I need to use scapy on remote server to dump traffic like this
sniff(filter='icmp', iface='eth1', timeout=5)
To connect to remote server I'm using RPyC.
conn = rpyc.classic.connect(HOST_IP)
but I can not understand how to use scapy on remote server.
How to call sniff function on remote server through RPyC?
The question may be considered wider - how to import module on remote machine and use its functions?
You shouldn't be sniffing with an icmp filter. You'll need to filter for tcp to get RPyC connections, which go over TCP.
Related
I am using paramiko to create a SFTP server. I have succeeded in uploading and downloading files to and from server on client request.But, I need to send a file from server to client whenever I need without client request. So, instead of breaking my head on making server send a file to client I want to make both machines act as both server and client in different ports so that when I need to send a file from machine A to B I can just Upload it to the SFTP server running on that port. Is this hypothesis possible?
You already know that you cannot send a file from an server to a client:
Can I send a file from SFTP Server to the Client without any request from it?
(The question on Server Fault has been deleted)
To answer your port question:
You do not care about client's port. It is automatically assigned to any available port, without you ever needing to know its value. In general, that's true for any TCP/IP connection, not only SFTP.
So you can just run SFTP server on both machines on the standard port 22. And use your client code on the other machine to connect to it.
I have a ZMQ server listening on port 12345 TCP. When another server connects on that port locally or via VM it works fine, but if I try from a remote server that has to go through port forwarding on my Fios firewall it just bombs. The packets are showing up in Wireshark but ZMQ just ignores them. Is there anyway to get past this?
You shouldn't be able to bind more than once to the same port number, either from the same process or another.
ZMQ should give a failure when you issue bind with a port number already in use. Are you checking return codes?
For example, if I have my minecraft server running on port 25565, I want to have a python script close the port so that all connections will be dropped and no further connections will be made without having to shutdown the service.
I have tried binding a new socket to the same port number and then closing the socket, but it does not have any effect on the server.
I am working in Python 3.3.
Use a firewall for example?
On linux there is the iptables. It's easy to use and powerful.
I'm being trying to
Log into a server using SHH (with Paramiko)
Use that connection like a proxy and route network traffic through it and out to the internet. So say I could set it as my proxy in Urllib2, Mechanize, Firefox, etc.).
Is the second part possible or will I have to have some sort of proxy server running on the server to get this to work?
You could implement a SOCKS proxy in the paramiko client that routes connections across the SSH tunnel via paramiko's open_channel method. Unfortunately, I don't know of any out-of-the-box solution that does this, so you'd have to roll your own. Alternatively, run a SOCKS server on the server, and just forward that single port via paramiko.
Are there any examples of initiating an SSH session to a remote machine with port forwarding options from within Twisted using Conch such that one can pipe normal TCP traffic through the tunnel?
Scenario:
I have a server running a custom Twisted-based Protobuf RPC service and a machine with a Twisted-based RPC client installed. The server is also running SSH. Rather than talking to the RPC service on the server directly, I would like to connect to the server using SSH from the RPC client, setup port forwarding on the server, and communicate with the RPC service using Protobuf through the SSH tunnel.
I'm already able to setup port forwarding manually and have the RPC client talk to the RPC service by pointing the RPC client to a local port on the client box, I'm just curious as to how I can do this within the client directly.
It would be awesome if there were improved documentation in Twisted for doing neat things with Conch (after all, how many other programmable SSH libraries are there?). Until that happy day comes, reading the implementation of the conch command line tool can be a big help.
Here we can see where port forwarding options from the command line are turned into some action over the SSH connection:
https://github.com/twisted/twisted/blob/4ffbe9f6851dbe7e9172f55905f264ecf50da3a6/src/twisted/conch/scripts/conch.py#L226-L238
I think you're asking about a local forwarding rule, so the localForwards loop is doing roughly what you want to do.
Implementing a tunneling Twisted SSH client that does local port forwarding can be surprisingly simple.
Just create a basic Twisted Conch SSH client, and implement the port forwarding part in the serviceStarted method of the SSH connection class of your client:
from twisted.conch.ssh import forwarding
LOCALPORT = 8888
REMOTEHOST = "127.0.0.1"
REMOTEPORT = 9999
class Connection(connection.SSHConnection):
def serviceStarted(self):
Channel = forwarding.SSHListenClientForwardingChannel
Factory = forwarding.SSHListenForwardingFactory
factory = Factory(self, (REMOTEHOST, REMOTEPORT), Channel)
s = reactor.listenTCP(LOCALPORT, factory)
That's all there's to it (REMOTEHOST is set to point to ssh server itself since that's what you said you're connecting to).