I recently started a single gear application, python 2.7 on Openshift.
I am not being allowed to open a socket -
The Terminal Returned with:
File "server.py", line 21, in <module>
server_socket.bind(("0.0.0.0", PORT))
File "/opt/rh/python27/root/usr/lib64/python2.7/socket.py", line 224, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 13] Permission denied
I just need a small socket up and running - does anyone know how I can open a socket on their hosting? If not, what is a good alternative solution so that I can host and open my own python sockets?
you need to bind to your gear's ip address, which on python cartridge i believe is OPENSHIFT_PYTHON_IP, you can't bind to 0.0.0.0, also, only applications bound to port 8080 can be accessed from outside of openshift. (ports 80,443,8000,8443 are all routed to port 8080 on your gear)
Related
I'm doing lab in Malware analysis.
The task is to investigate CVE-2015-7547 glibc vulnerability.
Google already gave proof of concept code. This code contains client in C and fake DNS server in python. When I try to run server, it throws exception:
turbolab#sandbox:~/Desktop$ sudo python CVE-2015-7547-poc.py
Traceback (most recent call last):
File "CVE-2015-7547-poc.py", line 176, in <module>
tcp_thread()
File "CVE-2015-7547-poc.py", line 101, in tcp_thread
sock_tcp.bind((IP, 53))
File "/usr/lib/python2.7/socket.py", line 224, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 98] Address already in use
IP was set to 127.0.0.1.
How to run server and connect client to it?
You could run netstat -lpn to list all listening connections, with pids (-n do not resolve names).
To test for this vulnerability
Clone the POC code git clone https://github.com/fjserna/CVE-2015-7547.git
Set your DNS server to localhost (127.0.0.1) edit /etc/resolv.conf
Run the POC DNS server
sudo python CVE-2015-7547-poc.py
Compile the client
make
Run the client
./CVE-2015-7547-client
CVE-2015-7547-client segfaults when you are vulnerable
CVE-2015-7547-client reports CVE-2015-7547-client: getaddrinfo: Name or service not known when not vulnerable.
See this Ubuntu Security Notice for more information, as well the original Google blog
Google-app-engine development server runs great yesterday, but when I try to start it today. It only shout out this Error.
I tried use lsof -i:8080 / lsof -i:8000 to make sure these ports are not taken.
I also tried use a --port arg to switch to another port.
I even removed the gae folder and installed a new one.
-- with no luck at all.
Maybe there is a obvious solution but I can't see it.
Here is the Oh-My-God trace stack..
Traceback (most recent call last):
File "/home/henry/software/google_appengine/dev_appserver.py", line 182, in <module>
_run_file(__file__, globals())
File "/home/henry/software/google_appengine/dev_appserver.py", line 178, in _run_file
execfile(script_path, globals_)
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/devappserver2.py", line 689, in <module>
main()
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/devappserver2.py", line 682, in main
dev_server.start(options)
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/devappserver2.py", line 653, in start
apis.start()
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/api_server.py", line 152, in start
super(APIServer, self).start()
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/wsgi_server.py", line 294, in start
raise BindError('Unable to find a consistent port %s' % host)
google.appengine.tools.devappserver2.wsgi_server.BindError: Unable to find a consistent port localhost
Exception in thread Thread-4 (most likely raised during interpreter shutdown):
Traceback (most recent call last):
File "/usr/lib/python2.7/threading.py", line 810, in __bootstrap_inner
File "/usr/lib/python2.7/threading.py", line 763, in runhenry#henry-A
This can be caused by multiple entries in your hosts file for 'localhost'.
For example in file /etc/hosts:
127.0.0.1 localhost
127.0.0.1 mymachinename localhost
if you delete all mappings but one for localhost, the problem will hopefully be resolved.
127.0.0.1 mymachinename localhost
This is a known issue and as far as I understand it will be corrected in a future release.
While I never seen that before try running it on a different port or even using a different host:
dev_appserver.py /path/to/project --port 8888 --host 127.0.0.1
Where for host add your current IP address.
Similar to what was posted, I had this issue and fixed it by altering the hosts file. The issue was with IPv6 addresses redirecting to localhost:
In my hosts file I had
127.0.0.1 localhost
::1 localhost
fe80::1%lo0 localhost
And I commented out the IPv6 addresses to give
127.0.0.1 localhost
#::1 localhost
#fe80::1%lo0 localhost
I'm not sure this is a viable permanent solution as I imagine it's important to have the IPv6 numerical addresses for localhost to be in the hosts file but it works for now until a proper fix is released.
I suppose there is a bug in the google app engine.
I debuged appengine/tools/devappserver2/wsgi_server.py, and here is the facts:
1. it runs fine when internet is disconnected
2. it shows such error when internet is on.
280 addrinfo = socket.getaddrinfo(host, port, socket.AF_UNSPEC,
281 socket.SOCK_STREAM, 0, socket.AI_PASSIVE)
In this piece of code, if you connect internet, addrinfo will only have the address in public internet. even you assign port and host in command line. Then you have no chance to bind this socket to localhost, since the address you bind is the public address you are using now.
In order to solve it, I just change the code into
280 addrinfo = socket.getaddrinfo(host, port, socket.AF_UNSPEC,
281 socket.SOCK_STREAM, 1, socket.AI_PASSIVE)
It works well now, I didn't check the code about socket.getaddrinfo, however, I suppose that it functions as ignoring the lookup address or not according to the integer 0 or 1.
Btw, I am using MacOs, there could be system dependency problem as well, if this is the case, then socket package should redesign somehow.
dev_appserver.py . --port 4000
this fixed it for me.
I solved this issue by passing an explicit api port to dev_appserver.py:
dev_appserver.py path/to/project --api_port 3000
I was unable to solve the issue by editing the hosts file or passing --port / --host to dev_appserver.py.
I didn't identify the root cause.
In my case just restarting the terminal worked.
Google-app-engine development server runs great yesterday, but when I try to start it today. It only shout out this Error.
I tried use lsof -i:8080 / lsof -i:8000 to make sure these ports are not taken.
I also tried use a --port arg to switch to another port.
I even removed the gae folder and installed a new one.
-- with no luck at all.
Maybe there is a obvious solution but I can't see it.
Here is the Oh-My-God trace stack..
Traceback (most recent call last):
File "/home/henry/software/google_appengine/dev_appserver.py", line 182, in <module>
_run_file(__file__, globals())
File "/home/henry/software/google_appengine/dev_appserver.py", line 178, in _run_file
execfile(script_path, globals_)
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/devappserver2.py", line 689, in <module>
main()
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/devappserver2.py", line 682, in main
dev_server.start(options)
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/devappserver2.py", line 653, in start
apis.start()
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/api_server.py", line 152, in start
super(APIServer, self).start()
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/wsgi_server.py", line 294, in start
raise BindError('Unable to find a consistent port %s' % host)
google.appengine.tools.devappserver2.wsgi_server.BindError: Unable to find a consistent port localhost
Exception in thread Thread-4 (most likely raised during interpreter shutdown):
Traceback (most recent call last):
File "/usr/lib/python2.7/threading.py", line 810, in __bootstrap_inner
File "/usr/lib/python2.7/threading.py", line 763, in runhenry#henry-A
This can be caused by multiple entries in your hosts file for 'localhost'.
For example in file /etc/hosts:
127.0.0.1 localhost
127.0.0.1 mymachinename localhost
if you delete all mappings but one for localhost, the problem will hopefully be resolved.
127.0.0.1 mymachinename localhost
This is a known issue and as far as I understand it will be corrected in a future release.
While I never seen that before try running it on a different port or even using a different host:
dev_appserver.py /path/to/project --port 8888 --host 127.0.0.1
Where for host add your current IP address.
Similar to what was posted, I had this issue and fixed it by altering the hosts file. The issue was with IPv6 addresses redirecting to localhost:
In my hosts file I had
127.0.0.1 localhost
::1 localhost
fe80::1%lo0 localhost
And I commented out the IPv6 addresses to give
127.0.0.1 localhost
#::1 localhost
#fe80::1%lo0 localhost
I'm not sure this is a viable permanent solution as I imagine it's important to have the IPv6 numerical addresses for localhost to be in the hosts file but it works for now until a proper fix is released.
I suppose there is a bug in the google app engine.
I debuged appengine/tools/devappserver2/wsgi_server.py, and here is the facts:
1. it runs fine when internet is disconnected
2. it shows such error when internet is on.
280 addrinfo = socket.getaddrinfo(host, port, socket.AF_UNSPEC,
281 socket.SOCK_STREAM, 0, socket.AI_PASSIVE)
In this piece of code, if you connect internet, addrinfo will only have the address in public internet. even you assign port and host in command line. Then you have no chance to bind this socket to localhost, since the address you bind is the public address you are using now.
In order to solve it, I just change the code into
280 addrinfo = socket.getaddrinfo(host, port, socket.AF_UNSPEC,
281 socket.SOCK_STREAM, 1, socket.AI_PASSIVE)
It works well now, I didn't check the code about socket.getaddrinfo, however, I suppose that it functions as ignoring the lookup address or not according to the integer 0 or 1.
Btw, I am using MacOs, there could be system dependency problem as well, if this is the case, then socket package should redesign somehow.
dev_appserver.py . --port 4000
this fixed it for me.
I solved this issue by passing an explicit api port to dev_appserver.py:
dev_appserver.py path/to/project --api_port 3000
I was unable to solve the issue by editing the hosts file or passing --port / --host to dev_appserver.py.
I didn't identify the root cause.
In my case just restarting the terminal worked.
I'm trying to connect to SSH server in the following way:
import paramiko
import socks
sock = socks.socksocket()
sock.setproxy(socks.PROXY_TYPE_SOCKS5, 'localhost', 22, True)
sock.connect((**IP address of SSH server**, 22))
t = paramiko.Transport(sock)
t.connect( None, 'username', 'password')
And get the following error
> Traceback (most recent call last): ...
> sock.connect((**IP address of SSH server**, 22)) File "C:\Python27\lib\site-packages\socks.py", line 368, in connect
> _orgsocket.connect(self,(self.__proxy[1],portnum)) File "C:\Python27\lib\socket.py", line 224, in meth
> return getattr(self._sock,name)(*args) socket.error: [Errno 10061] No connection could be made because the target machi ne actively
> refused it
My goal is to simulate Putty's way in creating SSH SOCKS Proxy as here:
Configure PuTTY To Create SSH SOCKS Proxy For Secure Browsing.
Or equivalent
ssh -D [localhost]port
for local dynamic application-level port forwarding.
Can someone explain, please, what's wrong and how to do it the right way using paramiko?
Thanks.
P.S.
I've found this https://stackoverflow.com/a/5823383/1264304 However, I don't succeed to implement it. Someone?
Paramiko can natively connect to ssh. You don't need the SOCKS library to connect to the ssh server. Additionally, when you try, the remote server refuses to connect because you don't authenticate.
The proper way to do this would be to connect with paramiko's sshClient:
import paramiko
ssh = paramiko.SSHClient()
ssh.connect('yourServer', username='you',
password='yay!')
And then, get the underlying transport:
trans = ssh.get_transport()
Finally, have the ssh client forward a tcp port with open channel:
trans.open_channel("forwarded-tcpip", dest_addr=('serverIP',8000), src_addr=('localhost'),8000))
This will cause any connections on port 8000 locally to be forwarded to port 8000 remotely across this ssh session.
I have created an FTP client using ftplib. I am running the server on one of my Ubuntu virtual machine and client on another. I want to connect to the server using ftplib and I'm doing it in the following way:
host = "IP address of the server"
port = "Port number of the server"
ftpc = FTP()
ftpc.connect(host, port)
I'm getting the following error!
Traceback (most recent call last):
File "./client.py", line 54, in <module>
ftpc.connect(host, port)
File "/usr/lib/python2.7/ftplib.py", line 132, in connect
self.sock = socket.create_connection((self.host, self.port), self.timeout)
File "/usr/lib/python2.7/socket.py", line 571, in create_connection
raise err
socket.error: [Errno 111] Connection refused
When I went through the docs of python, I could see ftplib used only with domain names as in FTP("domain name"). Can I use IP address instead of domain name? In my case I am unable to comprehend the error. It would be great if anyone can help me out.
Also if I use port 21 on my server, I'm getting socket error: Connection refused. How do I use port 21 for my FTP server?
Thank You.
It seems like you are trying to connect to SFTP server using ftplib which is giving you the Connection Refused error. Try using pysftp instead of ftplib and see if it works.
On the virtual machine, test by typing ftp and sftp commands on the console. You will get to know on which server the machine is running i.e ftp or sftp.
To solve the problem, I install and config vsftpd:
sudo apt install vsftpd (if not exist)
sudo vim /etc/vsftpd.conf
set "listen=YES"