Home/ Questions/Q 8583697
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-11T21:35:58+00:00

I have used this script, but it is not serving me well anymore. I

  • 0

I have used this script, but it is not serving me well anymore. I have to visit mysite.com/serv.php to call the script. So, first here is the script:

$ip = "ip";
$user = "user";
$pass = "password";

if (!function_exists("ssh2_connect")) die("function ssh2_connect doesn't exist");

if(!($con = ssh2_connect($ip, 22))){
    echo "<font color='red'>fail: unable to establish connection</font>\n";
} else {   

    if(!ssh2_auth_password($con, $user, $pass)) {
        echo "fail: unable to authenticate";
    } else {
        echo "Sucessful";
        if (!($stream = ssh2_exec($con, "/home/boza/serv.sh" ))) {
            echo "fail: unable to execute command";
        } else {
            stream_set_blocking($stream, true);
            $data = "";
            while ($buf = fread($stream,4096)) {
                $data .= $buf;
            }
            fclose($stream);
        }
    }
}

The script works well, but I want to have some changes in it.
1. I would like to add md5 hash into it, to make it more secure
2. I would like for the script to not be executed when visiting serv.php, but by pressing a button to make an ajax call.
3. I would like there to be user feedback, like “sucessful” or “fail”… like I did now, with live ajax or something without refreshing site.

I have googled and I have tried to put md5(‘xxxx’) into the script, I have got a weird errors and I’m sure I was doing something wrong.

Could someone help me with this case please?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    you can use a form to launch script only when pressing a button like :

    $ip = "ip";
$user = "user";
$pass = "password";

if (!function_exists("ssh2_connect")) die("function ssh2_connect doesn't exist");
echo '<form action="#" method="POST">';
echo '<input type="submit" name="launch" value="1" />'
echo '</form>';

if($_POST['launch']==1){
    if(!($con = ssh2_connect($ip, 22))){
        echo "<font color='red'>fail: unable to establish connection</font>\n";
    } else {   

        if(!ssh2_auth_password($con, $user, $pass)) {
            echo "fail: unable to authenticate";
        } else {
            echo "Sucessful";
            if (!($stream = ssh2_exec($con, "/home/boza/serv.sh" ))) {
                echo "fail: unable to execute command";
            } else {
                stream_set_blocking($stream, true);
                $data = "";
                while ($buf = fread($stream,4096)) {
                    $data .= $buf;
                }
                fclose($stream);
            }
        }
    }
}

    and for password you can use “baba” class or if it is only a problem of source reading you can use a simple reversable encrypt function like a XOR encryption, BEWARE it is only to make the password not directly redable from source but it is not a perfect securisation

    example :

     function XORin($key='asimpletext', $text='pwd'){
     for($i=0;$i<strlen($text);$i++)
     {
         for($j=0;$j<strlen($key);$j++,$i++)
         {
             $outText .= $text{$i} ^ $key{$j};
         }
     }
     return $outText;
 }

 function XORout($key='asimpletext', $text='pwd'){(){
     for($i=0;$i<strlen($text);$i++)
     {
         for($j=0;$j<strlen($key);$j++,$i++)
         {
             $outText .= $key{$j} ^ $text{$i};
         }
     }
     return $outText;
 }
    • 0