We Keep Coding

phpseclib wordpress integration not working - phpseclib

i am trying to run phpseclib with Wordpress but its not logging in. the same code runs on PHP Designer 8 which has PHP v 5.* but on word press with PHP 7.3* and PHP 7.4 its not running. I got 2 error in Eventviewer
sshd: Bad packet length 980908999. [preauth]
sshd: ssh_dispatch_run_fatal: Connection from 127.0.0.1 port 15412: message authentication code incorrect [preauth]
SFTP server is Openssh
it gives 2 warnings on the webpage as follows. Can someone guide please. thanks.
Warning: unpack(): Type C: not enough input, need 1, have 0 in C:\Program Files (x86)\xampp\htdocs\testing\wp-content\plugins\sftp\phpseclib\Net\SSH2.php on line 1345
Warning: extract() expects parameter 1 to be array, bool given in C:\Program Files (x86)\xampp\htdocs\testing\wp-content\plugins\sftp\phpseclib\Net\SSH2.php on line 1345
$sftp = new Net_SFTP('127.0.0.1',22); $sftp->getLog(); if
(!$sftp->login('myuser', 'pass')) { //if you can't log on...
$sftp->getLog(); echo $sftp->getErrors();
print_r($sftp->getSFTPErrors()); echo $sftp->getSFTPLog();
exit('sftp Login Failed'); } echo $sftp->pwd();

Related

connect-script = /app/connect.sh
disconnect-script = /app/disconnect.sh
I have the above configuration in my ocserv.conf in the docker container, but ocserv fails to execute /app/connect.sh when there is a connection. I cann't find the real cause from the following log, has anyone had the same issue?
ocserv[26]: main[test]:xxx.xxx.179.135:57352 user of group 'Route' authenticated (using cookie)
ocserv[29]: main[test]:xxx.xxx.179.135:57352 executing script up /app/connect.sh
ocserv[29]: main[test]:xxx.xxx.179.135:57352 main-user.c:379: Could not execute script /app/connect.sh
ocserv[26]: main[test]:xxx.xxx.179.135:57352 connect-script exit status: 1
ocserv[26]: main[test]:xxx.xxx.179.135:57352 failed authentication attempt for user 'test'
The content of /app/connect.sh:
#!/bin/bash
echo "$(date) [info] User ${USERNAME} Connected - Server: ${IP_REAL_LOCAL} VPN IP: ${IP_REMOTE} Remote IP: ${IP_REAL} Device:${DEVICE}"

Well, I figured it out myself that the docker container I created doesn't have bash, and one solution is to substitute #!/bin/bash with #!/bin/sh.

The "http" addresses worked fine.
The "https" version gives me a handshake error:
This is the error that I get when I call the following:
Dim lSuccess&
lSuccess = nHttp.Download("https://autoconfig.thunderbird.net/v1.1/gmx.de", "d:\weg.xml")
lSuccess returns 0 which mean an error occured.
ChilkatLog:
Download:
DllDate: Aug 1 2014
ChilkatVersion: 9.5.0.43
UnlockPrefix: *******
Username: *******
Architecture: Little Endian; 32-bit
Language: ActiveX
VerboseLogging: 0
url: https://autoconfig.thunderbird.net/v1.1/gmx.de
toLocalPath: d:\weg.xml
currentWorkingDir: C:\Program Files (x86)\Microsoft Visual Studio\VB98
a_httpDownload:
httpDownloadFile:
localFilePath: d:\weg.xml
localFileAlreadyExists: 0
quickHttpRequest:
httpVerb: GET
url: https://autoconfig.thunderbird.net/v1.1/gmx.de
openHttpConnection:
Opening connection directly to HTTP server.
httpHostname: autoconfig.thunderbird.net
httpPort: 443
ssl: 1
socket2Connect:
connect2:
connectImplicitSsl:
clientHandshake:
clientHandshake2:
processAlert:
TlsAlert:
level: fatal
descrip: handshake failure
--TlsAlert
--processAlert
Failed to read incoming handshake messages. (1)
--clientHandshake2
--clientHandshake
Client handshake failed. (3)
--connectImplicitSsl
ConnectFailReason: 0
--connect2
--socket2Connect
ConnectFailReason: 0
connectElapsedMs: 32
--openHttpConnection
--quickHttpRequest
outputLocalFileSize: 0
numOutputBytesWritten: 0
httpDownloadFile failed.
--httpDownloadFile
a_httpDownload failed.
--a_httpDownload
totalElapsedMs: 47
Failed.
--Download
--ChilkatLog

You're using a VERY OLD version of Chilkat. Update Chilkat to the latest version.. TLS and TLS server requirements evolve over the years. One cannot expect any implementation to work forever when the external world is always changing..

When I use the plugin for authentication at server.conf, authentication wont work, but without it, non existent users can authenticate also.
I have added the following lines in the server conf and clinet
Commands in the server.conf file
================================
mode server
tls-server
plugin /usr/lib64/openvpn/plugin/lib/openvpn-auth-pam.so login
key-direction 0
================================
Commands in the client file
=================================
port 1194
proto udp
dev tun
nobind
key-direction 1
redirect-gateway def1
tls-version-min 1.2
auth SHA256
auth-user-pass
tls-client
remote-cert-tls server
resolv-retry infinite
persist-key
persist-tun
verb 3
===============================
Logs:
==============================================================
PLUGIN_CALL: POST /usr/lib64/openvpn/plugin/lib/openvpn-auth-pam.so/PLUGIN_AUTH_USER_PASS_VERIFY status=1
PLUGIN_CALL: plugin function PLUGIN_AUTH_USER_PASS_VERIFY failed with status 1: /usr/lib64/openvpn/plugin/lib/openvpn-auth-pam.so
TLS Auth Error: Auth Username/Password verification failed for peer
Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #7 / time = (1559124952) Wed May 29 10:15:52 2019 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:
openvpn[10420]: pam_unix(login:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=*****```
==============================================================

I have used differen approached, although in production plugin /usr/lib64/openvpn/plugin/lib/openvpn-auth-pam.so login is recommended way, but I have taken one shell script and got authentication, but remember it is dangerous.
add following lines in your /etc/openvpn/server.conf file
--verify-cline-cert none
script-security 2
auth-user-pass-verify /etc/openvpn/example.sh via-file
Now create a file in /etc/openvpn/example.sh with following content
!/bin/bash
echo "started"
username=`head -1 $1`
password=`tail -1 $1`
if grep "$username:$password" $0.passwd > /dev/null 2>&1
then
exit 0
else
if grep "$username" $0.passwd > /dev/null 2>&1
then
echo "auth-user-pass-verify: Wrong password entered for user '$username'"
else
echo "auth-user-pass-verify: Unknown user '$username'"
fi
exit 1
fi
Now create username and password in /etc/openvpn/example.sh.passwd with following content
userone:securepassworduserone
usertwo:securepasswordusertwo
Now create a client file and import and connect using your password, but this where I am stack as I don't want to provide client file.

The client.php example using command "php client.php" , in http://gearman.org/getting-started/ can successfully communicate to worker.php, but using in webbrowser failed to communicated to worker.php, Does anyone know why and how to configure the gearmand or work around?
OS:CentOS 6.7
Gearmand version:1.1.8.
Gearmand started with "gearmand -l stderr --verbose DEBUG"
when Clients communicate using "gearman -f work < /somedir/somefile" command, the information return as predicted, terminal displays informations as follow,
DEBUG 2015-10-30 11:56:01.371309 [ 1 ] Received GEARMAN_GRAB_JOB_ALL ::58ca:3fa1:77f:0%4234047483:2705334353 -> libgearman-server/thread.cc:310
DEBUG 2015-10-30 11:56:01.371317 [ 1 ] ::58ca:3fa1:77f:0%4234047483:41704 Watching POLLIN -> libgearman-server/gearmand_thread.cc:151
DEBUG 2015-10-30 11:56:01.371334 [ proc ] ::58ca:3fa1:77f:0%4234047483:41704 packet command GEARMAN_CAN_DO -> libgearman-server/server.cc:111
DEBUG 2015-10-30 11:56:01.371344 [ proc ] Registering function: work -> libgearman-server/server.cc:522
DEBUG 2015-10-30 11:56:01.371352 [ proc ] ::58ca:3fa1:77f:0%4234047483:41704 packet command GEARMAN_GRAB_JOB_ALL -> libgearman-server/server.cc:111
DEBUG 2015-10-30 11:56:01.371371 [ 1 ] Received RUN wakeup event -> libgearman-server/gearmand_thread.cc:610
but when webbrowser navigates to "http://localhost/client.php",no information showed in web browser, terminal displays nothing too.
information in error.log of nginx as follow:
2015/10/30 04:59:10 [error] 2756#0: *2 FastCGI sent in stderr: "PHP message: PHP Warning: GearmanClient::doNormal(): send_packet(GEARMAN_COULD_NOT_CONNECT) Failed to send server-options packet -> libgearman/connection.cc:485 in /usr/share/nginx/html/client.php on line 4" while reading response header from upstream, client: 127.0.0.1, server: localhost, request: "GET /client.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "localhost"
[root#localhost html]# cat client.php
<?php
$client= new GearmanClient();
$client->addServer("127.0.0.1",4730);
print $client->doNormal("reverse", "Hello World!");
?>
[root#localhost html]# cat worker.php
<?php
$worker= new GearmanWorker();
$worker->addServer("127.0.0.1",4730);
$worker->addFunction("reverse", "my_reverse_function");
while ($worker->work());
function my_reverse_function($job)
{
return strrev($job->workload());
}
?>
maybe the problem is that the webpage has limits or permission on socket operation?
I think configuration with --http-port option maybe now not mature and stable,So my prefered solution is that php webpages as client can submit job directly to Gearmand, to be processed by a C++ complied worker program. And the c++ worker program should serve many request without call and run and exit per request to save time.
Can this solution possible.
Please help me.
Thanks a lot!

With guidance from tom and Wali Usmani and Clint, finally the Cause was narrowed down to the permission problem in SELinux.
Details can be refered to https://groups.google.com/forum/#!topic/gearman/_dW8SRWAonw.
many thanks to tom and Wali Usmani and Clint.

I want to ask opencart problem, I got this error:
SyntaxError: JSON.parse: unexpected non-whitespace character after JSON data
OK
{"country_id":"100","name":"Indonesia","iso_code_2":"ID","iso_code_3":"IDN" ,"address_format":"","postcode_required":"1","zone":[{"zone_id":"1507","country_id":"100","name":"Aceh","code":"Aceh","status":" 1"},{"zone_id":"1508","country_id":"100","name":"Bali","code":"Bali","statu s":"1"},{"zone_id":"1509","country_id":"100","name":"Banten","code":"Banten ","status":"1"},{"zone_id":"1510","country_id":"100","name":"Bengkulu","cod e":"BE","status":"1"},{"zone_id":"1511","country_id":"100","name":"D.I.Yogy akarta","code":"YG","status":"1"},{"zone_id":"1512","country_id":"100","nam e":"Gorontalo","code":"GO","status":"1"},{"zone_id":"1513","country_id":"10 0","name":"Jakarta","code":"Jakarta","status":"1"},{"zone_id":"1514","count ry_id":"100","name":"Jambi","code":"JA","status":"1"},{"zone_id":"1515","co untry_id":"100","name":"Jawa Barat","code":"JB","status":"1"},{"zone_id":"1516","country_id":"100","name ":"Jawa Tengah","code":"JT","status":"1"},{"zone_id":"1517","country_id":"100","nam e":"Jawa Timur","code":"JI","status":"1"},{"zone_id":"1518","country_id":"100","name ":"Kalimantan Barat","code":"KB","status":"1"},{"zone_id":"1519","country_id":"100","name ":"Kalimantan Selatan","code":"KS","status":"1"},{"zone_id":"1520","country_id":"100","na me":"Kalimantan Tengah","code":"KT","status":"1"},{"zone_id":"1521","country_id":"100","nam e":"Kalimantan Timur","code":"KI","status":"1"},{"zone_id":"1522","country_id":"100","name ":"Kepulauan Bangka Belitung","code":"BB","status":"1"},{"zone_id":"1537","country_id":"100","n ame":"Kepulauan Riau","code":"KPR","status":"1"},{"zone_id":"1523","country_id":"100","name ":"Lampung","code":"LA","status":"1"},{"zone_id":"1524","country_id":"100", "name":"Maluku","code":"MA","status":"1"},{"zone_id":"1525","country_id":"1 00","name":"Maluku Utara","code":"MU","status":"1"},{"zone_id":"1526","country_id":"100","name ":"Nusa Tenggara Barat","code":"NB","status":"1"},{"zone_id":"1527","country_id":"100","name ":"Nusa Tenggara Timur","code":"NT","status":"1"},{"zone_id":"1528","country_id":"100","name ":"Papua","code":"PA","status":"1"},{"zone_id":"3970","country_id":"100","n ame":"Papua Barat","code":"PB","status":"1"},{"zone_id":"1529","country_id":"100","name ":"Riau","code":"RI","status":"1"},{"zone_id":"3971","country_id":"100","na me":"Sulawesi Barat","code":"SR","status":"1"},{"zone_id":"1530","country_id":"100","name ":"Sulawesi Selatan","code":"SN","status":"1"},{"zone_id":"1531","country_id":"100","na me":"Sulawesi Tengah","code":"ST","status":"1"},{"zone_id":"1532","country_id":"100","nam e":"Sulawesi Tenggara","code":"SG","status":"1"},{"zone_id":"1533","country_id":"100","n ame":"Sulawesi Utara","code":"SA","status":"1"},{"zone_id":"1534","country_id":"100","name ":"Sumatera Barat","code":"SB","status":"1"},{"zone_id":"1535","country_id":"100","name ":"Sumatera Selatan","code":"SS","status":"1"},{"zone_id":"1536","country_id":"100","na me":"Sumatera Utara","code":"SU","status":"1"}],"status":"1"}<b>Warning</b>:
file_put_contents(C:\xampp\htdocs\rumahjoy\vqmod/logs/Fri.log) [<a href='function.file-put-contents'>function.file-put-contents</a>]: failed to open stream: No such file or directory in <b>/home/sloki/user/h1604/sites/rumahjoy.com/www/vqmod/vqmod.php</b> on line <b>395</b>LOG FILE COULD NOT BE WRITTEN
I have 2 question:
First, what happen with my vqmod? It got C:\xampp (localhost). I've hosted it to server which must be /home/sloki/user/.......
Second, what's wrong with JSON error? Because at localhost it works fine.

Upgrade to VQmod 2.3.2 then its solved..