Cortex icon indicating copy to clipboard operation
Cortex copied to clipboard

Published 20 hours ago verified publisher icon TheHive-Project

Initial administrator creation using the username/name "cortex" fails.

Open 0xbennyv opened this issue 4 years ago • 1 comments

Initial administrator creation using the username/name "cortex" fails.

Request Type

Bug

Work Environment

Question Answer
OS version (server) Ubuntu 18.04
OS version (client) Manjaro
Cortex version / git hash 3.0
Package Type Ubuntu
Browser type & version Chromium and Firefox

Problem Description

When setting up cortex, when creating the initial administrator user if the username and name are "cortex" the creation fails. Upon refreshing the browser the error "Error: User init is not found".

I've replicated this with a fresh build with no errors. Changing the name and username gives me a fully functional healthy cortex instance.

Steps to Reproduce

  1. Install Ubuntu 18.04
  2. Follow installation guide.
  3. Upon browsing to cortex, click "Update Database"
  4. When creating the new user, make the username and name "cortex".
  5. Request will hang indefinitely, anybody else browsing to cortex or refreshing the page will show "Error: User init is not found"
  6. Deleting the elastic index for cortex and redoing steps 3 and 4 with different username/name the issue does appear

Complementary information

tail -f /var/log/cortex/application.log 2020-06-24 01:01:01,527 [INFO] from com.sksamuel.elastic4s.http.ElasticClient$ in application-akka.actor.default-dispatcher-7 - Creating HTTP client on http://127.0.0.1:9200 2020-06-24 01:01:01,538 [INFO] from com.sksamuel.elastic4s.http.ElasticClient$ in application-akka.actor.default-dispatcher-4 - Creating HTTP client on http://127.0.0.1:9200 2020-06-24 01:01:01,583 [INFO] from com.sksamuel.elastic4s.http.ElasticClient$ in application-akka.actor.default-dispatcher-4 - Creating HTTP client on http://127.0.0.1:9200 2020-06-24 01:01:01,608 [INFO] from org.elastic4play.services.MigrationSrv in application-akka.actor.default-dispatcher-4 - Create a new empty database 2020-06-24 01:01:01,609 [INFO] from org.elastic4play.services.MigrationSrv in application-akka.actor.default-dispatcher-4 - Migrate database from version 0, add operations for version 2 2020-06-24 01:01:01,619 [INFO] from org.elastic4play.services.MigrationSrv in application-akka.actor.default-dispatcher-4 - Migrate database from version 0, add operations for version 3 2020-06-24 01:01:01,619 [INFO] from org.elastic4play.services.MigrationSrv in application-akka.actor.default-dispatcher-4 - Migrate database from version 0, add operations for version 4 2020-06-24 01:01:02,963 [INFO] from org.elastic4play.services.MigrationSrv in application-akka.actor.default-dispatcher-5 - Migrating 0 entities from sequence 2020-06-24 01:01:03,015 [INFO] from org.elastic4play.services.MigrationSrv in application-akka.actor.default-dispatcher-5 - Migrating 0 entities from artifact 2020-06-24 01:01:03,017 [INFO] from org.elastic4play.services.MigrationSrv in application-akka.actor.default-dispatcher-5 - Migrating 0 entities from audit 2020-06-24 01:01:03,021 [INFO] from org.elastic4play.services.MigrationSrv in application-akka.actor.default-dispatcher-5 - Migrating 0 entities from data 2020-06-24 01:01:03,023 [INFO] from org.elastic4play.services.MigrationSrv in application-akka.actor.default-dispatcher-5 - Migrating 0 entities from dblist 2020-06-24 01:01:03,025 [INFO] from org.elastic4play.services.MigrationSrv in application-akka.actor.default-dispatcher-5 - Migrating 0 entities from job 2020-06-24 01:01:03,028 [INFO] from org.elastic4play.services.MigrationSrv in application-akka.actor.default-dispatcher-5 - Migrating 0 entities from organization 2020-06-24 01:01:03,030 [INFO] from org.elastic4play.services.MigrationSrv in application-akka.actor.default-dispatcher-5 - Migrating 0 entities from report 2020-06-24 01:01:03,031 [INFO] from org.elastic4play.services.MigrationSrv in application-akka.actor.default-dispatcher-5 - Migrating 0 entities from user 2020-06-24 01:01:03,033 [INFO] from org.elastic4play.services.MigrationSrv in application-akka.actor.default-dispatcher-5 - Migrating 0 entities from worker 2020-06-24 01:01:03,036 [INFO] from org.elastic4play.services.MigrationSrv in application-akka.actor.default-dispatcher-5 - Migrating 0 entities from workerConfig 2020-06-24 01:01:03,957 [INFO] from org.elastic4play.services.MigrationSrv in application-akka.actor.default-dispatcher-12 - End of migration 2020-06-24 01:01:12,891 [INFO] from org.thp.cortex.services.ErrorHandler in application-akka.actor.default-dispatcher-5 - POST /api/user returned 400 org.elastic4play.ConflictError: [doc][cortex]: version conflict, document already exists (current version [1]) at org.elastic4play.database.DBConfiguration.$anonfun$execute$2(DBConfiguration.scala:146) at scala.concurrent.Future.$anonfun$flatMap$1(Future.scala:307) at scala.concurrent.impl.Promise.$anonfun$transformWith$1(Promise.scala:41) at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:64) at akka.dispatch.BatchingExecutor$AbstractBatch.processBatch(BatchingExecutor.scala:55) at akka.dispatch.BatchingExecutor$BlockableBatch.$anonfun$run$1(BatchingExecutor.scala:91) at scala.runtime.java8.JFunction0$mcV$sp.apply(JFunction0$mcV$sp.java:23) at scala.concurrent.BlockContext$.withBlockContext(BlockContext.scala:85) at akka.dispatch.BatchingExecutor$BlockableBatch.run(BatchingExecutor.scala:91) at akka.dispatch.TaskInvocation.run(AbstractDispatcher.scala:40) at akka.dispatch.ForkJoinExecutorConfigurator$AkkaForkJoinTask.exec(ForkJoinExecutorConfigurator.scala:44) at akka.dispatch.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260) at akka.dispatch.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339) at akka.dispatch.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979) at akka.dispatch.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107)

Refreshing the browser after the post failure: tail -f /var/log/cortex/application.log 2020-06-24 01:02:59,465 [INFO] from org.thp.cortex.services.ErrorHandler in application-akka.actor.default-dispatcher-4 - GET /api/user/current returned 404 org.elastic4play.NotFoundError: user init not found at org.elastic4play.database.DBGet.$anonfun$apply$2(DBGet.scala:37) at scala.Option.fold(Option.scala:175) at org.elastic4play.database.DBGet.$anonfun$apply$1(DBGet.scala:37) at scala.util.Success.$anonfun$map$1(Try.scala:255) at scala.util.Success.map(Try.scala:213) at scala.concurrent.Future.$anonfun$map$1(Future.scala:292) at scala.concurrent.impl.Promise.liftedTree1$1(Promise.scala:33) at scala.concurrent.impl.Promise.$anonfun$transform$1(Promise.scala:33) at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:64) at akka.dispatch.BatchingExecutor$AbstractBatch.processBatch(BatchingExecutor.scala:55) at akka.dispatch.BatchingExecutor$BlockableBatch.$anonfun$run$1(BatchingExecutor.scala:91) at scala.runtime.java8.JFunction0$mcV$sp.apply(JFunction0$mcV$sp.java:23) at scala.concurrent.BlockContext$.withBlockContext(BlockContext.scala:85) at akka.dispatch.BatchingExecutor$BlockableBatch.run(BatchingExecutor.scala:91) at akka.dispatch.TaskInvocation.run(AbstractDispatcher.scala:40) at akka.dispatch.ForkJoinExecutorConfigurator$AkkaForkJoinTask.exec(ForkJoinExecutorConfigurator.scala:44) at akka.dispatch.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260) at akka.dispatch.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339) at akka.dispatch.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979) at akka.dispatch.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107)

0xbennyv avatar Jun 24 '20 01:06 0xbennyv

I have a similar problem on the StrangeBee's AMI Cortex v3.1.7-1 (Cortex3_20221026_20221026093201-265ad2e6-e89c-4b06-ab7a-b69e2decc88b).

The request to create the administrative user goes through but the login never works. Even the request that should automatically log me in the first time fails with HTTP 401.

In order to rule out a strong case of PEBKAC, I have repeated this step several times, destroying the Cortex's index as suggested in https://github.com/TheHive-Project/TheHive/issues/233#issuecomment-883287657 and this article between each attempt. Still nothing.

Could this login problem be caused by an issue setting up the volumes? I literally didn't do anything else with the Cortex AMI besides formatting the docker and data volumes to ext4.

metaturso avatar Dec 06 '22 15:12 metaturso