ArturSS7/TukTuk

Unable to access web interface

uBadRequest opened this issue · 4 comments

uBadRequest commented

When trying to visit port 1234, it appears that new ssl verifications are trying to be performed?

echo: http: TLS handshake error from myip:53046: acme/autocert: missing certificate
echo: http: TLS handshake error from myip:50624: 429 urn:ietf:params:acme:error:rateLimited: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/

I have a valid certificate, and it works just fine, very confused as to what this is doing

ArturSS7 commented

Hello. Are you trying to use your own certificate? Because for the admin panel there is no need to generate certificate manually, it will be automatically generated for your domain by the app. Also, you can solve this issue by disabling https in admin panel. To do this you need to comment lines 54 and 87 in backend.go file in backend package and uncomment the line 88.

uBadRequest commented

Yeah thats what I ended up doing, but now I can't seem to get any logging to work. My DNS records in cloudflare are identical to yours, I verified that I can insert data into the database with the tuk user, and can view the data in the database from the management portal.

image
image
image

I tried to see if I could get it to send logs to a discord webhook
image

This is what I see what I do "go run main.go"

2020/09/25 15:35:27 Unable to read client secret file: open emailalert/credentials.json: no such file or directory
Connected
⇨ http server started on [::]:1234
⇨ http server started on [::]:80
⇨ https server started on [::]:443
2020/09/25 15:35:27 &{0xc0000780c0} [LDAP Server]  3
2020/09/25 15:35:27 Starting server at :25
⇨ http server started on 127.0.0.1:5555
2020/09/25 15:35:27 gracefully closing client connections...
2020/09/25 15:35:27 all clients connection closed

image

Happen to see where I may have made a mistake? I can't figure it out...

I blocked my domain out, don't want to have anyone poking around 😄

ArturSS7 commented

In order to make logging work, you need first to generate domain, same as in burp(if you used it). Go to dns management, generate new domain and then send your request to it. Hope it will help.

ArturSS7 commented

By the way, logs are being done on the registered domains and on all the domains 1 level higher then the registered. For example you have generated jdjfkdkk.e.example.com. Everything on jdjfkdkk.e.example.com will be logged and also everything on *. jdjfkdkk.e.example.com will be logged.