Yup, redis is receiving the password, according to the monitor command.
here are the results from monitoring redis:
1406411141.705469 [0 127.0.0.1:42104] "GET" "user.admin.password"
1406411141.765239 [0 127.0.0.1:42104] "LPOP" "dns.toresolve"
1406411142.173654 [0 127.0.0.1:42104] "LPOP" "dns.toresolve"
And here is the traffic dump. ktneely-laptop is the client and piglet
is the system running ntopng
ktneely@piglet:/tmp⟫ sudo tcpdump -vv -i eth0 port 3000
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size
65535 byte
s
14:48:35.216218 IP (tos 0x0, ttl 64, id 58957, offset 0, flags [DF],
proto TCP (
6), length 64)
ktneely-laptop.local.57828 > piglet.local.3000: Flags [S], cksum
0xf21e (cor
rect), seq 812530630, win 65535, options [mss 1460,nop,wscale
4,nop,nop,TS val 9
38422175 ecr 0,sackOK,eol], length 0
14:48:35.216266 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto
TCP (6),
length 60)
piglet.local.3000 > ktneely-laptop.local.57828: Flags [S.], cksum
0x83ae (in
correct -> 0xdcd4), seq 3250767805, ack 812530631, win 28960, options
[mss 1460,
sackOK,TS val 127083527 ecr 938422175,nop,wscale 7], length 0
14:48:35.395977 IP (tos 0x0, ttl 64, id 9524, offset 0, flags [DF],
proto TCP (6
), length 52)
ktneely-laptop.local.57828 > piglet.local.3000: Flags [.], cksum
0x5ba4 (cor
rect), seq 1, ack 1, win 8235, options [nop,nop,TS val 938422417 ecr
127083527],
length 0
14:48:35.396252 IP (tos 0x0, ttl 64, id 861, offset 0, flags [DF], proto
TCP (6)
, length 512)
ktneely-laptop.local.57828 > piglet.local.3000: Flags [P.], cksum
0x02ce (co
rrect), seq 1:461, ack 1, win 8235, options [nop,nop,TS val 938422417
ecr 127083
527], length 460
14:48:35.396280 IP (tos 0x0, ttl 64, id 58250, offset 0, flags [DF],
proto TCP (
6), length 52)
piglet.local.3000 > ktneely-laptop.local.57828: Flags [.], cksum
0x83a6 (inc
orrect -> 0x78eb), seq 1, ack 461, win 235, options [nop,nop,TS val
127083572 ec
r 938422417], length 0
14:48:35.396457 IP (tos 0x0, ttl 64, id 58251, offset 0, flags [DF],
proto TCP (
6), length 187)
piglet.local.3000 > ktneely-laptop.local.57828: Flags [P.], cksum
0x842d (in
correct -> 0x2163), seq 1:136, ack 461, win 235, options [nop,nop,TS val
1270835
72 ecr 938422417], length 135
14:48:35.396477 IP (tos 0x0, ttl 64, id 58252, offset 0, flags [DF],
proto TCP (
6), length 52)
piglet.local.3000 > ktneely-laptop.local.57828: Flags [F.], cksum
0x83a6 (in
correct -> 0x7863), seq 136, ack 461, win 235, options [nop,nop,TS val
127083572
ecr 938422417], length 0
14:48:35.595580 IP (tos 0x0, ttl 64, id 46630, offset 0, flags [DF],
proto TCP (
6), length 52)
ktneely-laptop.local.57828 > piglet.local.3000: Flags [.], cksum
0x586a (cor
rect), seq 461, ack 136, win 8227, options [nop,nop,TS val 938422611 ecr
1270835
72], length 0
14:48:35.595602 IP (tos 0x0, ttl 64, id 15321, offset 0, flags [DF],
proto TCP (
6), length 52)
ktneely-laptop.local.57828 > piglet.local.3000: Flags [.], cksum
0x5869 (cor
rect), seq 461, ack 137, win 8227, options [nop,nop,TS val 938422611 ecr
1270835
72], length 0
14:48:35.596001 IP (tos 0x0, ttl 64, id 61499, offset 0, flags [DF],
proto TCP (
6), length 52)
ktneely-laptop.local.57828 > piglet.local.3000: Flags [F.], cksum
0x5868 (co
rrect), seq 461, ack 137, win 8227, options [nop,nop,TS val 938422611
ecr 127083
572], length 0
14:48:35.596026 IP (tos 0x0, ttl 64, id 52588, offset 0, flags [DF],
proto TCP (
6), length 52)
piglet.local.3000 > ktneely-laptop.local.57828: Flags [.], cksum
0x776e (cor
rect), seq 137, ack 462, win 235, options [nop,nop,TS val 127083622 ecr
93842261
1], length 0
14:48:35.622653 IP (tos 0x0, ttl 64, id 28558, offset 0, flags [DF],
proto TCP (
6), length 64)
ktneely-laptop.local.57829 > piglet.local.3000: Flags [S], cksum
0xa25d (cor
rect), seq 325625536, win 65535, options [mss 1460,nop,wscale
4,nop,nop,TS val 9
38422635 ecr 0,sackOK,eol], length 0
14:48:35.622698 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto
TCP (6),
length 60)
piglet.local.3000 > ktneely-laptop.local.57829: Flags [S.], cksum
0x83ae (in
correct -> 0x8e18), seq 23234227, ack 325625537, win 28960, options [mss
1460,sa
ckOK,TS val 127083629 ecr 938422635,nop,wscale 7], length 0
14:48:35.878410 IP (tos 0x0, ttl 64, id 30807, offset 0, flags [DF],
proto TCP (
6), length 64)
ktneely-laptop.local.57830 > piglet.local.3000: Flags [S], cksum
0x3db7 (cor
rect), seq 1625341172, win 65535, options [mss 1460,nop,wscale
4,nop,nop,TS val
938422884 ecr 0,sackOK,eol], length 0
14:48:35.878438 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto
TCP (6),
length 60)
piglet.local.3000 > ktneely-laptop.local.57830: Flags [S.], cksum
0x83ae (in
correct -> 0xf9a5), seq 1031764514, ack 1625341173, win 28960, options
[mss 1460
,sackOK,TS val 127083693 ecr 938422884,nop,wscale 7], length 0
14:48:35.997077 IP (tos 0x0, ttl 64, id 22302, offset 0, flags [DF],
proto TCP (
6), length 52)
ktneely-laptop.local.57829 > piglet.local.3000: Flags [.], cksum
0x0c7f (cor
rect), seq 1, ack 1, win 8235, options [nop,nop,TS val 938422982 ecr
127083629],
length 0
14:48:35.997141 IP (tos 0x0, ttl 64, id 15666, offset 0, flags [DF],
proto TCP (
6), length 409)
ktneely-laptop.local.57829 > piglet.local.3000: Flags [P.], cksum
0x5a1b (co
rrect), seq 1:358, ack 1, win 8235, options [nop,nop,TS val 938422982
ecr 127083
629], length 357
14:48:35.997165 IP (tos 0x0, ttl 64, id 41599, offset 0, flags [DF],
proto TCP (
6), length 52)
piglet.local.3000 > ktneely-laptop.local.57829: Flags [.], cksum
0x83a6 (inc
orrect -> 0x29fc), seq 1, ack 358, win 235, options [nop,nop,TS val
127083723 ec
r 938422982], length 0
14:48:35.997506 IP (tos 0x0, ttl 64, id 41600, offset 0, flags [DF],
proto TCP (
6), length 265)
piglet.local.3000 > ktneely-laptop.local.57829: Flags [P.], cksum
0x847b (in
correct -> 0xd29c), seq 1:214, ack 358, win 235, options [nop,nop,TS val
1270837
23 ecr 938422982], length 213
14:48:35.997599 IP (tos 0x0, ttl 64, id 41601, offset 0, flags [DF],
proto TCP (
6), length 1500)
piglet.local.3000 > ktneely-laptop.local.57829: Flags [.], cksum
0x894e (inc
orrect -> 0x496c), seq 214:1662, ack 358, win 235, options [nop,nop,TS
val 12708
3723 ecr 938422982], length 1448
14:48:35.997683 IP (tos 0x0, ttl 64, id 41602, offset 0, flags [DF],
proto TCP (
6), length 1450)
piglet.local.3000 > ktneely-laptop.local.57829: Flags [FP.], cksum
0x891c (i
ncorrect -> 0x4ba4), seq 1662:3060, ack 358, win 235, options
[nop,nop,TS val 12
7083723 ecr 938422982], length 1398
14:48:36.086741 IP (tos 0x0, ttl 64, id 42124, offset 0, flags [DF],
proto TCP (
6), length 52)
ktneely-laptop.local.57830 > piglet.local.3000: Flags [.], cksum
0x7892 (cor
rect), seq 1, ack 1, win 8235, options [nop,nop,TS val 938423097 ecr
127083693],
length 0
14:48:36.225476 IP (tos 0x0, ttl 64, id 41214, offset 0, flags [DF],
proto TCP (
6), length 52)
ktneely-laptop.local.57829 > piglet.local.3000: Flags [.], cksum
0x08ee (cor
rect), seq 358, ack 214, win 8222, options [nop,nop,TS val 938423244 ecr
1270837
23], length 0
14:48:36.267069 IP (tos 0x0, ttl 64, id 4835, offset 0, flags [DF],
proto TCP (6
), length 52)
ktneely-laptop.local.57829 > piglet.local.3000: Flags [.], cksum
0xfe1b (cor
rect), seq 358, ack 3061, win 8104, options [nop,nop,TS val 938423285
ecr 127083
723], length 0
14:48:36.267104 IP (tos 0x0, ttl 64, id 5568, offset 0, flags [DF],
proto TCP (6
), length 52)
piglet.local.3000 > ktneely-laptop.local.57829: Flags [.], cksum
0x1701 (correct), seq 3061, ack 359, win 235, options [nop,nop,TS val
127084077 ecr 938424426], length 0
14:48:41.084582 IP (tos 0x0, ttl 64, id 38586, offset 0, flags [DF],
proto TCP (6), length 52)
ktneely-laptop.local.57830 > piglet.local.3000: Flags [F.], cksum
0x651a (correct), seq 1, ack 1, win 8235, options [nop,nop,TS val
938428080 ecr 127083693], length 0
14:48:41.084673 IP (tos 0x0, ttl 64, id 24258, offset 0, flags [DF],
proto TCP (6), length 120)
piglet.local.3000 > ktneely-laptop.local.57830: Flags [P.], cksum
0x83ea (incorrect -> 0x47a2), seq 1:69, ack 2, win 227, options
[nop,nop,TS val 127084995 ecr 938428080], length 68
14:48:41.084723 IP (tos 0x0, ttl 64, id 24259, offset 0, flags [DF],
proto TCP (6), length 100)
piglet.local.3000 > ktneely-laptop.local.57830: Flags [FP.], cksum
0x83d6 (incorrect -> 0xbc73), seq 69:117, ack 2, win 227, options
[nop,nop,TS val 127084995 ecr 938428080], length 48
14:48:41.377999 IP (tos 0x0, ttl 64, id 20584, offset 0, flags [DF],
proto TCP (6), length 52)
ktneely-laptop.local.57830 > piglet.local.3000: Flags [.], cksum
0x5ea3 (correct), seq 2, ack 69, win 8231, options [nop,nop,TS val
938428369 ecr 127084995], length 0
14:48:41.378042 IP (tos 0x0, ttl 64, id 4240, offset 0, flags [DF],
proto TCP (6), length 52)
ktneely-laptop.local.57830 > piglet.local.3000: Flags [.], cksum
0x5e75 (correct), seq 2, ack 118, win 8228, options [nop,nop,TS val
938428369 ecr 127084995], length 0
On 07/24/2014 09:06 AM, Spider s wrote:
> Hello again, more easy for debug.
>
> Yo can use redis client and monitor, and check if password was send.
>
> Do this on shell
> :
> redis-cli
>
> monitor
>
>
> Now go to the web and try login.
>
> You must see any similar to this:
>
>
> 1406217237.542554 "LPOP" "dns.toresolve"
> 1406217237.642430 "LPOP" "dns.toresolve"
> 1406217238.542795 "LPOP" "dns.toresolve"
> 1406217238.642616 "LPOP" "dns.toresolve"
> 1406217238.697366 "GET" "user.admin.password"
>
> Now you can check if password was send to redis.
>
>
> If not try reset complete database, if is corrupt you need flush.
>
>
>
> (from Shell)
>
> redis-cli FLUSHDB
> redis-cli FLUSHALL
>
>
> Remove redis-cli if you are into redis-cli.
>
> With this you lost all users from DB.
> Let me know when you solve it.
> Regards.
>
>
> On Thu, Jul 24, 2014 at 5:41 PM, Spider s <[email protected]
> <mailto:[email protected]>> wrote:
>
> Hello, kevin try this:
>
>
> tcpdump -i venet0:0 -vv -XX port 3000
>
> Port 3000 if use default port.
>
>
> With this you can see all packets send to port 3000, and check if
> we send the password, or is a redis error.
>
>
> xx.xxx.xxx.xxx > vps.com.3000: Flags [P.], cksum 0xc8a1 (correct),
> seq 1:449, ack 1, win 4380, length 448
> 0x0000: 0000 ffff 0000 0000 0000 0000 0000 0800
> ................
> 0x0010: 4500 01e8 4808 4000 6e06 87dd 5981 3cec
> [email protected].<.
> 0x0020: 17ef 8cce 0a5e 0bb8 79df bce4 a162 b986
> .....^..y....b..
> 0x0030: 5018 111c c8a1 0000 504f 5354 202f 6175
> P.......POST./au
> 0x0040: 7468 6f72 697a 652e 6874 6d6c 2048 5454
> thorize.html.HTT
> 0x0050: 502f 312e 310d 0a41 6363 6570 743a 2074
> P/1.1..Accept:.t
> 0x0060: 6578 742f 6874 6d6c 2c20 6170 706c 6963
> ext/html,.applic
> 0x0070: 6174 696f 6e2f 7868 746d 6c2b 786d 6c2c
> ation/xhtml+xml,
> 0x0080: 202a 2f2a 0d0a 5265 6665 7265 723a 2068
> .*/*..Referer:.h
> 0x0090: 7474 703a 2f2f 3233 2e32 3339 2e31 3430
> ttp://23.239.140
> 0x00a0: 2e32 3036 3a33 3030 302f 6c6f 6769 6e2e
> .206:3000/login.
> 0x00b0: 6874 6d6c 0d0a 4163 6365 7074 2d4c 616e
> html..Accept-Lan
> 0x00c0: 6775 6167 653a 2065 732d 4553 0d0a 5573
> guage:.es-ES..Us
> 0x00d0: 6572 2d41 6765 6e74 3a20 4d6f 7a69 6c6c
> er-Agent:.Mozill
> 0x00e0: 612f 352e 3020 2857 696e 646f 7773 204e
> a/5.0.(Windows.N
> 0x00f0: 5420 362e 313b 2057 4f57 3634 3b20 5472
> T.6.1;.WOW64;.Tr
> 0x0100: 6964 656e 742f 372e 303b 2072 763a 3131
> ident/7.0;.rv:11
> 0x0110: 2e30 2920 6c69 6b65 2047 6563 6b6f 0d0a
> .0).like.Gecko..
> 0x0120: 436f 6e74 656e 742d 5479 7065 3a20 6170
> Content-Type:.ap
> 0x0130: 706c 6963 6174 696f 6e2f 782d 7777 772d
> plication/x-www-
> 0x0140: 666f 726d 2d75 726c 656e 636f 6465 640d
> form-urlencoded.
> 0x0150: 0a41 6363 6570 742d 456e 636f 6469 6e67
> .Accept-Encoding
> 0x0160: 3a20 677a 6970 2c20 6465 666c 6174 650d
> :.gzip,.deflate.
> 0x0170: 0a48 6f73 743a 2032 332e 3233 392e 3134
> .Host:.23.239.14
> 0x0180: 302e 3230 363a 3330 3030 0d0a 436f 6e74
> 0.206:3000..Cont
> 0x0190: 656e 742d 4c65 6e67 7468 3a20 3239 0d0a
> ent-Length:.29..
> 0x01a0: 444e 543a 2031 0d0a 436f 6e6e 6563 7469
> DNT:.1..Connecti
> 0x01b0: 6f6e 3a20 4b65 6570 2d41 6c69 7665 0d0a
> on:.Keep-Alive..
> 0x01c0: 4361 6368 652d 436f 6e74 726f 6c3a 206e
> Cache-Control:.n
> 0x01d0: 6f2d 6361 6368 650d 0a0d 0a75 7365 723d
> o-cache....user=
> 0x01e0: 6164 6d69 6e26 7061 7373 776f 7264 3d70
> admin&password=p
> 0x01f0: 6173 7361 646d 696e assadmin
>
>
> In this example you can see at end the (user and pass) is send.
>
> With tcpdump you can see a lot of data, but try search this. and
> you can check the password was sent (i use password passadmin for
> the example)
>
> Good luck, regards.
>
>
> On Thu, Jul 24, 2014 at 11:24 AM, Filippo Fontanelli
> <[email protected] <mailto:[email protected]>> wrote:
>
> Kevin,
>
> could you please give me the access to the system to check
> what’s going on with the issue you have.
>
> Regards,
> Filippo
>
>
> On 24 Jul 2014, at 04:58, Kevin T. Neely
> <[email protected]
> <mailto:[email protected]>> wrote:
>
>> I am also running the latest stable. I have tried the
>> password reset option as mentioned by Spider, to no avail.
>> The system still ignores an input password and remains at the
>> web login screen.
>>
>> thanks for any help!
>>
>>
>> On Wed, Jul 23, 2014 at 12:41 AM, Guillaume CHARDIN
>> <[email protected]
>> <mailto:[email protected]>> wrote:
>>
>> Hi Filippo,
>>
>> > Do you use SVN code?
>> I do not use SVN code, i use the last stable :
>> ntopng-1.1_6932.
>>
>> > Do you have an old installation (make install) of
>> ntopng in your system?
>> I do not have old install files, but still have source
>> and compiled
>> bin in my system in /$user/ntopng-1.1_6932
>> I always start ntopng with full path.
>>
>> I can give you access to remote server. I'll contact you
>> in private for details.
>>
>> thanks for your help.
>>
>> 2014-07-23 9:31 GMT+02:00 Filippo Fontanelli
>> <[email protected] <mailto:[email protected]>>:
>> > Guillaume
>> > could you please give me the access to the system to
>> check what’s going on with the issue you have.
>> >
>>
>> >
>>
>> >
>> > Filippo
>> >
>> > On 23 Jul 2014, at 09:27, Guillaume CHARDIN
>> <[email protected]
>> <mailto:[email protected]>> wrote:
>> >
>> >> 2014-07-22 17:41 GMT+02:00 Spider s
>> <[email protected] <mailto:[email protected]>>:
>> >>> redis-cli SET user.admin.password
>> b281ec101ca19823d11b1c54a35e1412
>> >>> The pass is md5, now is "elpassquesea"
>> >> I tried this but nothing change.
>> >>
>> >>
>> >> After waiting a looooong time, username and password
>> bow appears but
>> >> with no CSS. I entered my admin account and right
>> after it redirect to
>> >> http://192.168.10.8:3000/authorize.html and a 404 error :
>> >> Error 404: Not Found File not found
>> >> on httpdocs, autorize.html does not exist but maybe
>> it's handled by
>> >> some urlrewrite or something like that.
>> >>
>> >> console Logs :
>> >> [...] Purged 2/219 idle hosts
>> >> 23/Jul/2014 09:19:15 [HTTPserver.cpp:257] [HTTP] /
>> >> 23/Jul/2014 09:19:15 [HTTPserver.cpp:257] [HTTP]
>> >> /bootstrap/css/bootstrap.min.css
>> >> 23/Jul/2014 09:19:15 [HTTPserver.cpp:257] [HTTP]
>> /js/d3.v2.min.js
>> >> 23/Jul/2014 09:19:15 [HTTPserver.cpp:257] [HTTP]
>> /js/rickshaw.min.js
>> >> 23/Jul/2014 09:19:16 [NetworkInterface.cpp:390] Purged
>> 6/324 idle flows
>> >> 23/Jul/2014 09:19:16 [HTTPserver.cpp:257] [HTTP]
>> /js/jquery.min.js
>> >> 23/Jul/2014 09:19:16 [HTTPserver.cpp:257] [HTTP]
>> /css/flags.css
>> >> 23/Jul/2014 09:19:17 [NetworkInterface.cpp:390] Purged
>> 6/353 idle flows
>> >> 23/Jul/2014 09:19:17 [NetworkInterface.cpp:394] Purged
>> 1/223 idle hosts
>> >> 23/Jul/2014 09:19:18 [NetworkInterface.cpp:390] Purged
>> 7/356 idle flows
>> >> [....]
>> >>
>> >> --
>> >> Guillaume
>> >> _______________________________________________
>> >> Ntop mailing list
>> >> [email protected]
>> <mailto:[email protected]>
>> >> http://listgateway.unipi.it/mailman/listinfo/ntop
>> >
>> > _______________________________________________
>> > Ntop mailing list
>> > [email protected]
>> <mailto:[email protected]>
>> > http://listgateway.unipi.it/mailman/listinfo/ntop
>>
>>
>>
>> --
>> Guillaume
>> _______________________________________________
>> Ntop mailing list
>> [email protected] <mailto:[email protected]>
>> http://listgateway.unipi.it/mailman/listinfo/ntop
>>
>>
>> _______________________________________________
>> Ntop mailing list
>> [email protected] <mailto:[email protected]>
>> http://listgateway.unipi.it/mailman/listinfo/ntop
>
>
> _______________________________________________
> Ntop mailing list
> [email protected] <mailto:[email protected]>
> http://listgateway.unipi.it/mailman/listinfo/ntop
>
>
>
>
>
> _______________________________________________
> Ntop mailing list
> [email protected]
> http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
