuer in /teampass/www/sources/core.php on line 286#015 Nov 9 11:03:49 docker-pioneer docker-current[11780]: #015 Nov 9 11:03:49 docker-pioneer docker-current[11780]: ==> /var/log/apache2/access.log <==#015 Nov 9 11:03:49 docker-pioneer docker-current[11780]: 172.17.0.3 - - [09/Nov/2016:03:03:49 +0000] "GET / HTTP/1.1" 200 10049 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.90 Safari/537.36"#015 Nov 9 11:03:49 docker-pioneer docker-current[11780]: #015 Nov 9 11:03:49 docker-pioneer docker-current[11780]: ==> /var/log/apache2/error.log <==#015 Nov 9 11:03:49 docker-pioneer docker-current[11780]: [Wed Nov 09 03:03:49.516664 2016] [:error] [pid 406] [client 172.17.0.3:51144] PHP Notice: Undefined index: SSL_SERVER_CERT in /teampass/www/sources/core.php on line 276, referer: https://teampass.odw.com.

nilsteampassnet commented 8 years ago

Strange logs. Seems to miss files in your installation. Can you please check that all files from package are available on your server.

Carol007robot commented 8 years ago

We pulled this system from docker, the docker image ID is fcdcd385ce63, so the files should be all installed by default, we haven't remove or did any changes with the packages. But if you want, I can still take a look. But could you please give me a list of the packages? Could you please check the docker image ID to see if this is the one that you build? And do you have any new version of the image can let us to try?

Thanks.