d2jsp
Log InRegister
d2jsp Forums > Off-Topic > Computers & IT > Programming & Development > Spoofs Forever Question Thread
12Next
Add Reply New Topic New Poll
Views: 506Replies: 11Track Topic
Member
Posts: 20,139
Joined: Nov 11 2008
Gold: 20.50
#1
Jan 23 2017 11:36am
python

Code
class boy:
def __init__(self, first, last, shoes):
self.first = first
self.last = last
self.shoes = shoes
self.email = first + '.' + last +'@tribesftw.net'
print('What is your first name?')
first = input()
print('Okay, {}, and last name?'.format(first))
last = input()
print('Okay, {}, and shoes?'.format(first + ' ' + last))
shoes = input()
print('Wonderful.. I have a pair of {} myself..'.format(shoes))
sleep(4)
print('Now, I am going to take this information and write it to /root/Desktop')



Code
file = open('/home/sp00f/Desktop/info.txt', 'w')
file.write(first + ' ' + last + ', ' + shoes)
file.close()
print('Successfully wrote to file.')


but how would i write the file to an ftp server, rather than local?
would i just replace to /home/sp00f with .... ftp/ etc?
Member
Posts: 36,389
Joined: Jul 18 2008
Gold: 3,192.00
#2
Jan 23 2017 03:06pm
Different ways of doing it. You could use an scp library, you could call a command line scp function, or if possible you could mount the ftp file system locally using nfs and treat it as any other directory.
Member
Posts: 20,139
Joined: Nov 11 2008
Gold: 20.50
#3
Jan 23 2017 03:45pm
Quote (Mastersam93 @ Jan 23 2017 09:06pm)
Different ways of doing it. You could use an scp library, you could call a command line scp function, or if possible you could mount the ftp file system locally using nfs and treat it as any other directory.


what method do yall use?

the last way "mount ftp to file system locally" sounds the easiest. id like to learn that next
Member
Posts: 13,425
Joined: Sep 29 2007
Gold: 0.00
Warn: 20%
#4
Jan 23 2017 04:21pm
None of the above. Using FTP inherently insecure especially since you have to store you credentials in your script. This allows anyone to grab the username and password and vandalize your FTP.

A much better result is using a REST API with valid authentication so that you simply POST your data to your server. This also allows the use of SQL databases for further ease of storage and use.
Member
Posts: 20,139
Joined: Nov 11 2008
Gold: 20.50
#5
Jan 23 2017 04:30pm
Quote (AbDuCt @ Jan 23 2017 10:21pm)
None of the above. Using FTP inherently insecure especially since you have to store you credentials in your script. This allows anyone to grab the username and password and vandalize your FTP.

A much better result is using a REST API with valid authentication so that you simply POST your data to your server. This also allows the use of SQL databases for further ease of storage and use.


okay thank you, ill look up how how all of that works ^\_^
Member
Posts: 3,386
Joined: May 4 2013
Gold: 1,780.00
#6
Jan 24 2017 03:38am
You could mount the remote ftp to local dir and treat it as local in your script. eg. curlftpfs

You should use sftp too. Then you can still mount it like that, or use sshfs, or using ssh key authentication you wouldn't have to save login/password in your script
Member
Posts: 13,425
Joined: Sep 29 2007
Gold: 0.00
Warn: 20%
#7
Jan 24 2017 07:51am
Quote (nuvo @ Jan 24 2017 05:38am)
You could mount the remote ftp to local dir and treat it as local in your script. eg. curlftpfs

You should use sftp too. Then you can still mount it like that, or use sshfs, or using ssh key authentication you wouldn't have to save login/password in your script


If the end user has the auth key you didn't protect anything. Might as well give them the username and password.

If this project is for anything other than personal use all these suggestions in this thread are useless.
Member
Posts: 20,139
Joined: Nov 11 2008
Gold: 20.50
#8
Jan 24 2017 09:58am
ty men,

personal use.. i've been grabbing a little bit to learn at a time.

i understanding writing local or usb/media

so now im trying to grasp the next building block before doing it A) online, or B\) securely

This post was edited by spoofdaboss on Jan 24 2017 09:58am
Member
Posts: 13,425
Joined: Sep 29 2007
Gold: 0.00
Warn: 20%
#9
Jan 24 2017 02:54pm
Quote (spoofdaboss @ Jan 24 2017 11:58am)
ty men,

personal use.. i've been grabbing a little bit to learn at a time.

i understanding writing local or usb/media

so now im trying to grasp the next building block before doing it A) online, or B\) securely


Its not an or but an and. If you want to do anything online or remotely you want to design it securely from the start.

I would look into flask since you are using python and how to use its rest api. This may be a good start: http://blog.luisrei.com/articles/flaskrest.html

The ideal situation is to assign an authenticated token to your client and then let the client use a post/get api to fetch the data.

This way only clients with an authenticated token can use the api and if a token is leaked you can revoke it. This also separates the user from the storage mechanism so they can't vandalize any data except their own (depending on design).

This also allows for use of a SQL database like mysql or sqlite where you can store data and fetch it in a logical way.

Say you only want to fetch a users shoe:

Code
select shoe from users where user = "user-token"


Or you want to sort all users by first name:

Code
select first name from users order by first name desc


Makes manipulating data much easier.
Member
Posts: 20,139
Joined: Nov 11 2008
Gold: 20.50
#10
Jan 24 2017 03:12pm
Wonderful, thank you. I will probably end up reading this a few times.
Go Back To Programming & Development Topic List
12Next
Add Reply New Topic New Poll

© 2003-2026 d2jsp  Contact