How can I setup a virtualized Ubuntu on real Windows so I can have two apps communicating simple messages between them? VM can be offline, no internet access. Real system probably offline too.
Host<->VM communication on Windows host can be implemented in several ways, independently of hypervisor you are using:
Host Only network - just assign static IP for host and machine, and use sockets api to transfer your data via virtual network. Very good for large amount of data, but require a little bit time for configuration.
Virtual COM ports - if you don't want to use sockets api and want to write data to files(on linux VM)/named pipes(on windows host). This can be simpler because require almost zero configuration, but it will not work very well with large amount of data.
Choose what will fit your needs.
Related
what I have:
I made a simple web application using Flask, which woks great on the localhost.
what I want to achieve:
I want to deploy it so it is visible in the internet.
Because Flask says that the production server should not be used for deployment I installed gunicorn.
I managed to get it working on localhost (running gunicorn server:app).
Then I tried to make it public using the -b 0.0.0.0:5000 option. it said it is running on 192.168....:5000 Now I could access the website using that ip address from my computer and also from my phone connected to the same wifi. however I was unable to connect to the website when I didn't use this wifi.
when I searched about this, I found out that the 192.168.... ip address range is reserved to the local network and cannot be accessed from anywhere else.
how do I need to run the script so it is accessible from everywhere? Do I need to modify the firewall settings? Maybe there is a better way to deploy such an app on the local machine using a different framework?
Just some additional information:
python version: 3.9
I am using a venv (and installed flask and gunicorn into it)
os: macos 11.6.1 (I could run it on an Ubuntu machine if that is easier)
This question isn't anything related with Python or Gunicorn but to networking (so maybe StackOverflow isn't the correct place to ask but other community like ServerFault)
Currently your application is already exposed on your machine in the defined port, so next step would be to forward all the traffic that comes to your router to there.
In order to do that, you will have to configure the firewall of your router to accept incoming traffic through a desired port and finally forward the traffic which comes from that port to your machine in the port 5000.
Also, in the case that you have everything already configured, it will only work if your ISP is providing you a single IPv4, what currently doesn't happen anymore but you actually are sharing that with few more people. Other option would be that you configure IPv6 incoming traffic.
As you can see, this isn't a simple task neither one that should be done without proper care, since you would be literally opening your network to possible attackers.
So, in order to simplify it at the most for you, since you already have Gunicorn, I would recommend you to use any of the resources exposed by other users as Heroku or Netlify which are free for a single application and will fulfill your expectations without requiring high amount of networking knowledge.
You would need to do the following steps:
read up and learn a lot about security for Web servers, then read some more, it is fraught with risks
find your Mac's IP address on your local network and make sure it is fixed, i.e. set as static on your Mac (under "System Preferences->Network") or reserved in your router's DHCP tables (by putting your Mac's MAC address in its allocation tables) so that it always gets the same local address on your internal network when it boots
log into your router and set up "Port Forwarding" to forward external requests (coming from the Internet) for port 5000 (or some other port) to your Mac's fixed IP address and the port 5000 where Gunicorn is serving
log into your router and find your WAN IP address, or go to http://whatsmyip.com to get the address you need to put in your browser, or your friends need to put in their browsers to see your shiny new website
as it stands, this will work until the next time your router reboots when your ISP will likely allocate it a new IP address. If you want it permanent, you need to either 1) ask your ISP for a static IP address, or 2) subscribe a DDNS service (e.g. noip.com or dyndns.com) or 3) tell your friends your new IP address every time you reboot your router
I do not know anything about gunicorn. But what I used to use when needing to deploy a flask app was pythonanywhere. They have a great and totally free hosting service. It's really fast in deploying, needs no resources from your computer and is just great. Also you would have to forward the port 5000 for your computer to enable other devices not in the same network to access your computer/flask app. That comes with security issues. However, you do not need any of that when using pythonanywhere.
There are also other great hosting services like that one. It's just the only one I know and used yet but you'll find others for sure if you don't like that one.
I'm trying to understand all the methods available to execute remote commands on Windows through the impacket scripts:
https://www.coresecurity.com/corelabs-research/open-source-tools/impacket
https://github.com/CoreSecurity/impacket
I understand the high level explanation of psexec.py and smbexec.py, how they create a service on the remote end and run commands through cmd.exe -c but I can't understand how can you create a service on a remote windows host through SMB. Wasn't smb supposed to be mainly for file transfers and printer sharing? Reading the source code I see in the notes that they use DCERPC to create this services, is this part of the smb protocol? All the resources on DCERPC i've found were kind of confusing, and not focused on its service creating capabilities. Looking at the sourcecode of atexec.py, it says that it interacts with the task scheduler service of the windows host, also through DCERPC. Can it be used to interact with all services running on the remote box?
Thanks!
DCERPC (https://en.wikipedia.org/wiki/DCE/RPC) : the initial protocol, which was used as a template for MSRPC (https://en.wikipedia.org/wiki/Microsoft_RPC).
MSRPC is a way to execute functions on the remote end and to transfer data (parameters to these functions). It is not a way to directly execute remote OS commands on the remote side.
SMB (https://en.wikipedia.org/wiki/Server_Message_Block ) is the file sharing protocol mainly used to access files on Windows file servers. In addition, it provides Named Pipes (https://msdn.microsoft.com/en-us/library/cc239733.aspx), a way to transfer data between a local process and a remote process.
One common way for MSRPC is to use it via Named Pipes over SMB, which has the advantage that the security layer provided by SMB is directly approached for MSRPC.
In fact, MSRPC is one of the most important, yet very less known protocols in the Windows world.
Neither MSRPC, nor SMB has something to do with remote execution of shell commands.
One common way to execute remote commands is:
Copy files (via SMB) to the remote side (Windows service EXE)
Create registry entries on the remote side (so that the copied Windows Service is installed and startable)
Start the Windows service.
The started Windows service can use any network protocol (e.g. MSRPC) to receive commands and to execute them.
After the work is done, the Windows service can be uninstalled (remove registry entries and delete the files).
In fact, this is what PSEXEC does.
All the resources on DCERPC i've found were kind of confusing, and not
focused on its service creating capabilities.
Yes, It’s just a remote procedure call protocol. But it can be used to start a procedure on the remote side, which can just do anything, e.g. creating a service.
Looking at the sourcecode of atexec.py, it says that it interacts with
the task scheduler service of the windows host, also through DCERPC.
Can it be used to interact with all services running on the remote
box?
There are some MSRPC commands which handle Task Scheduler, and others which handle generic service start and stop commands.
A few final words at the end:
SMB / CIFS and the protocols around are really complex and hard to understand. It seems ok trying to understand how to deal with e.g. remote service control, but this can be a very long journey.
Perhaps this page (which uses Java for trying to control Windows service) may also help understanding.
https://dev.c-ware.de/confluence/pages/viewpage.action?pageId=15007754
I have a vmware workstation pro 12 and I can open multiple virtual machines at a time. All wanted is to connect them in a virtual network. This will allow me to create a server(using python sockets) in a virtual machines and other VMs act as clients. Is my idea possible? if possible How can I do it.
Im not sure if this help but your question doesnt really help either.
So the last time I used vmware was for virtual machine. I think it was called wmware workstation 12. I used the free version which lets you use it for noncommercial use. If you are using that then this most likely applies.
So because its not the pro or commercial version you can only open one virtual machine at a time. But from your question seems like your using python. Not sure what that means. But what i am trying to say is if its the free version then you may only be able to open one virtual machine at a time.
This maybe the problem your having.
I hoped this helps, if not you then someone else.
EDIT
Here is a few youtube video i have found that will help to make a virtual network. You need to make a host-only network. May wish to turn on dhcp. Once your created the virtual network. All the vms need to use the same virtual network. Now that your vms are on the same network and are able to communicate with each other hopefully your python script should work. Im not sure how to use pyhton. Otherwise would have provided code to open a simple socket and test it from client side. Anyway im sure you could your script correctly and it should work now. You may need to use ipconfig (windows cmd)/ifconfig (unix terminal) to find the ip address of the server machine.
https://www.youtube.com/watch?v=8VPkRC0mKF4
https://youtu.be/vKoFSmy3agM?t=131
Here is link to simple python server
https://www.tutorialspoint.com/python/python_networking.htm
the host variable in the client code should be the ip of the server and not gethostname. so use ifconfig/ipconfig on server to find the server ip.
👍
I would like to synchronize folders and files between a server and some client. Due to the fact that the client part is limited by firewalls and proxy server, I'm forced to use a HTTP based solution.
Is there any HTTP/REST based library (both server and client side) optimized for file synchronization?
(Python or C based solutions would be nice.)
PS: the server side has to run on linux
You could try WebDAV
Python has some libraries to handle it
Seafile is a very interesting server and client syncronization software.
http://www.seafile.com/
It's open source and written in Python and C.
There are many clients for different platforms: mobile (Android and iOS), Linux and Windows.
The server part can run both on Linux (also for RaspberryPI) and Windows.
The software is based on the concept of libraries that can be shared between users and also crypted both in local and server side.
It uses also a deduplication algorithm for bandwidth and performance optimizations.
This is my scenario: I developed a Python desktop application which I use to probe the status of services/DBs on the very same machine it is running on.
My need is to monitor, using my application, two "brother" Window Server 2003 hosts (Python version is 2.5 for both). One of the hosts lies in my own LAN, the other one lies in another LAN which is reachable via VPN.
The application is composed by:
A Graphical User Interface (gui.py), which provides widgets to collect user inputs and launches the...
...business-logic script (console.py), which in turn invokes slave Python scripts that check the system's services and DB usage/accounts status/ecc. The textual output of those checks is then returned back to the GUI.
I used to execute the application directly on each the two machines, but it would be great to turn it into a client/server application, so that:
users will just be supposed to run the gui.py locally
the gui.py will be supposed to communicate parameters to some server remakes of console.py which will be running on both of the Windows hosts
the servers will then execute system checks and report back the results to the client GUIs which will display them.
I thought about two possible solutions:
Create a Windows service on each of the Windows hosts, basically executing console.py's code and waiting for incoming requests from the clients
Open SSH connections from any LAN host to the eliged Windows host and directly run console.py on it.
I am working on a corporate environment, which has some network and host constraints: many network protocols (like SSH) are filtered by our corporate firewall. Furthermore, I don't have Administration privileges onto the Windows hosts, so I can't install system services on them...this is frustrating!
I just wanted to ask if there is any other way to make gui.py and console.py communicate over the network and which I did not take into account. Does anyone have any suggestion? Please note that - if possible - I'm not going to ask ICT department to give me Administration privileges on the Windows hosts!
Thanks in advance!
Answer to myself: I found one possible solution..
I'm lucky because the console.py script is actually invoking many slave python scripts, each of them performing one single system check via standard third-party command-line tools which can be fired to check features on remote hosts.
Then, what I did was to modify the gui.py and console.py so that users can parametrically specify on which Windows host the checks must be carried out.
In this way, I can obtain a ditributed application...but I've been lucky, what if one or more of the third-party CL tools did not support remote host features checking?