I'm trying to connect to sftp with rsa private key auth, through proxy.
use phpseclib\Net\SFTP;
use phpseclib\Crypt\RSA;
$proxyHost = 'proxy-host';
$proxyPort = 1080;
$fsock = fsockopen($proxyHost, $proxyPort);
$host = 'sftp.hostname.com';
$login = 'sftp_login';
$privatekey = file_get_contents('sftp_private.ppk');
$password = new RSA();
$password->loadKey($privatekey);
$request = "CONNECT $host:22 HTTP/1.0\r\nContent-Length: 0\r\n\r\n";
if(fputs($fsock, $request) != strlen($request)) {
exit("premature termination");
}
while ($line = fgets($fsock, 1024)) {
if ($line == "\r\n") {
break;
}
//echo $line;
}
$sftp = new SFTP($fsock);
if (!$sftp->login($login, $password)) {
exit('Login Failed');
}
I get the "Login Failed" exit.
Thanks
Quoting
https://github.com/phpseclib/phpseclib/issues/1460 :
Port 1080 is typically used for SOCKS5 proxies - not HTTP proxies.
Assuming you're using a SOCKS5 proxy then something like this should
work:
// SSH connection info
$port = 22;
$address = 'localhost';
// SOCKS5 connection info
$fsock = fsockopen('127.0.0.1', 1080, $errno, $errstr, 1);
if (!$fsock) {
throw new \Exception($errstr);
}
$port = pack('n', $port);
$address = chr(strlen($address)) . $address;
$request = "\5\1\0";
if (fwrite($fsock, $request) != strlen($request)) {
throw new \Exception('Premature termination');
}
$response = fread($fsock, 2);
if ($response != "\5\0") {
throw new \Exception('Unsupported protocol or unsupported method');
}
$request = "\5\1\0\3$address$port";
if (fwrite($fsock, $request) != strlen($request)) {
throw new \Exception('Premature termination');
}
$response = fread($fsock, strlen($address) + 6);
if (substr($response, 0, 2) != "\5\0") {
echo bin2hex($response) . "\n";
throw new \Exception("Unsupported protocol or connection refused");
}
$ssh = new SSH2($fsock);
$ssh->login('username', 'password');
echo $ssh->exec('ls -latr');
That said, SOCKS5 has a lot more bells and whistles then this sample
code currently accommodates. Really, what'd be good is a full on
SOCKS5 class.
Hope it will help someone else.
Related
php - phpseclib - how to connect to ssh host via socks5 proxy (proxy with basic authentication user:password)
we know method for ssh login via socks5 , but who knows how to connect via socks5 with basic authentication ?
in official example script there is no authentication method in use... :
$fsock = fsockopen('127.0.0.1', 1080, $errno, $errstr, 1);
if (!$fsock) {
throw new \Exception($errstr);
}
$port = pack('n', $port);
$address = chr(strlen($address)) . $address;
$request = "\5\1\0";
if (fwrite($fsock, $request) != strlen($request)) {
throw new \Exception('Premature termination');
}
$response = fread($fsock, 2);
if ($response != "\5\0") {
throw new \Exception('Unsupported protocol or unsupported method');
}
$request = "\5\1\0\3$address$port";
if (fwrite($fsock, $request) != strlen($request)) {
throw new \Exception('Premature termination');
}
$response = fread($fsock, strlen($address) + 6);
if (substr($response, 0, 2) != "\5\0") {
echo bin2hex($response) . "\n";
throw new \Exception("Unsupported protocol or connection refused");
}
$ssh = new SSH2($fsock);
$ssh->login('username', 'password');
echo $ssh->exec('ls -latr');
answer is:
$fsock = fsockopen('127.0.0.1', 1080, $errno, $errstr, 1);
if (!$fsock) {
throw new \Exception($errstr);
}
$port = pack('n', $port);
$address = chr(strlen($address)) . $address;
$request = "\5\1\2"; //2 - authentication method is user/password , 0 - no authentication
if (fwrite($fsock, $request) != strlen($request)) {
throw new \Exception('Premature termination');
}
$response = fread($fsock, 2);
if ($response != "\5\2") { //acceptance from server that user/password method (2) is supported
throw new \Exception('Unsupported protocol or unsupported method');
}
//login password
$request = pack('C2',0x01,strlen($proxyUser)).$proxyUser.pack('C1',strlen($proxyPass)).$proxyPass;
if (fputs($fsock,$request) != strlen($request)) {
exit("premature termination");
}
$response = fgets($fsock,3);
echo "login confirmation status rcvd\n";
if ($response != "\1\0") {
exit("Login password incorrect");
}
// end section for authentication , authentication done with success
$request = "\5\1\0\3$address$port";
if (fwrite($fsock, $request) != strlen($request)) {
throw new \Exception('Premature termination');
}
$response = fread($fsock, strlen($address) + 6);
if (substr($response, 0, 2) != "\5\0") {
echo bin2hex($response) . "\n";
throw new \Exception("Unsupported protocol or connection refused");
}
$ssh = new SSH2($fsock);
$ssh->login('username', 'password');
echo $ssh->exec('ls -latr');
I want to send something to my connected clients over another php script. But when I use the function "send", clientlist is null.
Can you help me about this please?
Socket.php:
$clientlist = array();
function run() {
global $clientlist;
set_time_limit(0);
$address = '127.0.0.1';
$port = 80;
$sock = socket_create(AF_INET, SOCK_STREAM, 0);
socket_bind($sock, 0, $port) or die('Could not bind to address');
socket_listen($sock);
printf("Listening...\r\n");
while (true) {
$client = socket_accept($sock);
$input = socket_read($client, 1024000);
$clientlist[] = $client;
}
}
function send($msg) {
global $clientlist;
printf("Count: " . count($clientlist) . "\r\n");
socket_write($clientlist[0], "Hey");
}
Msg.php:
include("socket.php");
send($_GET['msg']);
Im using PHPSECLIB to send a file and a XML to a SFTP server.
In this case the server im trying to reach is outside my work network.
To connect to the internet outside we have a proxy to do that.
What i need to do is configure the proxy of this connection to the one i need.
EDIT --
I have the following code, how can i pass the username and password of my proxy ?
$proxyHost = '******'
$fsock = fsockopen($proxyHost, $proxyPort);
$address = '*****';
$port = '*****';
$request = "CONNECT $address:$port HTTP/1.0\r\nContent-Length: 0\r\n\r\n";
if(fputs($fsock, $request) != strlen($request)) {
exit("premature termination");
}
$response = fgets($fsock);
$sftp = new SFTP($fsock);
.......
Quoting https://github.com/phpseclib/phpseclib/issues/1339#issuecomment-462224179:
With authorization:
$fsock = fsockopen('127.0.0.1', 80, $errno, $errstr, 1);
if (!$fsock) {
echo $errstr; exit;
}
fputs($fsock, "CONNECT website.com:22 HTTP/1.0\r\n");
fputs($fsock, "Proxy-Authorization: Basic " . base64_encode('user:pass') . "\r\n");
fputs($fsock, "\r\n");
while ($line = fgets($fsock, 1024)) {
if ($line == "\r\n") {
break;
}
//echo $line;
}
$ssh = new Net_SSH2($fsock);
$ssh->login('user', 'pass');
echo $ssh->exec('ls -latr');
If that doesn't work then run the script and tell me what the headers you get back are. Digest authentication is more of a PITA then Basic but it's not impossible.
More info on how authorization works with HTTP proxies:
https://www.rfc-editor.org/rfc/rfc7235#section-4.3
I have connected ejabberd xmpp server with xmpphp library. Its working fine. I need to create a user in ejabberd xmpp server using xmpphp library.
So i have added following two functions in XMPPHP/XMPP.php file :
public function register($username, $password = null){
if (!isset($password)) $password = $this->genRandomString(15);
$id = 'reg_' . $this->getID();
$xml = "<iq type='set' id='$id'>
<query xmlns='jabber:iq:register'>
<username>" . $username . "</username>
<password>" . $password . "</password>
<email></email>
<name></name>
</query>
</iq>";
$this->addIdHandler($id, 'register_new_user_handler');
$this->send($xml);
}
protected function register_new_user_handler($xml){
switch ($xml->attrs['type']) {
case 'error':
$this->event('new_user_registered', 'error');
break;
case 'result':
$query = $xml->sub('query');
$username='';
$password='';
if(!is_array($query->subs)) {
foreach ($query->sub as $key => $value) {
switch ($value->name) {
case 'username':
$username = $value->data;
break;
case 'password':
$password = $value->data;
break;
}
}
}
$this->event('new_user_registered', array('jid' => $username . "#{$this->server}", 'password' => $password));
default:
$this->event('new_user_registered', 'default');
}
}
and m calling the above functions in sendmessage_example.php as follows :
<?php
// activate full error reporting
//error_reporting(E_ALL & E_STRICT);
include 'XMPPHP/XMPP.php';
$conn = new XMPPHP_XMPP('serverhost', 5222, 'admin#localhost', 'password', 'xmpphp', 'localhost', $printlog=false, $loglevel=XMPPHP_Log::LEVEL_INFO);
try {
$conn->connect();
$conn->processUntil('session_start');
$conn->presence();
$conn->register('uname', 'pass');
$conn->message('vaiju#localhost', 'This is a test message!');
$conn->disconnect();
} catch(XMPPHP_Exception $e) {
die($e->getMessage());
}
I have manually added a user called vaiju. I'm able to connect it and m getting a message in my pidgin client. But user registration is not working properly.
You could do like this. tested and working with me.
define('JABBER_REST_HOST','localhost:5285');
define('JABBER_REST_URL','http://localhost:5285/rest');
$request = "register ketan13 localhost ketan13";
$jabberResponse = sendRESTRequest(JABBER_REST_URL, $request);
echo '<pre>'; print_r($jabberResponse);
function sendRESTRequest ($url, $request) {
// Create a stream context so that we can POST the REST request to $url
$context = stream_context_create (array ('http' => array ('method' => 'POST'
,'header' => "Host: ".JABBER_REST_HOST."\nContent-Type: text/html; charset=utf-8\nContent-Length: ".strlen($request)
,'content' => $request)));
// Use file_get_contents for PHP 5+ otherwise use fopen, fread, fclose
if (version_compare(PHP_VERSION, '5.0.0', '>=')) {
$result = file_get_contents($url, false, $context);
} else {
// This is the PHP4 workaround which is slightly less elegant
// Suppress fopen warnings, otherwise they interfere with the page headers
$fp = #fopen($url, 'r', false, $context);
$result = '';
// Only proceed if we have a file handle, otherwise we enter an infinite loop
if ($fp) {
while(!feof($fp)) {
$result .= fread($fp, 4096);
}
fclose($fp);
}
}
return $result;
}
<?php
require_once('PEAR.php');
$GLOBALS['Net_EPP_Client_Version'] = '0.0.3';
class Net_EPP_Client {
var $socket;
function connect($host, $port=700, $timeout=1, $ssl=true, $sslcertpath, $sslpassphrase) {
$context = #stream_context_create();
$result = stream_context_set_option($context, 'ssl', 'allow_self_signed', 'true');
$result = stream_context_set_option($context, 'ssl', 'local_cert', $sslcertpath);
$result = stream_context_set_option($context, 'ssl', 'passphrase', $sslpassphrase);
$target = sprintf('%s://%s:%d', ($ssl === true ? 'ssl' : 'tcp'), $host, $port);
if (!$this->socket = #stream_socket_client($target, $errno, $errstr, $timeout, STREAM_CLIENT_CONNECT, $context)) {
return new PEAR_Error("Error connecting to $target - $errstr (code $errno)");
} else {
return $this->getFrame();
}
}
function getFrame() {
//stream_set_blocking($this->socket, 1);
//stream_set_timeout($this->socket, 30);
if (#feof($this->socket)) return new PEAR_Error('connection closed by remote server');
//$hdr = #fread($this->socket, 4);
$hdr = #fgets($this->socket, 5);
//print_r($hdr);
//return new PEAR_Error($hdr);
if (empty($hdr) && feof($this->socket)) {
return new PEAR_Error('connection closed by remote server');
} elseif (empty($hdr)) {
//return new PEAR_Error('Error reading from server: '.$php_errormsg);
$php_errormsg = isset($php_errormsg) ? $php_errormsg : "";
return new PEAR_Error('Error reading from server: '. $php_errormsg);
} else {
/*
$unpacked = unpack('N', $hdr);
$answer = fread($this->socket, ($unpacked[1] - 4));
return $answer;
*/
$unpacked = unpack('N', $hdr);
$length = $unpacked[1];
if ($length < 5) {
return new PEAR_Error(sprintf('Got a bad frame header length of %d bytes from server', $length));
} else {
//'|'.fread($this->socket, ($length - 4)).'|'; //not sure why, but this fixed some part here..
//return '<'.fread($this->socket, ($length));
return fread($this->socket, ($length));
}
}
}
function sendFrame($xml) {
fwrite($this->socket, pack('N', (strlen($xml)+4)).$xml);
}
function request($xml) {
$this->sendFrame($xml);
return $this->getFrame();
}
function disconnect() {
return #fclose($this->socket);
}
}
?>
I met a issue that i will take memory leak from this line
return fread($this->socket, ($length));
Will you tell me what is wrong with this line
if(!$this->socket = #stream_socket_client($target, $errno, $errstr, $timeout, STREAM_CLIENT_CONNECT, $context))
I have searched issue that a connection opened by stream_socket_client() wasn't closed by the server, the socket will keep data from server. Is there any solution? Another software engineer have replaced this line
return fread($this->socket, ($length));
to the below code. They said they don't know why this error will happen.
'|'.fread($this->socket, ($length - 4)).'|';
return '<'.fread($this->socket, ($length));
I would like to know is it any alternative solution?