-
Notifications
You must be signed in to change notification settings - Fork 225
Frequent Problems
There are two cases which can cause this:
-
If the task uses a hashlist or wordlists/rules which are marked as secret, the agents needs to be trusted to be allowed to be assigned to this task. To check if the agent is trusted, visit the agent details page.
-
In case the agent has no GPU (or the agent failed to detect the GPUs on the registration) it is viewed as CPU only agent. These agents only get cpu-only tasks assigned, all normal tasks are ignored. To check this status, also check the agent details page
If you get negative chunk lengths, for example like:
{
"action":"chunk",
"response":"SUCCESS",
"status":"OK",
"chunk":2,
"skip":0,
"length":-1626332928
}
it may be that your server has 32-bit PHP only. Hashtopolis requires to have 64-bit PHP to handle very large numbers. If you want to test your server PHP setup, you can use this small script:
<?php
switch(PHP_INT_SIZE) {
case 4:
echo '32-bit version of PHP';
break;
case 8:
echo '64-bit version of PHP';
break;
default:
echo 'PHP_INT_SIZE is ' . PHP_INT_SIZE;
}
Hashes like for example NetNTLMv2 contain multiple colons inside the hash. In this case it should not get separated into hash/salt as this would make it impossible to crack and successfully submit back to the server. In this case you need to set a different separator than the colon when creating the hashlist, by setting the salt separator (to something which does not appear in the hash itself).
For further details, read this issue
On the server config the max hash/plain length can be extended. Depending on your MySQL configuration the server does not allow you to go over xxx chars. To avoid this you need to take care about the InnoDB key length configuration, but the exact required configuration is unknown yet.
Either when an agent submits a crack with a non ascii character or when you add a non ascii character to any input field you might receive the following error:
PHP Fatal error: Uncaught PDOException: SQLSTATE[HY000]: General error: 1366 Incorrect string value: '\\xD0\\xB9\\xD1\\x86\\xD1\\x83...' for column 'attackCmd' at row 1 in /var/www/html/src/dba/AbstractModelFactory.class.php:115\nStack trace:\n#0 /var/www/html/src/dba/AbstractModelFactory.class.php(115): PDOStatement->execute()\n#1 /var/www/html/src/dba/models/TaskFactory.class.php(80): DBA\\AbstractModelFactory->save()\n#2 /var/www/html/src/inc/handlers/TaskHandler.class.php(328): DBA\\TaskFactory->save()\n#3 /var/www/html/src/inc/handlers/TaskHandler.class.php(90): TaskHandler->create()\n#4 /var/www/html/src/tasks.php(30): TaskHandler->handle()\n#5 {main}\n thrown in /var/www/html/src/dba/AbstractModelFactory.class.php on line 115, referer: http://127.0.0.1:8080/tasks.php?new=true
This is caused by the mysql database settings. Login to the database using the following commands:
docker exec -it db /bin/bash
# Inside the docker container
mysql -p -Dhashtopolis
# Login using the root password
mysql> SHOW TABLE STATUS LIKE 'Task';
+------+--------+---------+------------+------+----------------+-------------+-----------------+--------------+-----------+----------------+---------------------+-------------+------------+-------------------+----------+----------------+---------+
| Name | Engine | Version | Row_format | Rows | Avg_row_length | Data_length | Max_data_length | Index_length | Data_free | Auto_increment | Create_time | Update_time | Check_time | Collation | Checksum | Create_options | Comment |
+------+--------+---------+------------+------+----------------+-------------+-----------------+--------------+-----------+----------------+---------------------+-------------+------------+-------------------+----------+----------------+---------+
| Task | InnoDB | 10 | Dynamic | 0 | 0 | 16384 | 0 | 49152 |
0 | 2 | 2023-09-02 11:06:53 | NULL | NULL | latin1_swedish_ci | NULL | | |
+------+--------+---------+------------+------+----------------+-------------+-----------------+--------------+-----------+----------------+---------------------+-------------+------------+-------------------+----------+----------------+---------+
1 row in set (0.00 sec)
In the command above you can see that the Collation is set to: latin1_swedish_ci
. This collation doesn't support some UTF8 characters and that is cause of the error.
To resolve this issue:
- Make sure your database is running mysql 8.0
- Set the collation of all data to the right collation.
docker compose down
nano docker-compose.yml # Change mysql:5.7 to mysql:8.0
...
db:
container_name: db
image: mysql:8.0
restart: always
...
docker compose up
docker exec -it db /bin/bash
# Inside the docker container
mysql -p -Dhashtopolis
# Login using the root password
mysql> SELECT CONCAT("ALTER TABLE ", TABLE_NAME, " CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci;") AS SQLStatementsToRun
FROM INFORMATION_SCHEMA.TABLES
WHERE TABLE_SCHEMA="hashtopolis"
AND TABLE_TYPE="BASE TABLE";
+----------------------------------------------------------------------------------------------+
| SQLStatementsToRun |
+----------------------------------------------------------------------------------------------+
| ALTER TABLE AccessGroup CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci; |
| ALTER TABLE AccessGroupAgent CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci; |
| ALTER TABLE AccessGroupUser CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci; |
| ALTER TABLE Agent CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci; |
...
# Copy the generated commands and run those commands
mysql> ALTER TABLE AccessGroup CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci;
mysql> ALTER TABLE AccessGroupAgent CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci;
mysql> ALTER TABLE AccessGroupUser CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci;
mysql> ALTER TABLE Agent CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci;
...
# Next set the default collation:
mysql> ALTER DATABASE hashtopolis CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci;
# Check if settings are applied:
mysql> SHOW TABLE STATUS LIKE 'Task';
+------+--------+---------+------------+------+----------------+-------------+-----------------+--------------+-----------+----------------+---------------------+-------------+------------+-------------------+----------+----------------+---------+
| Name | Engine | Version | Row_format | Rows | Avg_row_length | Data_length | Max_data_length | Index_length | Data_free | Auto_increment | Create_time | Update_time | Check_time | Collation | Checksum | Create_options | Comment |
+------+--------+---------+------------+------+----------------+-------------+-----------------+--------------+-----------+----------------+---------------------+-------------+------------+-------------------+----------+----------------+---------+
| Task | InnoDB | 10 | Dynamic | 0 | 0 | 16384 | 0 | 49152 |
0 | 2 | 2023-09-02 11:06:53 | NULL | NULL | utf8mb4_0900_ai_ci | NULL | | |
+------+--------+---------+------------+------+----------------+-------------+-----------------+--------------+-----------+----------------+---------------------+-------------+------------+-------------------+----------+----------------+---------+
1 row in set (0.00 sec)
This should now display utf8mb4_0900_ai_ci
instead of latin1_swedish_ci
Backend log full with "mysql_native_password is deprecated and will be removed in a future release. Please use caching_sha2_password instead"
Example log in the backend:
[Warning] [MY-013360] [Server] Plugin mysql_native_password reported: ''mysql_native_password' is deprecated and will be removed in a future release. Please use caching_sha2_password instead'
This is probably because you have upgraded an old database (for example running MySQL 5.7) to a new version of MySQL. You see to set the authentication plugin to the new standard.
Login into the database and set the authentication plugin for the user hashtopolis:
docker exec -it db /bin/bash
# Inside the docker container
mysql -p -Dhashtopolis
# Login using the root password
# Check the auth plugin for the hashtopolis user:
mysql> select Host,User,plugin from mysql.user;
+-----------+------------------+-----------------------+
| Host | User | plugin |
+-----------+------------------+-----------------------+
| % | hashtopolis | mysql_native_password |
| % | root | mysql_native_password |
| localhost | mysql.infoschema | caching_sha2_password |
| localhost | mysql.session | mysql_native_password |
| localhost | mysql.sys | mysql_native_password |
| localhost | root | mysql_native_password |
+-----------+------------------+-----------------------+
# Now set the password again using the new auth plugin:
mysql> ALTER USER 'hashtopolis'@'%' IDENTIFIED WITH caching_sha2_password BY '<password>';
# Check if the change is applied:
mysql> select Host,User,plugin from mysql.user;
+-----------+------------------+-----------------------+
| Host | User | plugin |
+-----------+------------------+-----------------------+
| % | hashtopolis | caching_sha2_password |
| % | root | mysql_native_password |
| localhost | mysql.infoschema | caching_sha2_password |
| localhost | mysql.session | mysql_native_password |
| localhost | mysql.sys | mysql_native_password |
| localhost | root | mysql_native_password |
+-----------+------------------+-----------------------+
6 rows in set (0.00 sec)
Now the log entries should not appear anymore.
Hashcat.net only offers directly downloadable binaries for Windows and Linux. If you want to use it for OS X you need to download the sources, build it with make, call the built file hashcat64.osx
and add it to the hashcat 7z archive. This archive should then be hosted somewhere for the clients to download and this url must be configured for the cracker binary.
If the agent sends always benchmark result 0 back to the server, check what the output of the same Hashcat command is. It's possible that Hashcat for some reasons does not update the progress count very often and therefore the progress is still stuck at 0 even after running 30 seconds (Hashcat does make progress, but it jumps in larger steps sometimes)
WAMP does aggressively cache everything, even php files which change during the installation of Hashtopolis. To be able to run with WAMP you need to turn of this caching feature by setting opcache.enable=0
in the php.ini file.
Internally hashcat handles increment commands as separate mask tasks. The command "looks like just one 'task' to the end-user but it is not" As such Hashtopolis cannot run incremented tasks. These tasks must be separated out into individual tasks and added as a set of preconfigured tasks which can, in turn, be set as a Supertask to achieve the same functionality as hashcat's increment feature.