500 Error Server Got Itself Into Trouble

[taylorhawksec]

Getting this error when trying to run Caldera. Have been running into this issue on most versions of Ubuntu. Haven't been able to find the fix :( would really love to be able to use this tool. I am running Caldera v5. Please help! Any help is much appreciated!!!

[github-actions]

Looks like your first issue -- we aim to respond to issues as quickly as possible. In the meantime, check out our documentation here: http://caldera.readthedocs.io/

[taylorhawksec]

For this instance I am using Ubuntu 22.04!!

[elegantmoose]

That error output does not look like it is from v5, but v4. Are you sure you are using v5?

[taylorhawksec]

I will double verify today

[0xLhu]

i have also the same issue :( with any version v5.0.0 v5.1.0 , v4.2

caldera-1  |                             -docs/../../../plugins/fieldmanual/utils
caldera-1  |                             /plugin_docs.py", line 3, in <module>
caldera-1  |                                 from distutils.dir_util import
caldera-1  |                             copy_tree
caldera-1  |                             ModuleNotFoundError: No module named
caldera-1  |                             'distutils'
caldera-1  |
caldera-1  |
caldera-1  |                     DEBUG    Using default login handler.        auth_svc.py:209
caldera-1  | 2025-02-27 16:18:08 DEBUG    Created authentication group: blue   auth_svc.py:72
caldera-1  |                     DEBUG    Created authentication group: red    auth_svc.py:72
caldera-1  |                     DEBUG    = connection is CONNECTING          protocol.py:255
caldera-1  |                     DEBUG    > GET /system/ready HTTP/1.1          client.py:115
caldera-1  |                     DEBUG    > Host: 0.0.0.0:7012                  client.py:117
caldera-1  |                     DEBUG    > Upgrade: websocket                  client.py:117
caldera-1  |                     DEBUG    > Connection: Upgrade                 client.py:117
caldera-1  |                     DEBUG    > Sec-WebSocket-Key:                  client.py:117
caldera-1  |                             P9VK7HqRPrDq6bitSHUwrA==
caldera-1  |                     DEBUG    > Sec-WebSocket-Version: 13           client.py:117
caldera-1  |                     DEBUG    > Sec-WebSocket-Extensions:           client.py:117
caldera-1  |                             permessage-deflate;
caldera-1  |                             client_max_window_bits
caldera-1  |                     DEBUG    > User-Agent: Python/3.12             client.py:117
caldera-1  |                             websockets/11.0.3
caldera-1  |                     DEBUG    < HTTP/1.1 101 Switching Protocols    client.py:148
caldera-1  |                     DEBUG    < Upgrade: websocket                  client.py:150
caldera-1  |                     DEBUG    < Connection: Upgrade                 client.py:150
caldera-1  |                     DEBUG    < Sec-WebSocket-Accept:               client.py:150
caldera-1  |                             urNy00jhGwgaqJ+cg81J3MTt6tI=
caldera-1  |                     DEBUG    < Sec-WebSocket-Extensions:           client.py:150
caldera-1  |                             permessage-deflate;
caldera-1  |                             server_max_window_bits=12;
caldera-1  |                             client_max_window_bits=12
caldera-1  |                     DEBUG    < Date: Thu, 27 Feb 2025 16:18:08 GMT client.py:150
caldera-1  |                     DEBUG    < Server: Python/3.12                 client.py:150
caldera-1  |                             websockets/11.0.3
caldera-1  |                     DEBUG    = connection is OPEN                protocol.py:356
caldera-1  |                     DEBUG    < CLOSE 1000 (OK) [2 bytes]        protocol.py:1168
caldera-1  |                     DEBUG    = connection is CLOSING            protocol.py:1223
caldera-1  |                     DEBUG    > CLOSE 1000 (OK) [2 bytes]        protocol.py:1174
caldera-1  |                     DEBUG    = connection is CLOSED             protocol.py:1494
caldera-1  |                     INFO     All systems ready.                    server.py:104
caldera-1  |
caldera-1  |  ██████╗ █████╗ ██╗     ██████╗ ███████╗██████╗  █████╗
caldera-1  | ██╔════╝██╔══██╗██║     ██╔══██╗██╔════╝██╔══██╗██╔══██╗
caldera-1  | ██║     ███████║██║     ██║  ██║█████╗  ██████╔╝███████║
caldera-1  | ██║     ██╔══██║██║     ██║  ██║██╔══╝  ██╔══██╗██╔══██║
caldera-1  | ╚██████╗██║  ██║███████╗██████╔╝███████╗██║  ██║██║  ██║
caldera-1  |  ╚═════╝╚═╝  ╚═╝╚══════╝╚═════╝ ╚══════╝╚═╝  ╚═╝╚═╝  ╚═╝
caldera-1  |
^Cexit status 130

```

![Image](https://github.com/user-attachments/assets/9b549c89-ef82-49ee-b2c4-4bcacc57f16a)

[taylorhawksec]

Yes, confirmed I am using version 5. I have also tried all other versions as well and I still get the same error message "Server Got Itself Into Trouble"

[leba-atr]

@0xLhu Can you please provide the full log output? Unfortunately, you cut the log just where the interesting part is as there is the bottom part of an exception message.

@taylorhawksec Can you as well please provide the full log output from when you run python server.py and onwards?

[tommy-berg]

[Update: Temporary fix]
The "localhost:8888" is coming from the incoming HTTP request’s Host header. Change port on docker to expose port 80 and browse to http://localhost. Now YARL will not complain and everything works as expected.

[Original message]
I am experiencing same 500 Error Server Got Itself Into Trouble when trying to deploy the container using Docker.
By modifying the Docker entrypoint we are able to get some logs that indicates that there is a problem with YARL ...
ENTRYPOINT ["bash", "-c", "python -X dev server.py "]

I think its a YARL issue.. yarl enforce URL validation..
NOT OK:
URL.build(scheme='http', host='localhost:8888')

OK:
URL.build(scheme='http', host='localhost', port=8888)

Output from running server in python dev:

We get the following erros:

500 Internal Server Error

Traceback:

Traceback (most recent call last):
  File "/opt/venv/caldera/lib/python3.12/site-packages/aiohttp/web_protocol.py", line 452, in _handle_request
    resp = await request_handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/venv/caldera/lib/python3.12/site-packages/aiohttp/web_app.py", line 512, in _handle
    match_info = await self._router.resolve(request)
                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/venv/caldera/lib/python3.12/site-packages/aiohttp/web_urldispatcher.py", line 1022, in resolve
    match_dict, allowed = await resource.resolve(request)
                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/venv/caldera/lib/python3.12/site-packages/aiohttp/web_urldispatcher.py", line 767, in resolve
    not request.url.raw_path.startswith(self._prefix2)
        ^^^^^^^^^^^
  File "aiohttp/_helpers.pyx", line 26, in aiohttp._helpers.reify.__get__
  File "/opt/venv/caldera/lib/python3.12/site-packages/aiohttp/web_request.py", line 451, in url
    url = URL.build(scheme=self.scheme, host=self.host)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/venv/caldera/lib/python3.12/site-packages/yarl/_url.py", line 438, in build
    _host = _encode_host(host, validate_host=True)
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/venv/caldera/lib/python3.12/site-packages/yarl/_url.py", line 1514, in _encode_host
    raise ValueError(
ValueError: Host 'localhost:8888' cannot contain ':' (at position 9)

[taylorhawksec]

@leba-atr This is what happens when I execute python3 server.py. It just sits there and I don't get the CALDERA header message.

I saw the Sphinx error and upgraded that as well and this is the output after installing a newer version of sphinx

[leba-atr]

Might sound a bit distracting but have you by chance installed the caldera dependencies globally? I see the 'don't install as root user' warning up top in the second screenshot and I wonder if that is maybe the cause of all the issues. It may very easily happen that when one installs pip packages globally, the python environment just breaks in extremely unexpected ways.
If you have the time and the means, I'd suggest the following:

• start from scratch with a clean VM/machine
• download caldera to a directory of you choice using git clone
• then, before installing the dependencies, create a virtual python environment in the caldera directory (usually by using python3 -m virtualenv .venv; you might need to apt install python3-virtualenv beforehand)
• afterwards activate the virtual environment by issuing source .venv/bin/activate; your command line should now look similar to this (note the (.venv) prefix): (.venv) leba-atr@ubuntu-dev:~/caldera$
• now proceed as normal (e.g. pip install -r requirements.txt and then python3 server.py --build)

(none of the above, with the apt install being the sole exception, should require root privileges and may be executed under your normal user just fine)

If this solves this issue, I'd strongly suspect that your python environment was just broken and hence the errors.

On a side note: you're not seeing the caldera banner because python fails to initialize the python event loop and hence the application will never start and 'be stuck' after setting up the plugins

[taylorhawksec]

@leba-atr I will give this a shot and circle back with what I find!

[0xLhu]

Hello there, everything works fine now :)

[taylorhawksec]

@leba-atr

[leba-atr]

Huh, that's a very different error now. Can you check with npm list which version of vue and vue/compiler-sfc are installed? You must cd into ./plugins/magma first, otherwise npm will report the package list for caldera itself instead of the magma plugin, which is the web interface.

[taylorhawksec]

@leba-atr

[leba-atr]

I've checked with my working local install and I have the exact same version of the main dependencies. Hence this can be ruled out as the issues. However, maybe there is an issue with a transitive dependency. I attached the output of npm list --all which shows the full dependency tree (npm_list_all.txt). If you don't mind, please create your own dump and then diff -y your file with mine and check for any major differences, especially in the vuejs section at the bottom.

Otherwise, I must admit that I'm running out of ideas and knowledge of debugging nodejs environments, so I can only give some general advice what you can try next to see if that maybe helps:

• I'm running a Ubuntu 22.04 VM with nodejs v22.14.0 (npm v10.9.2) - can you check the nodejs version on your machine and, if necessary, upgrade to a recent LTS release (stock nodejs on ubuntu is usually outdated by several years); I prefer to use https://github.com/nvm-sh/nvm to manage my nodejs installs but anything similar works as well
• try running npm ci in the magma folder to remove all npm packages and redownload them; maybe something didn't install correctly; ultima ratio would be to completely remove the node_modules folder and start over with a clean environment

[taylorhawksec]

@leba-atr still giving me trouble, even after multiple fresh installs. I did find this github doc though, given it is a offline install

https://cyberdefencekit.github.io/documentation/caldera/caldera.html#step-by-step-installation-guide

Is there possibly something off with the Caldera github documentation? I feel like if I run the 4 commands step by step that I should be able to run caldera with no issues, is there anything else that needs to be installed prior?

[endiz]

What version of python? Make sure its 3.9+

Here are my steps for a fresh install (ubuntu 22.04):

git clone https://github.com/mitre/caldera.git --recursive
cd caldera && python3 -m venv .venv && source .venv/bin/activate
pip install setuptools wheel && pip install pyminizip donut-shellcode && pip install -r requirements.txt
python3 server.py --build --insecure

[taylorhawksec]

What version of python? Make sure its 3.9+

Here are my steps for a fresh install (ubuntu 22.04):

git clone https://github.com/mitre/caldera.git --recursive
cd caldera && python3 -m venv .venv && source .venv/bin/activate
pip install setuptools wheel && pip install pyminizip donut-shellcode && pip install -r requirements.txt
python3 server.py --build --insecure

I will give this a shot, I was using python 3.12