Hashtopolis has generated several vouchers, yet all of them it rejects as invalid.

No token found! Please enter a voucher to register your agent:
eHah6IFa
Registering failed: {'action': 'register', 'response': 'ERROR', 'message': 'Provided voucher does not exist.'}
No token found! Please enter a voucher to register your agent:
kwSGtx6W
Registering failed: {'action': 'register', 'response': 'ERROR', 'message': 'Provided voucher does not exist.'}
No token found! Please enter a voucher to register your agent:


What do I need to do to allow hashtopolis to recognize its own vouchers?

I did not realize that vouchers were not in the box, but to the left, with the word Vouchers.

Sorry 'bout that.

I am using the latest, cloned hashtopolis server.

I have uploaded both rules and a hashlist.

As a test, I uploaded a small file as a wordlist, but I need this large, ~100MB one.

Hashtopolis seems to comply with my request to upload it, but in the end, the wordlist is not uploaded.

1. What may I try to remedy this issue.

2. Also, it would be more convenient for me to sftp the wordlist to the server. Is there any way to do so and tell hashtopolis that the wordlist is indeed a wordlist?

After typing this post, I realized that the problem had to be with apache. That triggered a memory that I had something in my notes (drawn from  your wiki). I copy it below.

You may want to increase these PHP parameters to accommodate your intended usage.

follow on from thread https://hashtopolis.org/thread-264.html

Ubuntu server-x86_64-16.10 > client Ubuntu 16.04 LTS

I tried extracting the python client in Client/home directory, import a new agent, & run all commands from there without "sudo". I tried giving the cracker binaries the https://hashcat.net/files/hashcat-5.0.0.7z download link with confirmed internet access (http"s" is OK, right ?). I tried an example from this forum where the cracker binary is suggested to be copied to eg: /home/user or maybe /var/www/hashtopolis/files & also */import. I also tried the files/import function to ensure it got to the right directory, each time confirming & changing cracker binary download url (eg; http://<server-ip-address>/home/user. Where applicable I set the binaries to "not locked" & allowed the client access to "locked or secure" files. Rebooted.
Still no hashcat download, extract & run.
Still having issues at this point, so did a new install, & allowed all privileges on hashtopolis server config as in an older video, hit the "go" button & confirmed settings were saved. I confirmed the suggested changes from server-prerequisites wiki were made & saved correctly. I set the /etc/apache2/apache2.conf <Directory /var/www> line to "AllowOverride All" I notice that there are some .htaccess files in directories that might be critical, that are still set to "Deny:all" on the 2nd line.
Am I supposed to change these manually ? & in which directories ? syntax as in apache2.conf ?
I guessed the allowoverride was supposed to do that, but the apache2 docs I found online seem to suggest that .htaccess overrides apache2.conf settings. Confused.
-----------------------------------
Not using yubikey at all.
-----------------------------------

latest debug output below :
--------------------------------------------------------------------
cd ~/hashtopolis-agent-python

@ubuntu:~/hashtopolis-agent-python$ sudo wget http://192.168.1.**/agents.php?download=1
[sudo] password for user:
--2019-07-06 15:52:43-- http://192.168.1.**/agents.php?download=1
Connecting to 192.168.1.**:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [application/force-download]
Saving to: 'agents.php?download=1’

agents.php?download=1 [ <=> ] 24.81K --.-KB/s in 0s

2019-07-06 15:52:43 (81.1 MB/s) - 'agents.php?download=1’ saved [25410]

@ubuntu:~/hashtopolis-agent-python$ sudo mv agent* hashtopolis.zip
@ubuntu:~/hashtopolis-agent-python$ sudo chmod +x hashtopolis.zip

@ubuntu:~/hashtopolis-agent-python$ python3 ./hashtopolis.zip --voucher ***** --url http://192.168.1.**/api/server.php
Starting client 's3-python-0.5.0'...
Successfully registered!
Collecting agent data...
Login successful!
Hashtopolis Server version: 0.11.0 ()
Client is up-to-date!
Downloading: [==================================================]
No task available!
No task available!
No task available!
....stopped here.

Created task/s 1 & 2, assigned the agent, confirmed agent & server config settings :
@ubuntu:~/hashtopolis-agent-python-master$ python3 ./hashtopolis.zip --debug --voucher ***** --url http://192.168.1.**/api/server.php
Starting client 's3-python-0.5.0'...
Collecting agent data...
{'uid': '****-**-**-**-**-****', 'action': 'updateInformation', 'os': 0, 'devices': ['Intel® Core™2 Quad CPU Q9650 @ 3.00GHz', 'NVIDIA Corporation GK107 [GeForce GT 640] (rev a1)'], 'token': 'AABBCCDD12'}
Starting new HTTP connection (1): 192.168.1.**
"POST /api/server.php HTTP/1.1" 200 51
b'{"action":"updateInformation","response":"SUCCESS"}'
{'action': 'login', 'clientSignature': 's3-python-0.5.0', 'token': 'AABBCCDD12'}
"POST /api/server.php HTTP/1.1" 200 106
b'{"action":"login","response":"SUCCESS","multicastEnabled":false,"timeout":30,"server-version":"0.11.0 ()"}'
Login successful!
Hashtopolis Server version: 0.11.0 ()
{'token': 'AABBCCDD12', 'action': 'checkClientVersion', 'version': '0.5.0', 'type': 'python'}
"POST /api/server.php HTTP/1.1" 200 67
b'{"action":"checkClientVersion","response":"SUCCESS","version":"OK"}'
Client is up-to-date!
Entering loop...
{'action': 'getFileStatus', 'token': 'AABBCCDD12'}
"POST /api/server.php HTTP/1.1" 200 62
b'{"action":"getFileStatus","response":"SUCCESS","filenames":[]}'
{'action': 'getTask', 'token': 'AABBCCDD12'}
"POST /api/server.php HTTP/1.1" 200 354
b'{"action":"getTask","response":"SUCCESS","taskId":2,"attackcmd":"-a3 #HL# ?l?l?l?l?s?l?l?l?l?d?d?d hash-test123","cmdpars":" --hash-type=0 ","hashlistId":1,"bench":30,"statustimer":5,"files":["hash-test123"],"crackerId":"2","benchType":"speed","hashlistAlias":"#HL#","keyspace":"0","usePrince":false,"enforcePipe":false,"slowHash":false,"useBrain":false}'
Got task with id: 2
{'token': 'AABBCCDD12', 'action': 'downloadBinary', 'binaryVersionId': '2', 'type': 'cracker'}
"POST /api/server.php HTTP/1.1" 200 153
b'{"action":"downloadBinary","response":"SUCCESS","url":"https:\\/\\/hashcat.net\\/files\\/hashcat-5.0.0.7z","name":"hashcat","executable":"hashcat-5.0.0.bin"}'
Starting new HTTPS connection (1): hashcat.net

### STUCK HERE over 5 mins multiple times ###

used this :
"action":"getTask","response":"SUCCESS","taskId":2,"attackcmd":"-a3 #HL# ?l?l?l?l?s?l?l?l?l?d?d?d hash-test123"

& "taskId":1 without "hash-test123" included in command line.
I tried 2 ways, both times confirming the actual hashlist was part of the Task further down the page > "files":["hash-test123".
Also with the md5 hashlist added to command line from files/other as shown above.
Incorrect I think, but gettiing desperate.
Is this a hardware issue ? eg; only works on a proper server MoBo etc ?
Running server from an lga775 socket MoBo.

Thanks for support so far.
Any help appreciated.

Do administrators have nginx build tutorials
Do not know how to configure.htaccess

Ngnix .htaccess How to configure 
Is there any Ngnix build tutorial

Will you consider adding custom mask lengths later?
--increment --increment-min=1 --increment-max=9
Adding strings to New Preconfigured Tasks is a long task

Two issues I've had  are the debug output listed below, & the "Yubikey" issue on Server>config.
---
Ubuntu Server 16.10 x86_64 fully updated "old-resources"
ssh server on alternate port is working from Client.
Client - Ubuntu-16.04 LTS x86_64
Using python Client as recommended, but no wiki or specific info on how it should be installed or set up.
hashcat-5.0.0  (tested & working on both Server & Client)
Hashtopolis Server version: 0.10.1
client 's3-python-0.4.0' (up-to-date)
hashcat-5.0.0.7z
Task command : -a3 #HL# ?l?l?l?l?s?l?l?l?l?d?d?d  
(to test BF an md5sum)

first attempt :

Created New Agent.
Set Agent to "Trust with Secret Data" & also set
Server/Config/Server/Server configuration/"Vouchers can be used multiple times and will not be deleted automatically" (enabled).
Set all "Files/*" to "not secret"

$ sudo python3 hashtopolis.zip
Starting client 's3-python-0.4.0'...
Please enter the url to the API of your Hashtopolis installation:
http://<srvr-ip-address>/api/server.php
No token found! Please enter a voucher to register your agent:
******
Successfully registered!
Collecting agent data...
Login successful!
Hashtopolis Server version: 0.10.1 ()
Client is up-to-date!
Downloading: [==================================================]
No task available!
No task available!
No task available   (stopped & created a new task)


Now all subsequent attempts to start Client get this output :

N.B. running from the "cd /home/user/hashtopolis" directory :

@:~/hashtopolis$ sudo python3 hashtopolis.zip
[sudo] password for user:
Found existing lock.pid, checking if python process is running...
Ignoring lock.pid file because PID is not existent anymore or not running python!
Starting client 's3-python-0.4.0'...
Collecting agent data...
Login successful!
Hashtopolis Server version: 0.10.1 ()
Client is up-to-date!
Health check requested by server!
Retrieving health check settings...
Traceback (most recent call last):
  File "/usr/lib/python3.5/runpy.py", line 184, in _run_module_as_main
    "__main__", mod_spec)
  File "/usr/lib/python3.5/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "hashtopolis.zip/__main__.py", line 338, in <module>
  File "hashtopolis.zip/__main__.py", line 164, in loop
  File "hashtopolis.zip/__main__.py", line 44, in run_health_check
  File "hashtopolis.zip/htpclient/binarydownload.py", line 155, in check_version
  File "hashtopolis.zip/htpclient/download.py", line 22, in download
  File "/usr/lib/python3/dist-packages/requests/sessions.py", line 512, in head
    return self.request('HEAD', url, **kwargs)
  File "/usr/lib/python3/dist-packages/requests/sessions.py", line 480, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/lib/python3/dist-packages/requests/sessions.py", line 582, in send
    adapter = self.get_adapter(url=request.url)
  File "/usr/lib/python3/dist-packages/requests/sessions.py", line 656, in get_adapter
    raise InvalidSchema("No connection adapters were found for '%s'" % url)
requests.exceptions.InvalidSchema: No connection adapters were found for 'sftp://192.168.1.1*:*/home/user'


----------------------------------
This is some earlier debug output :
run task ubuntu-16.04-LTS-Client > ubuntu-16.10-Srvr LAN :

sudo python3 ./hashtopolis.zip --voucher cncqhEPk --url http://192.168.1.**/api/server.php

@ubuntu:~$ sudo python3 ./hashtopolis.zip --voucher cncqhEPk --url http://192.168.1.**/api/server.php
Found existing lock.pid, checking if python process is running...
Ignoring lock.pid file because PID is not existent anymore or not running python!
Starting client 's3-python-0.4.0'...
Collecting agent data...
{'token': 'XNs5WdAYTf', 'uid': '********-****-****-****-************', 'os': 0, 'action': 'updateInformation', 'devices': ['Intel® Core™2 Quad CPU Q9650 @ 3.00GHz', 'NVIDIA Corporation GK107 [GeForce GT 640] (rev a1)']}
Starting new HTTP connection (1): 192.168.1.**
"POST /api/server.php HTTP/1.1" 200 51
b'{"action":"updateInformation","response":"SUCCESS"}'
{'token': 'XNs5WdAYTf', 'clientSignature': 's3-python-0.4.0', 'action': 'login'}
"POST /api/server.php HTTP/1.1" 200 106
b'{"action":"login","response":"SUCCESS","multicastEnabled":false,"timeout":30,"server-version":"0.10.1 ()"}'
Login successful!
Hashtopolis Server version: 0.10.1 ()
{'token': 'XNs5WdAYTf', 'version': '0.4.0', 'action': 'checkClientVersion', 'type': 'python'}
"POST /api/server.php HTTP/1.1" 200 67
b'{"action":"checkClientVersion","response":"SUCCESS","version":"OK"}'
Client is up-to-date!
Entering loop...
{'token': 'XNs5WdAYTf', 'action': 'getFileStatus'}
"POST /api/server.php HTTP/1.1" 200 62
b'{"action":"getFileStatus","response":"SUCCESS","filenames":[]}'
{'token': 'XNs5WdAYTf', 'action': 'getTask'}
"POST /api/server.php HTTP/1.1" 200 356
b'{"action":"getTask","response":"SUCCESS","taskId":2,"attackcmd":"-a3 #HL# -1 ?l?s?d ?1?1?1?1?1?1?1?1?1?1?1?1 hashlist","cmdpars":" --hash-type=0 ","hashlistId":2,"bench":30,"statustimer":5,"files":["hashlist"],"crackerId":"3","benchType":"speed","hashlistAlias":"#HL#","keyspace":"0","usePrince":false,"enforcePipe":false,"slowHash":false,"useBrain":false}'
Got task with id: 2
{'token': 'XNs5WdAYTf', 'type': 'cracker', 'action': 'downloadBinary', 'binaryVersionId': '3'}
"POST /api/server.php HTTP/1.1" 200 150
b'{"action":"downloadBinary","response":"SUCCESS","url":"sftp:\\/\\/192.168.1.**:**\\/home\\/user**","name":"hashcat","executable":"hashcat-5.1.0.bin"}'
Traceback (most recent call last):
  File "/usr/lib/python3.5/runpy.py", line 184, in _run_module_as_main
    "__main__", mod_spec)
  File "/usr/lib/python3.5/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "./hashtopolis.zip/__main__.py", line 338, in <module>
  File "./hashtopolis.zip/__main__.py", line 174, in loop
  File "./hashtopolis.zip/htpclient/binarydownload.py", line 155, in check_version
  File "./hashtopolis.zip/htpclient/download.py", line 22, in download
  File "/usr/lib/python3/dist-packages/requests/sessions.py", line 512, in head
    return self.request('HEAD', url, **kwargs)
  File "/usr/lib/python3/dist-packages/requests/sessions.py", line 480, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/lib/python3/dist-packages/requests/sessions.py", line 582, in send
    adapter = self.get_adapter(url=request.url)
  File "/usr/lib/python3/dist-packages/requests/sessions.py", line 656, in get_adapter
    raise InvalidSchema("No connection adapters were found for '%s'" % url)
requests.exceptions.InvalidSchema: No connection adapters were found for 'sftp://192.168.1.**:**/home/user**'

----------------------------------
ALSO :
-------------------------------------------
Yubikey OTP
Yubikey is currently not configured. # HOW TO ?
Please contact an admin as it needs to be enabled and set up on the server configuration.  # HOW TO ?
So I tried this from Client :
Firefox > http://api.yubico.com/wsapi/2.0/verify
h=*******************=
t=2019-06-12T12:40:59Z0261
status=MISSING_PARAMETER
* assuming some part of this data needs to be entered somewhere, but no mention of Yubikey found anywhere in wiki etc.

-----------------------------------------

I'm about a month into this still with no results. Never used servers before this, so please keep tech terms simple.
Any basic help appreciated.

The new Hashtopolis release contains various bug fixes and enhancements:

Bugfixes

• Fixed wrong task speed summation for task overview page.
  
• Fixed error on hashlist hash retrieval.
  
• Fixed XSS on hashes view page when printing a hashlist.
  
• Fixed missing check for blacklisted characters when editing task.
  
• Fixed issue with creating a preconfigured task from the API.
  
• Fixed wrong rendering of forms when showing supertasks on hashlist pages.
  
• Fixed wrong reporting of speed on tasks overview due to cached speeds.
  
• Fixed wrong search value of tasks list on hashlist details page.
  
• Fixed missing update of cracked count for superhashlists.
  
• Fixed listing of hashlists and hashes of lists which should not be accessible by user.
  
  

• Temperature and util thresholds for agent status page can be configured.
  
• User API can provide all cracks for a given task.
  
• User API provides information if task is complete or not.
  
• User API can provide all cracks for a given hashlist.
  
• Support for new Hashcat versions without 32/64-bit naming.
  
  

Hi,

Is it normal that the keyspace indicated in Hashtopolis does not match the output from Hashcat when using the '--keyspace' arg, nor match the 'real' keyspace?

Hashtopolis(0.10.1):

Quote:10,460,353,203

Quote:14,348,907

Quote:282,429,536,481

Running Hashtopolis 0.10.1 on Ubuntu Server 16.04

Client runs Windows 10, Agent version s3-python-0.4.0.1

Task: WPA2 cracking

-a6 #HL# 8dig5miluplow.txt

Client error: Error during keyspace measure: Command 'hashcat64.exe --keyspace --quiet -a6 ..\..\files\8dig5miluplow.txt  --hash-type=2500 ' returned non-zero exit status 4294967295.

The #HL# value should be "hand2" but it is missing in the string. 

What have I done wrong / should check?