I am using xampp on Windows and want to upload an file via ftp.exe.
I created a .vbs script creating an ftp.dat file and run ftp.exe.
Set FS = CreateObject("Scripting.FileSystemObject")
Set FileIn = fs.OpenTextFile("C:\xampp\htdocs\ftp.dat", 2, true)
filein.WriteLine "open"
filein.WriteLine "IP"
filein.WriteLine "USER"
filein.WriteLine "PASSWORD"
filein.WriteLine "put C:\path\to\file\file.txt"
filein.WriteLine "quit"
filein.close
Set WSHShell = WScript.CreateObject("WScript.Shell")
WshShell.run "cmd /c ftp.exe -s:C:\xampp\htdocs\ftp.dat > log"
I printed the output to a log file giving me this error:
ftp> To Connected to XXX.XXX.XXX.XXX.
open
XXX.XXX.XXX.XXX
220 hostname FTP server ready.
User (XXX.XXX.XXX.XXX:(none)):
331 Password required for USER.
230 User USER logged in.
ftp> put C:\path\to\file\file.txt
200 PORT command successful.
553 file.txt: Permission denied.
ftp> quit
221 Goodbye. You uploaded 0 bytes and downloaded 0 bytes.
When I run this .vbs file in the command line, everything works fine.
But if I run this using exec/system I get the error from above.
PHP File:
<? php
exec('C:\\xampp\htdocs\\upload.vbs');
?>
Related
Linux Mint XFCE, Apache 2, php 8.1, Google Chrome v110 (installed via apt, not Software Manager)
I'm trying to start Google Chrome with php proc_open and get the PID for it back. Because of other permission issues with www-data I now run Apache under my user. For that I edited /etc/apache2/envvars and changed these lines to:
export APACHE_RUN_USER=myusername
export APACHE_RUN_GROUP=myusername
The http root folder is also owned by me /var/www/html/.
When I start this php script in a browser (other than Chrome to not interfere):
<?php
$runExe = "google-chrome";
$runEnvars = " --autoplay-policy=no-user-gesture-required https://www.mozilla.org/";
$descriptors = array(
0 => array("pipe", "r"),
1 => array("pipe", "w"),
2 => array("file", "/var/www/html/error.log", "a"),
);
if (is_resource($process = proc_open($runExe . $runEnvars, $descriptors, $pipes))) {
$ppid = proc_get_status($process)['pid'];
} else {
echo("Execution Failed!");
exit();
}
Then I get the following errors in the error.log file:
mkdir: cannot create directory '/.local': Permission denied
touch: cannot touch '/.local/share/applications/mimeapps.list': No such file or directory
[87445:87445:0210/150424.771148:ERROR:ozone_platform_x11.cc(238)] Missing X server or $DISPLAY
[87445:87445:0210/150424.771263:ERROR:env.cc(255)] The platform failed to initialize. Exiting.
It looks like google-chrome tries to write data in the root folder...and it seems to complain about a display driver?
When I run this line in the cli while logged in as myusername, Chrome starts as expected (although it complains about libva): google-chrome --autoplay-policy=no-user-gesture-required https://www.mozilla.org/
(libva complaint: ibva error: vaGetDriverNameByIndex() failed with unknown libva error, driver_name = (null) )
I trying to build a web app to manage my severs using ansible
now I using Centos 7, PHP 7.4,Laravel 8 and apache to build this app and I'm already install https://packagist.org/packages/asm/php-ansible composer package for using ansible inside of my project.
here is my code:
$ansible = new Asm\Ansible\Ansible(
'/var/www/xxx/storage/ansible',
'',
''
);
$ansible->playbook()->play($myplaybookPath)->inventoryFile($myInventoryPath)->execute(function ($type, $buffer) {
if (Process::ERR === $type) {
echo 'ERR > '.$buffer ."<br/>";
} else {
echo 'OUT > '.$buffer."<br/>";
}
});
Here is the output :
OUT > PLAY [install nano] ************************************************************
OUT > TASK [Gathering Facts] *********************************************************
OUT > fatal: [xx.xx.14.139]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true}
OUT > PLAY RECAP *********************************************************************
OUT > xx.xx.14.139 : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
OUT >
the username and password in the inventory file is correct and I test it many times also I try with new server with a very simple password.
I google this error host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password)." and I found out its about the authorized_keys for the user that run the ssh
I change the permission and mod of the .ssh folder for my apache user in /var/user/share/httpd/.ssh
buy this error still remain and I don't know how to fix this.
thanks for help
update
it's not about my web server Configuration and everything about apache and PHP is ok.
I run my the playbook directly from terminal using ansible-playbook:
ansible-playbook /var/www/xxx/storage/ansible/playbooks/install_nano -i /var/www/xxx/storage/ansible/inventories/testInventory -vvv
I got the same error and I guess it's about the Auth information in InventoryFile
ansible-playbook 2.9.25
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible-playbook
python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /var/www/xxx/storage/ansible/inventories/testInventory as it did not pass its verify_file() method
auto declined parsing /var/www/xxx/storage/ansible/inventories/testInventory as it did not pass its verify_file() method
Parsed /var/www/xxx/storage/ansible/inventories/testInventory inventory source with ini plugin
Skipping callback 'actionable', as we already have a stdout callback.
Skipping callback 'counter_enabled', as we already have a stdout callback.
Skipping callback 'debug', as we already have a stdout callback.
Skipping callback 'dense', as we already have a stdout callback.
Skipping callback 'dense', as we already have a stdout callback.
Skipping callback 'full_skip', as we already have a stdout callback.
Skipping callback 'json', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'null', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
Skipping callback 'selective', as we already have a stdout callback.
Skipping callback 'skippy', as we already have a stdout callback.
Skipping callback 'stderr', as we already have a stdout callback.
Skipping callback 'unixy', as we already have a stdout callback.
Skipping callback 'yaml', as we already have a stdout callback.
PLAYBOOK: install nano ******************************************************************************************************************************************************************************
1 plays in /var/www/xxx/storage/ansible/playbooks/install nano
PLAY [install nano] *********************************************************************************************************************************************************************************
TASK [Gathering Facts] ******************************************************************************************************************************************************************************
task path: /var/www/xxx/storage/ansible/playbooks/install nano:2
<xx.xx.14.139> ESTABLISH SSH CONNECTION FOR USER: root
<xx.xx.14.139> SSH: EXEC sshpass -d8 ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o 'User="root"' -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/a7f10d151a xx.xx.14.139 '/bin/sh -c '"'"'echo ~root && sleep 0'"'"''
<xx.xx.14.139> (255, '', 'Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n')
fatal: [xx.xx.14.139]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
}
PLAY RECAP ******************************************************************************************************************************************************************************************
xx.xx.14.139 : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
Here is the inventory file content
[linux]
xx.xx.14.139
[linux:vars]
ansible_user=root
ansible_password=testPassword
also, I try ansible_ssh_user / password but it's not working!
Here is the solution
I enabled verbose mode in ssh connection and I notice that the outcoming SSH request didn't support Password Authentication.
There are 2 SSH config files /etc/ssh/sshd.conf for the incoming requests and /etc/ssh/ssh.cong for outcoming so I fix the issue from out coming request config file and enable the password authentication.
after that, I set permissions for my apache ssh files like keys and known hosts files.
after that, I create a command in laravel so I can run my ansible playbooks using the root user and Crond.
I have an FTP account I'm trying to list files from but I can't get it to work
FileZilla is able to list them, but only when strictly setting it to active mode rather than passive
Example output from FileZilla
Status: Retrieving directory listing of "/"...
Command: PORT 192,168,68,115,213,202
Response: 200 PORT command successful
Command: MLSD
Response: 150 Opening connection
Response: 226 Transfer complete
Status: Directory listing of "/" successful
In my PHP code I've tried the following
$connection = ftp_connect($host, 21);
ftp_login($connection, $username, $password);
var_dump(ftp_size($connection, 'tarbert.jpg'));
var_dump(ftp_mlsd($connection, '.'));
var_dump(ftp_rawlist($connection, '.'));
var_dump(ftp_nlist($connection, '.'));
Which outputs
int(227978)
bool(false)
bool(false)
bool(false)
As you can see by the call to ftp_size, there are files there and it can see them, but the calls to list the files all return false
I've tried the usual answer of setting to passive mode but that just makes it timeout
Does anyone have any suggestions on what else I could try?
Mini update
Strangely, if I move the ftp_size call to be after the others then that also returns false so it seems like the initial call to list files breaks something
I've tried moving each of the 3 list functions to be the first call but this makes no difference to the outcome
Update with FileZilla full log
Status: Connecting to xx.xx.xx.xx...
Status: Connection established, waiting for welcome message...
Response: 220-Welcome To Rumpus!
Response: 220 Service ready for new user
Command: AUTH TLS
Response: 530 USER and PASS required first
Command: AUTH SSL
Response: 530 USER and PASS required first
Status: Insecure server, it does not support FTP over TLS.
Command: USER my_user
Response: 331 Password required
Command: PASS ******
Response: 230 User logged in
Command: SYST
Response: 215 MACOS Server
Command: FEAT
Response: 211-Extensions supported:
Response: SIZE
Response: REST STREAM
Response: APPE
Response: MDTM
Response: MACB
Response: PBSZ
Response: PROT
Response: EPSV
Response: MLSD
Response: UTF8
Response: 211 End
Command: OPTS UTF8 ON
Response: 220 UTF8 OPTS ON
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is current directory.
Command: TYPE I
Response: 200 Type set to I (Image)
Command: PORT 192,168,68,115,204,128
Response: 200 PORT command successful
Command: MLSD
Response: 150 Opening connection
Response: 226 Transfer complete
Status: Directory listing of "/" successful
Update with curl log
curl -v --list-only ftp://XX.XX.XX.XX --user "username:password"
* Trying XX.XX.XX.XX:21...
* TCP_NODELAY set
* Connected to XX.XX.XX.XX (XX.XX.XX.XX) port 21 (#0)
< 220-Welcome To Rumpus!
< 220 Service ready for new user
> USER username
< 331 Password required
> PASS password
< 230 User logged in
> PWD
< 257 "/" is current directory.
* Entry path is '/'
* Request has same path as previous transfer
> EPSV
* Connect data stream passively
* ftp_perform ends with SECONDARY: 0
< 229 Entering Extended Passive Mode (|||3004|)
* Trying XX.XX.XX.XX:3004...
* TCP_NODELAY set
* Connecting to XX.XX.XX.XX (XX.XX.XX.XX) port 3004
* Connected to XX.XX.XX.XX (XX.XX.XX.XX) port 21 (#0)
> TYPE A
< 200 Type set to A (ASCII)
> NLST
< 150 Opening connection
* Maxdownload = -1
# FILE LIST HERE
* Remembering we are in dir ""
< 226 Transfer complete
* Connection #0 to host XX.XX.XX.XX left intact
Just in case anyone else stumbles on this, it appears the FTP is behind a NAT
See this link for details
http://www.elitehosts.com/blog/php-ftp-passive-ftp-server-behind-nat-nightmare/
I couldn't find a fix as this particular FTP doesn't allow passive connections but if yours does then that link will help
I have a python script which uses requests library to connect to a device with its web-interface. It uses a url with https connection.
sess = requests.Session()
try:
resp = sess.post('https://' + device + '/url_admin/login.cgi', data=login_data, verify=False)
except Exception as e:
template = "Exception: {0}\nArguments: {1!r}"
print(template.format(type(e).__name__, e.args))
When I try to execute it from command line it works perfectly (even with apache user). However, when it is triggered with a php code (exec function) from a web-portal. it throws this error
Exception: ConnectionError
Arguments: (MaxRetryError("HTTPSConnectionPool(host='some.device.com', port=443): Max retries exceeded with url: /url_admin/login.cgi (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f55aa8e6550>: Failed to establish a new connection: [Errno 13] Permission denied',))",),)
I am not sure what is the reason because the apache user is able to execute it and make connection. Why it is not connecting when executed by php code?
setsebool -P httpd_can_network_connect on
I need to get Dropbox's status on linux.
This is done by interacting with Dropbox using a unix socket file as IPC.
Currently, a Python script exists to do this.
I've got this code so far:
echo 'usr='. get_current_user().'<br/>';
$address='/root/.dropbox/iface_socket';
$socket=socket_create(AF_UNIX,SOCK_STREAM,0);
if(!socket_connect($socket,$address))
die('socket_connect '.socket_last_error().': '.socket_strerror(socket_last_error()));
The above works in that it does know what I want to do, but it fails with this error/output:
usr=root
socket_bind 13: Permission denied
It is interesting to note that both PHP and Dropboxd are running under the same user.
Note: I tried using PHP's fsockopen, but failed (something to do with "bad protocol"). Tried it again and this time round it works....till I get the same error below...
Edit: Again, I know running as root is bad, spare it, ok? :)
Edit 2: As I said earlier, PHP, Apache, Dropbox and this socket file are all under user "root", group "root".
However, if I run the socket under stat, I get the following:
[root#cov .dropbox]# stat iface_socket
File: `iface_socket'
Size: 0 Blocks: 0 IO Block: 4096 socket
Device: 7dh/125d Inode: 255754311 Links: 1
Access: (0600/srw-------) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2011-03-06 17:10:08.000000000 -0600
Modify: 2011-03-06 17:10:08.000000000 -0600
Change: 2011-03-06 17:10:08.000000000 -0600
Couldn't it be that all those -0600 is what is causing this issue? Note that if I chmod 0777 iface_socket, only the first line, (Access: (0600/srw-------)), changes; but not the other 3 underneath.
Edit 3: I was wondering, perhaps this topic would be better moved at unix/unix-like? At this point in time, it's not clear who's at fault in this issue.
Edit 4: Just ran the PHP script through strace like this:
strace php -nef /var/www/html/index.php
The relevant lines from output:
socket(PF_FILE, SOCK_STREAM, 0) = 3
fcntl(3, F_GETFL) = 0x2 (flags O_RDWR)
fcntl(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
connect(3, {sa_family=AF_FILE, path="/root/.dropbox/iface_socket"...}, 29) = 0
fcntl(3, F_SETFL, O_RDWR) = 0
close(3) = 0
In the rare case that Apache is running under the same user as Dropbox, I would just use the python command-line interface (Debian) /usr/bin/dropbox as you normally would from a terminal.
root#DevServer1:~# dropbox help
Dropbox command-line interface
commands:
Note: use dropbox help <command> to view usage for a specific command.
status get current status of the dropboxd
help provide help
puburl get public url of a file in your dropbox
stop stop dropboxd
running return whether dropbox is running
start start dropboxd
filestatus get current sync status of one or more files
ls list directory contents with current sync status
autostart automatically start dropbox at login
exclude ignores/excludes a directory from syncing
The fronted script can only effectively be used by the user that dropbox is running under. Everybody else should get a "Dropbox isn't running!" output. In your case you should be able to manipulate dropbox how you see fit from within PHP. Personally I run Dropbox as a restricted user other then my superuser. Using groups, you can safely link in folders at will and file permissions will be enforced.
<?php
$output = shell_exec('dropbox status');
echo "<pre>$output</pre>";
Dropbox isn't running!
A viable alternative.
try this instead:
<?php
$output = shell_exec("ps aux | grep '[d]ropbox'");
echo "<pre>$output</pre>";