Test using a real server

[BoboTiG]

The core behavior of Pombo is not tested at all. One should start a PHP server with php -S localhost:8000 and use it to do the testing.

[greengameplayer]

Hello! Great project you have here, I support it fully. While trying to make Pombo work on Linux without modification I get the following error:
Zipping files Encrypting zip with GnuPG ['C:\\\\pombo\\\\bin\\\\gpg.exe', '--batch', '--no-default-keyring', '--trust-model', 'always', '-r', '6F28B307', '-o', '/tmp/james-q4os_20210204_230654.zip.gpg', '-e', '/tmp/james-q4os_20210204_230654.zip'] & useshell=False [Errno 2] No such file or directory: 'C:\\\\pombo\\\\bin\\\\gpg.exe': 'C:\\\\pombo\\\\bin\\\\gpg.exe' Traceback (most recent call last): File "/usr/local/bin/pombo", line 1075, in <module> sys.exit(main(sys.argv[1:])) File "/usr/local/bin/pombo", line 1062, in main pombo.work() File "/usr/local/bin/pombo", line 878, in work self.snapshot(current_ip) File "/usr/local/bin/pombo", line 704, in snapshot output, File "/usr/local/bin/pombo", line 557, in runprocess shell=useshell, File "/usr/lib/python3.7/subprocess.py", line 775, in __init__ restore_signals, start_new_session) File "/usr/lib/python3.7/subprocess.py", line 1522, in _execute_child raise child_exception_type(errno_num, err_msg, err_filename) FileNotFoundError: [Errno 2] No such file or directory: 'C:\\\\pombo\\\\bin\\\\gpg.exe': 'C:\\\\pombo\\\\bin\\\\gpg.exe'

I also noticed that deselecting the checkbox for webcam picture and desktop screenshot does not work when running pombo check:

Not a boolean: Traceback (most recent call last): File "/usr/local/bin/pombo", line 1075, in <module> sys.exit(main(sys.argv[1:])) File "/usr/local/bin/pombo", line 1062, in main pombo.work() File "/usr/local/bin/pombo", line 868, in work self.configuration = self.config() File "/usr/local/bin/pombo", line 260, in config config["screenshot"] = conf.getboolean("Commands", "screenshot") # type: ignore File "/usr/lib/python3.7/configparser.py", line 828, in getboolean raw=raw, vars=vars, fallback=fallback, **kwargs) File "/usr/lib/python3.7/configparser.py", line 808, in _get_conv **kwargs) File "/usr/lib/python3.7/configparser.py", line 802, in _get return conv(self.get(section, option, **kwargs)) File "/usr/lib/python3.7/configparser.py", line 1160, in _convert_to_boolean raise ValueError('Not a boolean: %s' % value) ValueError: Not a boolean:

This I bypassed by entering "false" into the command and leaving the checkbox selected. I shall attempt to find and replace the windows gpg.exe with the gnupgcommand on Linux.

[greengameplayer]

Changing the line gpg_binary=C:\\\pombo\\bin\\gpg.exe': to gpg_binary=gpg now allows gpg to execute. Now the issue is I have gpg running as root, so when I generated my gpg key it did not add it to root's keyring. On my user account, running gpg --output mypubkey.gpg --armor --export mykeyfingerprinthere1234 and then as root gpg --import /home/$USER/Documents/mypubkey.gpg allows gpg to go all the way through. I then set the password in pombo.php and set it the same in the pombo config for the device to be tracked. After I did this it went all the way through, reporting "File Stored."! The file was indeed there and I could decrypt it. It contained the report that was expected. I will restart this process when I am not so tired and make an exact step list.

[greengameplayer]

1. Run debian-easy-install.sh (a small script I wrote, attached, as .txt because github doesn't like .sh)
2. create gpg key and export it
3. import gpg public key as root (sudo su)
4. copy keyid from one operation
5. run sudo ./pombo-config:

• paste keyid into keyid box
• set server to "http://localhost:8000/pombo.php"
• set password to "Test123"
• change the Network command to 'ip a'
• change the Wireless command to 'iwlist scanning'
• change the Traceroute command to 'traceroute -q1 -n www.duckduckgo.com'
• change Network Traffic command to 'netstat -putn'
• change Screenshot and Webcam shot to "false"

6. save and exit
7. edit gpg_binary in /etc/pombo.conf to 'gpg_binary=gpg'
8. edit pombo.php:

• password = Test123
• check = .stolen

9. run php -S localhost:8000
10. in another terminal run sudo pombo check
11. encrypted report produced and is dropped in PHP directory! (heavily edited version attached)

report.txt
debian-easy-install.txt

[greengameplayer]

I did a remote test today - both on a remote server on the local network and away from the server on another physical location. This appears to have worked and all three attempts succeed when sending the files. I only have one issue, if one of the information generating commands fails the entire process grinds to a halt. It does not go on to attempt 2 or 3 and does not send a partial report. Other than that this appears to be working on a real server, both on local network and on a remote network.