Unfortunately, that did not seem to do the trick: ktneely@piglet:~⟫ redis-cli FLUSHDB OK ktneely@piglet:~⟫ redis-cli FLUSHALL OK
Yet, when I go to port 3000, enter in admin:admin, it still sits at the login page, rather than logging me in. K On 07/26/2014 03:48 PM, Spider s wrote: > Hello kevin. > > use this: > > sudo tcpdump -vv -XX -i eth0 port 3000 > > With -XX you can see the package . > > > Yes kevin, we see redis take the password.check into the package with XX > > If the password is on the package, i think you must flush database, > and use admin admin for login again > > > Try this if the passwors exist. > > > on Shell > > redis-cli FLUSHDB > redis-cli FLUSHALL > > > Regards. > > > On Sat, Jul 26, 2014 at 11:54 PM, Kevin Neely > <[email protected] <mailto:[email protected]>> wrote: > > Yup, redis is receiving the password, according to the monitor > command. > > here are the results from monitoring redis: > > 1406411141.705469 [0 127.0.0.1:42104 <http://127.0.0.1:42104>] > "GET" "user.admin.password" > 1406411141.765239 [0 127.0.0.1:42104 <http://127.0.0.1:42104>] > "LPOP" "dns.toresolve" > 1406411142.173654 [0 127.0.0.1:42104 <http://127.0.0.1:42104>] > "LPOP" "dns.toresolve" > > > And here is the traffic dump. ktneely-laptop is the client and > piglet is the system running ntopng > > > ktneely@piglet:/tmp⟫ sudo tcpdump -vv -i eth0 port 3000 > tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture > size 65535 byte > s > 14:48:35.216218 IP (tos 0x0, ttl 64, id 58957, offset 0, flags > [DF], proto TCP ( > 6), length 64) > ktneely-laptop.local.57828 > piglet.local.3000: Flags [S], > cksum 0xf21e (cor > rect), seq 812530630, win 65535, options [mss 1460,nop,wscale > 4,nop,nop,TS val 9 > 38422175 ecr 0,sackOK,eol], length 0 > 14:48:35.216266 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], > proto TCP (6), > length 60) > piglet.local.3000 > ktneely-laptop.local.57828: Flags [S.], > cksum 0x83ae (in > correct -> 0xdcd4), seq 3250767805, ack 812530631, win 28960, > options [mss 1460, > sackOK,TS val 127083527 ecr 938422175,nop,wscale 7], length 0 > 14:48:35.395977 IP (tos 0x0, ttl 64, id 9524, offset 0, flags > [DF], proto TCP (6 > ), length 52) > ktneely-laptop.local.57828 > piglet.local.3000: Flags [.], > cksum 0x5ba4 (cor > rect), seq 1, ack 1, win 8235, options [nop,nop,TS val 938422417 > ecr 127083527], > length 0 > 14:48:35.396252 IP (tos 0x0, ttl 64, id 861, offset 0, flags [DF], > proto TCP (6) > , length 512) > ktneely-laptop.local.57828 > piglet.local.3000: Flags [P.], > cksum 0x02ce (co > rrect), seq 1:461, ack 1, win 8235, options [nop,nop,TS val > 938422417 ecr 127083 > 527], length 460 > 14:48:35.396280 IP (tos 0x0, ttl 64, id 58250, offset 0, flags > [DF], proto TCP ( > 6), length 52) > piglet.local.3000 > ktneely-laptop.local.57828: Flags [.], > cksum 0x83a6 (inc > orrect -> 0x78eb), seq 1, ack 461, win 235, options [nop,nop,TS > val 127083572 ec > r 938422417], length 0 > 14:48:35.396457 IP (tos 0x0, ttl 64, id 58251, offset 0, flags > [DF], proto TCP ( > 6), length 187) > piglet.local.3000 > ktneely-laptop.local.57828: Flags [P.], > cksum 0x842d (in > correct -> 0x2163), seq 1:136, ack 461, win 235, options > [nop,nop,TS val 1270835 > 72 ecr 938422417], length 135 > 14:48:35.396477 IP (tos 0x0, ttl 64, id 58252, offset 0, flags > [DF], proto TCP ( > 6), length 52) > piglet.local.3000 > ktneely-laptop.local.57828: Flags [F.], > cksum 0x83a6 (in > correct -> 0x7863), seq 136, ack 461, win 235, options [nop,nop,TS > val 127083572 > ecr 938422417], length 0 > 14:48:35.595580 IP (tos 0x0, ttl 64, id 46630, offset 0, flags > [DF], proto TCP ( > 6), length 52) > ktneely-laptop.local.57828 > piglet.local.3000: Flags [.], > cksum 0x586a (cor > rect), seq 461, ack 136, win 8227, options [nop,nop,TS val > 938422611 ecr 1270835 > 72], length 0 > 14:48:35.595602 IP (tos 0x0, ttl 64, id 15321, offset 0, flags > [DF], proto TCP ( > 6), length 52) > ktneely-laptop.local.57828 > piglet.local.3000: Flags [.], > cksum 0x5869 (cor > rect), seq 461, ack 137, win 8227, options [nop,nop,TS val > 938422611 ecr 1270835 > 72], length 0 > 14:48:35.596001 IP (tos 0x0, ttl 64, id 61499, offset 0, flags > [DF], proto TCP ( > 6), length 52) > ktneely-laptop.local.57828 > piglet.local.3000: Flags [F.], > cksum 0x5868 (co > rrect), seq 461, ack 137, win 8227, options [nop,nop,TS val > 938422611 ecr 127083 > 572], length 0 > 14:48:35.596026 IP (tos 0x0, ttl 64, id 52588, offset 0, flags > [DF], proto TCP ( > 6), length 52) > piglet.local.3000 > ktneely-laptop.local.57828: Flags [.], > cksum 0x776e (cor > rect), seq 137, ack 462, win 235, options [nop,nop,TS val > 127083622 ecr 93842261 > 1], length 0 > 14:48:35.622653 IP (tos 0x0, ttl 64, id 28558, offset 0, flags > [DF], proto TCP ( > 6), length 64) > ktneely-laptop.local.57829 > piglet.local.3000: Flags [S], > cksum 0xa25d (cor > rect), seq 325625536, win 65535, options [mss 1460,nop,wscale > 4,nop,nop,TS val 9 > 38422635 ecr 0,sackOK,eol], length 0 > 14:48:35.622698 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], > proto TCP (6), > length 60) > piglet.local.3000 > ktneely-laptop.local.57829: Flags [S.], > cksum 0x83ae (in > correct -> 0x8e18), seq 23234227, ack 325625537, win 28960, > options [mss 1460,sa > ckOK,TS val 127083629 ecr 938422635,nop,wscale 7], length 0 > 14:48:35.878410 IP (tos 0x0, ttl 64, id 30807, offset 0, flags > [DF], proto TCP ( > 6), length 64) > ktneely-laptop.local.57830 > piglet.local.3000: Flags [S], > cksum 0x3db7 (cor > rect), seq 1625341172, win 65535, options [mss 1460,nop,wscale > 4,nop,nop,TS val > 938422884 ecr 0,sackOK,eol], length 0 > 14:48:35.878438 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], > proto TCP (6), > length 60) > piglet.local.3000 > ktneely-laptop.local.57830: Flags [S.], > cksum 0x83ae (in > correct -> 0xf9a5), seq 1031764514, ack 1625341173, win 28960, > options [mss 1460 > ,sackOK,TS val 127083693 ecr 938422884,nop,wscale 7], length 0 > 14:48:35.997077 IP (tos 0x0, ttl 64, id 22302, offset 0, flags > [DF], proto TCP ( > 6), length 52) > ktneely-laptop.local.57829 > piglet.local.3000: Flags [.], > cksum 0x0c7f (cor > rect), seq 1, ack 1, win 8235, options [nop,nop,TS val 938422982 > ecr 127083629], > length 0 > 14:48:35.997141 IP (tos 0x0, ttl 64, id 15666, offset 0, flags > [DF], proto TCP ( > 6), length 409) > ktneely-laptop.local.57829 > piglet.local.3000: Flags [P.], > cksum 0x5a1b (co > rrect), seq 1:358, ack 1, win 8235, options [nop,nop,TS val > 938422982 ecr 127083 > 629], length 357 > 14:48:35.997165 IP (tos 0x0, ttl 64, id 41599, offset 0, flags > [DF], proto TCP ( > 6), length 52) > piglet.local.3000 > ktneely-laptop.local.57829: Flags [.], > cksum 0x83a6 (inc > orrect -> 0x29fc), seq 1, ack 358, win 235, options [nop,nop,TS > val 127083723 ec > r 938422982], length 0 > 14:48:35.997506 IP (tos 0x0, ttl 64, id 41600, offset 0, flags > [DF], proto TCP ( > 6), length 265) > piglet.local.3000 > ktneely-laptop.local.57829: Flags [P.], > cksum 0x847b (in > correct -> 0xd29c), seq 1:214, ack 358, win 235, options > [nop,nop,TS val 1270837 > 23 ecr 938422982], length 213 > 14:48:35.997599 IP (tos 0x0, ttl 64, id 41601, offset 0, flags > [DF], proto TCP ( > 6), length 1500) > piglet.local.3000 > ktneely-laptop.local.57829: Flags [.], > cksum 0x894e (inc > orrect -> 0x496c), seq 214:1662, ack 358, win 235, options > [nop,nop,TS val 12708 > 3723 ecr 938422982], length 1448 > 14:48:35.997683 IP (tos 0x0, ttl 64, id 41602, offset 0, flags > [DF], proto TCP ( > 6), length 1450) > piglet.local.3000 > ktneely-laptop.local.57829: Flags [FP.], > cksum 0x891c (i > ncorrect -> 0x4ba4), seq 1662:3060, ack 358, win 235, options > [nop,nop,TS val 12 > 7083723 ecr 938422982], length 1398 > 14:48:36.086741 IP (tos 0x0, ttl 64, id 42124, offset 0, flags > [DF], proto TCP ( > 6), length 52) > ktneely-laptop.local.57830 > piglet.local.3000: Flags [.], > cksum 0x7892 (cor > rect), seq 1, ack 1, win 8235, options [nop,nop,TS val 938423097 > ecr 127083693], > length 0 > 14:48:36.225476 IP (tos 0x0, ttl 64, id 41214, offset 0, flags > [DF], proto TCP ( > 6), length 52) > ktneely-laptop.local.57829 > piglet.local.3000: Flags [.], > cksum 0x08ee (cor > rect), seq 358, ack 214, win 8222, options [nop,nop,TS val > 938423244 ecr 1270837 > 23], length 0 > 14:48:36.267069 IP (tos 0x0, ttl 64, id 4835, offset 0, flags > [DF], proto TCP (6 > ), length 52) > ktneely-laptop.local.57829 > piglet.local.3000: Flags [.], > cksum 0xfe1b (cor > rect), seq 358, ack 3061, win 8104, options [nop,nop,TS val > 938423285 ecr 127083 > 723], length 0 > 14:48:36.267104 IP (tos 0x0, ttl 64, id 5568, offset 0, flags > [DF], proto TCP (6 > ), length 52) > piglet.local.3000 > ktneely-laptop.local.57829: Flags [.], > cksum 0x1701 (correct), seq 3061, ack 359, win 235, options > [nop,nop,TS val 127084077 ecr 938424426], length 0 > 14:48:41.084582 IP (tos 0x0, ttl 64, id 38586, offset 0, flags > [DF], proto TCP (6), length 52) > ktneely-laptop.local.57830 > piglet.local.3000: Flags [F.], > cksum 0x651a (correct), seq 1, ack 1, win 8235, options > [nop,nop,TS val 938428080 ecr 127083693], length 0 > 14:48:41.084673 IP (tos 0x0, ttl 64, id 24258, offset 0, flags > [DF], proto TCP (6), length 120) > piglet.local.3000 > ktneely-laptop.local.57830: Flags [P.], > cksum 0x83ea (incorrect -> 0x47a2), seq 1:69, ack 2, win 227, > options [nop,nop,TS val 127084995 ecr 938428080], length 68 > 14:48:41.084723 IP (tos 0x0, ttl 64, id 24259, offset 0, flags > [DF], proto TCP (6), length 100) > piglet.local.3000 > ktneely-laptop.local.57830: Flags [FP.], > cksum 0x83d6 (incorrect -> 0xbc73), seq 69:117, ack 2, win 227, > options [nop,nop,TS val 127084995 ecr 938428080], length 48 > 14:48:41.377999 IP (tos 0x0, ttl 64, id 20584, offset 0, flags > [DF], proto TCP (6), length 52) > ktneely-laptop.local.57830 > piglet.local.3000: Flags [.], > cksum 0x5ea3 (correct), seq 2, ack 69, win 8231, options > [nop,nop,TS val 938428369 ecr 127084995], length 0 > 14:48:41.378042 IP (tos 0x0, ttl 64, id 4240, offset 0, flags > [DF], proto TCP (6), length 52) > ktneely-laptop.local.57830 > piglet.local.3000: Flags [.], > cksum 0x5e75 (correct), seq 2, ack 118, win 8228, options > [nop,nop,TS val 938428369 ecr 127084995], length 0 > > > > > > On 07/24/2014 09:06 AM, Spider s wrote: >> Hello again, more easy for debug. >> >> Yo can use redis client and monitor, and check if password was send. >> >> Do this on shell >> : >> redis-cli >> >> monitor >> >> >> Now go to the web and try login. >> >> You must see any similar to this: >> >> >> 1406217237.542554 "LPOP" "dns.toresolve" >> 1406217237.642430 "LPOP" "dns.toresolve" >> 1406217238.542795 "LPOP" "dns.toresolve" >> 1406217238.642616 "LPOP" "dns.toresolve" >> 1406217238.697366 "GET" "user.admin.password" >> >> Now you can check if password was send to redis. >> >> >> If not try reset complete database, if is corrupt you need flush. >> >> >> >> (from Shell) >> >> redis-cli FLUSHDB >> redis-cli FLUSHALL >> >> >> Remove redis-cli if you are into redis-cli. >> >> With this you lost all users from DB. >> Let me know when you solve it. >> Regards. >> >> >> On Thu, Jul 24, 2014 at 5:41 PM, Spider s >> <[email protected] <mailto:[email protected]>> wrote: >> >> Hello, kevin try this: >> >> >> tcpdump -i venet0:0 -vv -XX port 3000 >> >> Port 3000 if use default port. >> >> >> With this you can see all packets send to port 3000, and >> check if we send the password, or is a redis error. >> >> >> xx.xxx.xxx.xxx > vps.com.3000: Flags [P.], cksum 0xc8a1 >> (correct), seq 1:449, ack 1, win 4380, length 448 >> 0x0000: 0000 ffff 0000 0000 0000 0000 0000 0800 >> ................ >> 0x0010: 4500 01e8 4808 4000 6e06 87dd 5981 3cec >> [email protected] <mailto:[email protected]>.<. >> 0x0020: 17ef 8cce 0a5e 0bb8 79df bce4 a162 b986 >> .....^..y....b.. >> 0x0030: 5018 111c c8a1 0000 504f 5354 202f 6175 >> P.......POST./au >> 0x0040: 7468 6f72 697a 652e 6874 6d6c 2048 5454 >> thorize.html.HTT >> 0x0050: 502f 312e 310d 0a41 6363 6570 743a 2074 >> P/1.1..Accept:.t >> 0x0060: 6578 742f 6874 6d6c 2c20 6170 706c 6963 >> ext/html,.applic >> 0x0070: 6174 696f 6e2f 7868 746d 6c2b 786d 6c2c >> ation/xhtml+xml, >> 0x0080: 202a 2f2a 0d0a 5265 6665 7265 723a 2068 >> .*/*..Referer:.h >> 0x0090: 7474 703a 2f2f 3233 2e32 3339 2e31 3430 >> ttp://23.239.140 >> 0x00a0: 2e32 3036 3a33 3030 302f 6c6f 6769 6e2e >> .206:3000/login. >> 0x00b0: 6874 6d6c 0d0a 4163 6365 7074 2d4c 616e >> html..Accept-Lan >> 0x00c0: 6775 6167 653a 2065 732d 4553 0d0a 5573 >> guage:.es-ES..Us >> 0x00d0: 6572 2d41 6765 6e74 3a20 4d6f 7a69 6c6c >> er-Agent:.Mozill >> 0x00e0: 612f 352e 3020 2857 696e 646f 7773 204e >> a/5.0.(Windows.N >> 0x00f0: 5420 362e 313b 2057 4f57 3634 3b20 5472 >> T.6.1;.WOW64;.Tr >> 0x0100: 6964 656e 742f 372e 303b 2072 763a 3131 >> ident/7.0;.rv:11 >> 0x0110: 2e30 2920 6c69 6b65 2047 6563 6b6f 0d0a >> .0).like.Gecko.. >> 0x0120: 436f 6e74 656e 742d 5479 7065 3a20 6170 >> Content-Type:.ap >> 0x0130: 706c 6963 6174 696f 6e2f 782d 7777 772d >> plication/x-www- >> 0x0140: 666f 726d 2d75 726c 656e 636f 6465 640d >> form-urlencoded. >> 0x0150: 0a41 6363 6570 742d 456e 636f 6469 6e67 >> .Accept-Encoding >> 0x0160: 3a20 677a 6970 2c20 6465 666c 6174 650d >> :.gzip,.deflate. >> 0x0170: 0a48 6f73 743a 2032 332e 3233 392e 3134 >> .Host:.23.239.14 >> 0x0180: 302e 3230 363a 3330 3030 0d0a 436f 6e74 >> 0.206:3000..Cont >> 0x0190: 656e 742d 4c65 6e67 7468 3a20 3239 0d0a >> ent-Length:.29.. >> 0x01a0: 444e 543a 2031 0d0a 436f 6e6e 6563 7469 >> DNT:.1..Connecti >> 0x01b0: 6f6e 3a20 4b65 6570 2d41 6c69 7665 0d0a >> on:.Keep-Alive.. >> 0x01c0: 4361 6368 652d 436f 6e74 726f 6c3a 206e >> Cache-Control:.n >> 0x01d0: 6f2d 6361 6368 650d 0a0d 0a75 7365 723d >> o-cache....user= >> 0x01e0: 6164 6d69 6e26 7061 7373 776f 7264 3d70 >> admin&password=p >> 0x01f0: 6173 7361 646d 696e >> assadmin >> >> >> In this example you can see at end the (user and pass) is send. >> >> With tcpdump you can see a lot of data, but try search this. >> and you can check the password was sent (i use password >> passadmin for the example) >> >> Good luck, regards. >> >> >> On Thu, Jul 24, 2014 at 11:24 AM, Filippo Fontanelli >> <[email protected] <mailto:[email protected]>> wrote: >> >> Kevin, >> >> could you please give me the access to the system to >> check what’s going on with the issue you have. >> >> Regards, >> Filippo >> >> >> On 24 Jul 2014, at 04:58, Kevin T. Neely >> <[email protected] >> <mailto:[email protected]>> wrote: >> >>> I am also running the latest stable. I have tried the >>> password reset option as mentioned by Spider, to no >>> avail. The system still ignores an input password and >>> remains at the web login screen. >>> >>> thanks for any help! >>> >>> >>> On Wed, Jul 23, 2014 at 12:41 AM, Guillaume CHARDIN >>> <[email protected] >>> <mailto:[email protected]>> wrote: >>> >>> Hi Filippo, >>> >>> > Do you use SVN code? >>> I do not use SVN code, i use the last stable : >>> ntopng-1.1_6932. >>> >>> > Do you have an old installation (make install) of >>> ntopng in your system? >>> I do not have old install files, but still have >>> source and compiled >>> bin in my system in /$user/ntopng-1.1_6932 >>> I always start ntopng with full path. >>> >>> I can give you access to remote server. I'll contact >>> you in private for details. >>> >>> thanks for your help. >>> >>> 2014-07-23 9:31 GMT+02:00 Filippo Fontanelli >>> <[email protected] <mailto:[email protected]>>: >>> > Guillaume >>> > could you please give me the access to the system >>> to check what’s going on with the issue you have. >>> > >>> >>> > >>> >>> > >>> > Filippo >>> > >>> > On 23 Jul 2014, at 09:27, Guillaume CHARDIN >>> <[email protected] >>> <mailto:[email protected]>> wrote: >>> > >>> >> 2014-07-22 17:41 GMT+02:00 Spider s >>> <[email protected] >>> <mailto:[email protected]>>: >>> >>> redis-cli SET user.admin.password >>> b281ec101ca19823d11b1c54a35e1412 >>> >>> The pass is md5, now is "elpassquesea" >>> >> I tried this but nothing change. >>> >> >>> >> >>> >> After waiting a looooong time, username and >>> password bow appears but >>> >> with no CSS. I entered my admin account and right >>> after it redirect to >>> >> http://192.168.10.8:3000/authorize.html and a 404 >>> error : >>> >> Error 404: Not Found File not found >>> >> on httpdocs, autorize.html does not exist but >>> maybe it's handled by >>> >> some urlrewrite or something like that. >>> >> >>> >> console Logs : >>> >> [...] Purged 2/219 idle hosts >>> >> 23/Jul/2014 09:19:15 [HTTPserver.cpp:257] [HTTP] / >>> >> 23/Jul/2014 09:19:15 [HTTPserver.cpp:257] [HTTP] >>> >> /bootstrap/css/bootstrap.min.css >>> >> 23/Jul/2014 09:19:15 [HTTPserver.cpp:257] [HTTP] >>> /js/d3.v2.min.js >>> >> 23/Jul/2014 09:19:15 [HTTPserver.cpp:257] [HTTP] >>> /js/rickshaw.min.js >>> >> 23/Jul/2014 09:19:16 [NetworkInterface.cpp:390] >>> Purged 6/324 idle flows >>> >> 23/Jul/2014 09:19:16 [HTTPserver.cpp:257] [HTTP] >>> /js/jquery.min.js >>> >> 23/Jul/2014 09:19:16 [HTTPserver.cpp:257] [HTTP] >>> /css/flags.css >>> >> 23/Jul/2014 09:19:17 [NetworkInterface.cpp:390] >>> Purged 6/353 idle flows >>> >> 23/Jul/2014 09:19:17 [NetworkInterface.cpp:394] >>> Purged 1/223 idle hosts >>> >> 23/Jul/2014 09:19:18 [NetworkInterface.cpp:390] >>> Purged 7/356 idle flows >>> >> [....] >>> >> >>> >> -- >>> >> Guillaume >>> >> _______________________________________________ >>> >> Ntop mailing list >>> >> [email protected] >>> <mailto:[email protected]> >>> >> http://listgateway.unipi.it/mailman/listinfo/ntop >>> > >>> > _______________________________________________ >>> > Ntop mailing list >>> > [email protected] >>> <mailto:[email protected]> >>> > http://listgateway.unipi.it/mailman/listinfo/ntop >>> >>> >>> >>> -- >>> Guillaume >>> _______________________________________________ >>> Ntop mailing list >>> [email protected] >>> <mailto:[email protected]> >>> http://listgateway.unipi.it/mailman/listinfo/ntop >>> >>> >>> _______________________________________________ >>> Ntop mailing list >>> [email protected] <mailto:[email protected]> >>> http://listgateway.unipi.it/mailman/listinfo/ntop >> >> >> _______________________________________________ >> Ntop mailing list >> [email protected] <mailto:[email protected]> >> http://listgateway.unipi.it/mailman/listinfo/ntop >> >> >> >> >> >> _______________________________________________ >> Ntop mailing list >> [email protected] <mailto:[email protected]> >> http://listgateway.unipi.it/mailman/listinfo/ntop > > > _______________________________________________ > Ntop mailing list > [email protected] <mailto:[email protected]> > http://listgateway.unipi.it/mailman/listinfo/ntop > > > > > _______________________________________________ > Ntop mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
