Giter VIP home page Giter VIP logo

vpsbot's People

Contributors

dxomg avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar

Forkers

infinitecod3 jbcloud1 eternodehosting brutal32 aviva668 5l1v3r1

vpsbot's Issues

Avoid hardcodding command in the code as much as possible

Hardcodding command in python and in any other language is really bad practice.. because you should not expect that the user use the system exactly as you do and because bad actor can use it at their advantage to bypass some security. do some ctf and you will find a lot of these exemple...

The best way is to find a lib that handle that for you (you could do syscall too but honestly, that's quite a leap in difficulty)
for instace you can use that https://github.com/lxc/python3-lxc You can check the code... there is some python interface to use and in the background it uses lxclib which handle lxc directly

same should exist for docker tho

Don't do that!

vpsbot/lxcbot/main.py

Line 341 in 5bdbc14

os.system("rm .ssh/known_hosts") # Remove known_hosts file to prevent Bad Host Key error from paramiko in web panel

You should not remove that file!! this is really not the way as this file is really used by a lot of application.

Imo you should let the user handle the problem with known host by themself... they just have to do ssh-keygen -R <ip> and it's done....
but if you really want to, i'm pretty sure ssh have an option to bypass known_host check. should be something like StrictHostKeyChecking . so you do ssh -o StrictHostKeyChecking=no

Don't use global path, use local path instead

vpsbot/lxcbot/main.py

Line 44 in 5bdbc14

sys.stdout = open('/root/lxcbot/logs.txt', 'w')

path like that sould be local and not global...
this could also be in config file. se by default to local then different installation would put their config file wherever they want

so by default I think you should do

filelocation=./myfiles/

and use it on every path possible

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.