Unable to run caldera.py

[mgraf2]

I am getting the following error:

Traceback (most recent call last):
File "caldera.py", line 16, in
from app import server
File "C:\Users\John\Desktop\caldera-master 2\caldera\app\server.py", line 136
async def heartbeat_init():
^

[unkempthenry]

Check your python version. You need 3.5+ . Check out the installation instructions here https://caldera.readthedocs.io/en/latest/installation.html

[mgraf2]

my mistake I had python 3 and 2 both installed and accidentally ran with 2. I am getting a new error now.

File "C:\Users\John\AppData\Local\Programs\Python\Python37\lib\site-packages\p
ymongo\helpers.py", line 210, in _check_command_response
raise OperationFailure(msg % errmsg, code, response)
pymongo.errors.OperationFailure: Oplog collection reads are not allowed while in
the rollback or startup state.

[dm-mitre]

@mgraf2 what version of mongodb and pymongo are you using?

[mgraf2]

pymongo 3.5.1, and mongodb version 4.0.

[mgraf2]

I was able to get past that with a lower version of mongodb, but now I am getting the following error:

C:\Users\John\Desktop\caldera-master 2\caldera>C:\Users\John\AppData\Local\Progr
ams\Python\Python37\python.exe caldera.py
Enter PEM pass phrase:DEBUG:app.server:Planner has started
DEBUG:asyncio:Using selector: SelectSelector
INFO:app.server:Planner closed
Process Process-1:
Traceback (most recent call last):
File "C:\Users\John\AppData\Local\Programs\Python\Python37\lib\site-packages\m
ongoengine\queryset\queryset.py", line 95, in _iter_results
raise StopIteration
StopIteration

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
File "C:\Users\John\AppData\Local\Programs\Python\Python37\lib\multiprocessing
\process.py", line 297, in _bootstrap
self.run()
File "C:\Users\John\AppData\Local\Programs\Python\Python37\lib\multiprocessing
\process.py", line 99, in run
self._target(*self._args, **self._kwargs)
File "C:\Users\John\Desktop\caldera-master 2\caldera\app\server.py", line 165,
in sigint_handler
target()
File "C:\Users\John\Desktop\caldera-master 2\caldera\app\server.py", line 306,
in planner_process
loop.run_until_complete(start_operations(rebuild_mappings))
File "C:\Users\John\AppData\Local\Programs\Python\Python37\lib\asyncio\base_ev
ents.py", line 568, in run_until_complete
return future.result()
File "C:\Users\John\Desktop\caldera-master 2\caldera\app\updates.py", line 71,
in start_operations
for step in CodedStep.objects(name__nin=[x.name for x in operation_steps
.all_steps]):
RuntimeError: generator raised StopIteration

[unkempthenry]

@mgraf2 Would you mind trying this with Python 3.6? I know I said 3.5+ earlier, but I'd like to rule out python version as the cause here.

[mgraf2]

I can try that, I am now seeing this I think I am closer. What config file do I add this to?

INFO:app.server:No SSL certificate or key found. Generating a self-signed SSL c
rtificate for you.
'openssl' is not recognized as an internal or external command,
operable program or batch file.
ERROR:app.server:Could not locate certificate chain. Please generate with opens
l and add to configuration file.
e.g. 'openssl req -new -x509 -days 3652 -subj /CN='hostname --fqdn'/OU=
ervers/O='hostname -d'/C=US -nodes -out conf/cert.pem -keyout conf/key.pem'

[mgraf2]

I finally got it to work, thank you for all your help!

[unkempthenry]

In caldera/conf there's a settings.yaml file where the SSL cert and private key can be specified. By default these live in caldera/conf/cert.pem and caldera/conf/key.pem respectively.

Running the commandline specified in the logging output should generate the needed pem files openssl req -new -x509 -days 3652 -subj /CN='hostname --fqdn'/OU= ervers/O='hostname -d'/C=US -nodes -out conf/cert.pem -keyout conf/key.pem .

However, I think newer versions of openssl might throw an error at that line because it's missing a newly required agument. If that happens you can run openssl req -new -x509 -days 3652 -nodes -out conf/cert.pem -keyout conf/key.pem and follow the interactive prompt to fill out all the fields.

[unkempthenry]

@mgraf2 nice! Did you wind up switching to Python 3.6?

[mgraf2]

Yes I wound up switching to python 3.6, also didn't realize when running caldera.py it was asking for pem password which is printed to the cmd prompt but it gets hidden by a bunch of other stuff thats printed out; probably should have it wait for user to input pem password before continuing. I kept hitting enter without realizing it was asking for pem password and then it would exit with the error code. Can we expect other adversaries to be added to Caldera in a future update or is the user expected to add these on their own?

[w0rk3r]

I'm trying to run caldera on a centos, all dependencies installed and python3.6, getting the first error

pymongo.errors.OperationFailure: Oplog collection reads are not allowed while in the rollback or startup state.

Any tip to get this solved and running?

[mgraf2]

I switched to Mongodb 3.0.1, and that seemed to do the trick.

[dm-mitre]

@mgraf2 has the solution. We're currently working on MongoDB 4.0 support

[w0rk3r]

Oh, so that's it...i will try, thank you guys :D

[ericgatm4]

@dm-mitre want to be clear I must use MongodB3.6 not 4.0 as it's not supported yet. It looks the only download on Mongodb site is 4.0 though

[mgraf2]

Download here, i think I used 3.5.

https://www.mongodb.org/dl/win32/x86_64-2008plus-ssl?_ga=2.51450720.857413503.1532134468-1839883456.1532134468

[mgraf2]

3.01 rather

[ericgatm4]

Thanks Eric G Steinberg [/Users/EricSteinberg/Library/Containers/com.microsoft.Outlook/Data/Library/Caches/Signatures/signature_1032003613]<http://www.mantix4.com/> Mobile 303.667.4045 | Main 877.Mantix4 | www.Mantix4.com 373 Inverness Parkway | Suite 110 | Englewood, CO 80112 Visit us on: [/Users/EricSteinberg/Library/Containers/com.microsoft.Outlook/Data/Library/Caches/Signatures/signature_436522414] [/Users/EricSteinberg/Library/Containers/com.microsoft.Outlook/Data/Library/Caches/Signatures/signature_2010376743] [/Users/EricSteinberg/Library/Containers/com.microsoft.Outlook/Data/Library/Caches/Signatures/signature_463368248] [/Users/EricSteinberg/Library/Containers/com.microsoft.Outlook/Data/Library/Caches/Signatures/signature_78801424][/Users/EricSteinberg/Library/Containers/com.microsoft.Outlook/Data/Library/Caches/Signatures/signature_861511575] This E-mail message is covered by the Privacy Act 18 U.S.C. 2510-2521 the information contained in this E-mail message is personal and confidential and is intended for a specific individual (s) and purpose and therefore is protected from disclosure under the Gramm-Leach-Bliley H.R. 3723 on October 11, 1996, which has protected this document as a confidential and trade secret. If you are not the intended recipient of this communication, or the employee or agent responsible for delivering this message to the intended recipient, you are NOT authorized to read, print, retain, copy or otherwise disseminate this communication and are advised that any such dissemination, distribution or copy of this communication, or acting on the information contained herein, may be a violation of applicable law and is strictly prohibited. If you have received this communication in error, please notify the sender immediately by return e-mail and delete all copies of this communication. From: mgraf2 <notifications@github.com> Reply-To: mitre/caldera <reply@reply.github.com> Date: Friday, July 20, 2018 at 6:55 PM To: mitre/caldera <caldera@noreply.github.com> Cc: Eric Steinberg <Eric.Steinberg@mantix4.com>, Comment <comment@noreply.github.com> Subject: Re: [mitre/caldera] Unable to run caldera.py (#48) Download here, i think I used 3.5. https://www.mongodb.org/dl/win32/x86_64-2008plus-ssl?_ga=2.51450720.857413503.1532134468-1839883456.1532134468 — You are receiving this because you commented. Reply to this email directly, view it on GitHub<#48 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AlD5K5l-4GHVpYb8_Hm1Bo1-sqeU57xpks5uInwBgaJpZM4VEe_M>.

[dm-mitre]

@mgraf2 @ericgatm4 @w0rk3r We pushed some updates to support MongoDB 4.0 and also a docker-compose script which should make installation and running much easier. Let us know if you have any problems.

[stevenbrz]

@dm-mitre
It seems like the current build is incompatible with Python 3.7 as I ran into the following until downgrading to Python 3.6.x

---

Traceback (most recent call last):
  File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\mongoengine\queryset\queryset.py", line 95, in _iter_results
    raise StopIteration
StopIteration

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "C:\Users\Administrator\Desktop\caldera-master\caldera\app\server.py", line 127, in run
    web_process(settings, debug)
  File "C:\Users\Administrator\Desktop\caldera-master\caldera\app\server.py", line 250, in web_process
    for connection in ActiveConnection.objects:
RuntimeError: generator raised StopIteration

DEBUG:app.server:Planner has started
INFO:app.server:Loading default ATT&CK definitions
Process Process-1:
Traceback (most recent call last):
  File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\mongoengine\queryset\queryset.py", line 95, in _iter_results
    raise StopIteration
StopIteration

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\multiprocessing\process.py", line 297, in _bootstrap
    self.run()
  File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\multiprocessing\process.py", line 99, in run
    self._target(*self._args, **self._kwargs)
  File "C:\Users\Administrator\Desktop\caldera-master\caldera\app\server.py", line 168, in sigint_handler
    target()
  File "C:\Users\Administrator\Desktop\caldera-master\caldera\app\server.py", line 303, in planner_process
    attack.load_default(attack_mappings)
  File "C:\Users\Administrator\Desktop\caldera-master\caldera\app\attack.py", line 90, in load_default
    for db_tech in AttackTechnique.objects:
RuntimeError: generator raised StopIteration

---

[unkempthenry]

@stevenbrz , I've updated the version of mongoengine pinned in requirements.txt . I believe this will fix the error you received above running under Python 3.7.