Comments (22)
In caldera/conf
there's a settings.yaml
file where the SSL cert and private key can be specified. By default these live in caldera/conf/cert.pem
and caldera/conf/key.pem
respectively.
Running the commandline specified in the logging output should generate the needed pem files openssl req -new -x509 -days 3652 -subj /CN='hostname --fqdn'/OU= ervers/O='hostname -d'/C=US -nodes -out conf/cert.pem -keyout conf/key.pem
.
However, I think newer versions of openssl might throw an error at that line because it's missing a newly required agument. If that happens you can run openssl req -new -x509 -days 3652 -nodes -out conf/cert.pem -keyout conf/key.pem
and follow the interactive prompt to fill out all the fields.
from caldera.
Check your python version. You need 3.5+ . Check out the installation instructions here https://caldera.readthedocs.io/en/latest/installation.html
from caldera.
my mistake I had python 3 and 2 both installed and accidentally ran with 2. I am getting a new error now.
File "C:\Users\John\AppData\Local\Programs\Python\Python37\lib\site-packages\p
ymongo\helpers.py", line 210, in _check_command_response
raise OperationFailure(msg % errmsg, code, response)
pymongo.errors.OperationFailure: Oplog collection reads are not allowed while in
the rollback or startup state.
from caldera.
@mgraf2 what version of mongodb and pymongo are you using?
from caldera.
pymongo 3.5.1, and mongodb version 4.0.
from caldera.
I was able to get past that with a lower version of mongodb, but now I am getting the following error:
C:\Users\John\Desktop\caldera-master 2\caldera>C:\Users\John\AppData\Local\Progr
ams\Python\Python37\python.exe caldera.py
Enter PEM pass phrase:DEBUG:app.server:Planner has started
DEBUG:asyncio:Using selector: SelectSelector
INFO:app.server:Planner closed
Process Process-1:
Traceback (most recent call last):
File "C:\Users\John\AppData\Local\Programs\Python\Python37\lib\site-packages\m
ongoengine\queryset\queryset.py", line 95, in _iter_results
raise StopIteration
StopIteration
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "C:\Users\John\AppData\Local\Programs\Python\Python37\lib\multiprocessing
\process.py", line 297, in _bootstrap
self.run()
File "C:\Users\John\AppData\Local\Programs\Python\Python37\lib\multiprocessing
\process.py", line 99, in run
self._target(*self._args, **self._kwargs)
File "C:\Users\John\Desktop\caldera-master 2\caldera\app\server.py", line 165,
in sigint_handler
target()
File "C:\Users\John\Desktop\caldera-master 2\caldera\app\server.py", line 306,
in planner_process
loop.run_until_complete(start_operations(rebuild_mappings))
File "C:\Users\John\AppData\Local\Programs\Python\Python37\lib\asyncio\base_ev
ents.py", line 568, in run_until_complete
return future.result()
File "C:\Users\John\Desktop\caldera-master 2\caldera\app\updates.py", line 71,
in start_operations
for step in CodedStep.objects(name__nin=[x.name for x in operation_steps
.all_steps]):
RuntimeError: generator raised StopIteration
from caldera.
@mgraf2 Would you mind trying this with Python 3.6? I know I said 3.5+ earlier, but I'd like to rule out python version as the cause here.
from caldera.
I can try that, I am now seeing this I think I am closer. What config file do I add this to?
INFO:app.server:No SSL certificate or key found. Generating a self-signed SSL c
rtificate for you.
'openssl' is not recognized as an internal or external command,
operable program or batch file.
ERROR:app.server:Could not locate certificate chain. Please generate with opens
l and add to configuration file.
e.g. 'openssl req -new -x509 -days 3652 -subj /CN='hostname --fqdn'/OU=
ervers/O='hostname -d'/C=US -nodes -out conf/cert.pem -keyout conf/key.pem'
from caldera.
I finally got it to work, thank you for all your help!
from caldera.
@mgraf2 nice! Did you wind up switching to Python 3.6?
from caldera.
Yes I wound up switching to python 3.6, also didn't realize when running caldera.py it was asking for pem password which is printed to the cmd prompt but it gets hidden by a bunch of other stuff thats printed out; probably should have it wait for user to input pem password before continuing. I kept hitting enter without realizing it was asking for pem password and then it would exit with the error code. Can we expect other adversaries to be added to Caldera in a future update or is the user expected to add these on their own?
from caldera.
I'm trying to run caldera on a centos, all dependencies installed and python3.6, getting the first error
pymongo.errors.OperationFailure: Oplog collection reads are not allowed while in the rollback or startup state.
Any tip to get this solved and running?
from caldera.
I switched to Mongodb 3.0.1, and that seemed to do the trick.
from caldera.
@mgraf2 has the solution. We're currently working on MongoDB 4.0 support
from caldera.
Oh, so that's it...i will try, thank you guys :D
from caldera.
@dm-mitre want to be clear I must use MongodB3.6 not 4.0 as it's not supported yet. It looks the only download on Mongodb site is 4.0 though
from caldera.
Download here, i think I used 3.5.
from caldera.
3.01 rather
from caldera.
from caldera.
@mgraf2 @ericgatm4 @w0rk3r We pushed some updates to support MongoDB 4.0 and also a docker-compose script which should make installation and running much easier. Let us know if you have any problems.
from caldera.
@dm-mitre
It seems like the current build is incompatible with Python 3.7 as I ran into the following until downgrading to Python 3.6.x
Traceback (most recent call last):
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\mongoengine\queryset\queryset.py", line 95, in _iter_results
raise StopIteration
StopIteration
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "C:\Users\Administrator\Desktop\caldera-master\caldera\app\server.py", line 127, in run
web_process(settings, debug)
File "C:\Users\Administrator\Desktop\caldera-master\caldera\app\server.py", line 250, in web_process
for connection in ActiveConnection.objects:
RuntimeError: generator raised StopIteration
DEBUG:app.server:Planner has started
INFO:app.server:Loading default ATT&CK definitions
Process Process-1:
Traceback (most recent call last):
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\mongoengine\queryset\queryset.py", line 95, in _iter_results
raise StopIteration
StopIteration
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\multiprocessing\process.py", line 297, in _bootstrap
self.run()
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\multiprocessing\process.py", line 99, in run
self._target(*self._args, **self._kwargs)
File "C:\Users\Administrator\Desktop\caldera-master\caldera\app\server.py", line 168, in sigint_handler
target()
File "C:\Users\Administrator\Desktop\caldera-master\caldera\app\server.py", line 303, in planner_process
attack.load_default(attack_mappings)
File "C:\Users\Administrator\Desktop\caldera-master\caldera\app\attack.py", line 90, in load_default
for db_tech in AttackTechnique.objects:
RuntimeError: generator raised StopIteration
from caldera.
@stevenbrz , I've updated the version of mongoengine pinned in requirements.txt . I believe this will fix the error you received above running under Python 3.7.
from caldera.
Related Issues (20)
- not asset directory error HOT 4
- Pipe characters dropped from Fact during Parsing HOT 4
- Unable to login with default users HOT 13
- Error "Template 'index.html' not found" when connecting to localhost HOT 8
- BUG: Default installation steps failed on Ubuntu 22.04 HOT 11
- Bug: Remote Server Connections (non-localhost) are non-responsive on VueJS with connection refused HOT 8
- Vue Dependency Error when running "python3 server.py --insecure --build" HOT 10
- Cannot start ability manually HOT 3
- Any agents for ARM? HOT 4
- Dockerfile for 5.0.0 needs a small update to build the vue? HOT 5
- Caldera on MacOS HOT 5
- Error running server HOT 2
- Deploying agent through sshpass, second host acts odd - What am I missing? HOT 2
- Operation never finishes after a link/ability has failed HOT 1
- Plug-in img doesn't load HOT 1
- Cannot get past login page HOT 9
- Web interface does not display all the parser configurations of an ability HOT 1
- Having an 500 error when i run the Caldera server, even though it says all systems are ready HOT 3
- Template 'index.html' not found HOT 5
- Not being able to login in when using HTTPS? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from caldera.