Re: Problem with psftp in .NET.

The problem with trying to run an executable from an ASP.NET application is
that you are opening a potentially hazardous security issue with this
application, especially if this runs over the Internet. In general, it is
truly unadvisable to perform this type of function.

Now, if your goal is copy files from server to client's FTP site, then why
not use the functionality available in .NET. If you're using .NET 2.0,
there are FtpWebRequest and FtpWebResponse classes that can provide similar
functionality. In .NET 1.1, you can use the WebRequest and WebResponse
classes to create FTP functionality.
--
Christopher A. Reed
"The oxen are slow, but the earth is patient."

"Incorrect filenames in download link."
<Incorrectfilenamesindownloadlink@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:53FF79DF-E413-4640-B468-A5B0F2EAB94F@xxxxxxxxxxxxxxxx
Thanks for your response.

"Christopher Reed" wrote:

If you're trying to launch a program from an ASP.NET application, keep in
mind that you are asking the server to run this application, not the
client.
Any commands that are executed in the server-side code is run on the
server.

Yes, I know its run on server side.

Additionally, why do you want to run an EXE from a web application. From
a
security perspective, this is very ill-advised.

What do you really want to do?

I am automating the transfering files from server to clients PSFTP site.
'psftp.exe' is a command line program for transferring files.

My doubts:

1) As i told before that command is running fine through command prompt
and
also working fine in .net console application. But it is not working in
web
application. May be some security settings are blocking the connection to
site.

2) Web application is accessing the system as a ASPNET user not the
administrator user. When we run the command through command prompt we are
administrator users so it is working fine. May be there is a problem with
this type of user access.

Please give your valuable information,
Thanks.


.

Relevant Pages

  • [UNIX] Serious Flaw in Unreal IRCd (Server Linking, Svsnick)
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Let us take a quick look at how the Unreal IRCd linking protocol works: ... SERVER 1 ... the bug is in the JOIN command. ...
    (Securiteam)
  • Re: Executing a locally installed program in IIS 6
    ... I agree that this is a security hole and am looking into ... >vulnerability on Windows Server 2003 in order to function ... but the underlying problem is PHP ... >then the shell command will work. ...
    (microsoft.public.inetserver.misc)
  • Re: Forcing client logoff from the server
    ... > If you are mostly concerned about the server, ... > AT command to schedule a stop of the server service and then a start of it ... > options in security policy for logging users off from domain smb resources ...
    (microsoft.public.win2000.security)
  • [UNIX] XChat /dns Command Execution Vulnerability
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... There is an issue by the way XChat handle the /exec command, ... the attacker would need to force a server to respond ...
    (Securiteam)
  • Security event log
    ... i´m making a backup of the log event of a server. ... i can read all events except the 'Security' events. ... an Administrator user. ...
    (microsoft.public.scripting.vbscript)