def testAuthenticate(self): # Test can not work on the abstract base. if self.protocol.__class__ == Protocol: self.assertRaises(Exception, self.protocol.authenticate, self.account) return self.doConnect() # Password login. self.assertFalse(self.protocol.is_protocol_authenticated()) self.assertFalse(self.protocol.is_app_authenticated()) self.assertFalse(self.protocol.is_app_authorized()) self.protocol.authenticate(self.account, flush = False) self.assertTrue(self.protocol.response is not None) self.assertTrue(len(self.protocol.response) > 0) self.assertTrue(self.protocol.is_protocol_authenticated()) self.assertTrue(self.protocol.is_app_authenticated()) self.assertFalse(self.protocol.is_app_authorized()) # Key login. self.tearDown() self.setUp() key = PrivateKey.from_file('foo', keytype = 'rsa') account = Account(self.user, self.password, key = key) self.doConnect() self.assertFalse(self.protocol.is_protocol_authenticated()) self.assertFalse(self.protocol.is_app_authenticated()) self.assertFalse(self.protocol.is_app_authorized()) self.protocol.authenticate(account, flush = False) self.assertTrue(self.protocol.is_protocol_authenticated()) self.assertTrue(self.protocol.is_app_authenticated()) self.assertFalse(self.protocol.is_app_authorized())
def testAuthenticate(self): # Test can not work on the abstract base. if self.protocol.__class__ == Protocol: self.assertRaises(Exception, self.protocol.authenticate, self.account) return self.doConnect() # Password login. self.assertFalse(self.protocol.is_protocol_authenticated()) self.assertFalse(self.protocol.is_app_authenticated()) self.assertFalse(self.protocol.is_app_authorized()) self.protocol.authenticate(self.account, flush=False) self.assertTrue(self.protocol.response is not None) self.assertTrue(len(self.protocol.response) > 0) self.assertTrue(self.protocol.is_protocol_authenticated()) self.assertTrue(self.protocol.is_app_authenticated()) self.assertFalse(self.protocol.is_app_authorized()) # Key login. self.tearDown() self.setUp() key = PrivateKey.from_file('foo', keytype='rsa') account = Account(self.user, self.password, key=key) self.doConnect() self.assertFalse(self.protocol.is_protocol_authenticated()) self.assertFalse(self.protocol.is_app_authenticated()) self.assertFalse(self.protocol.is_app_authorized()) self.protocol.authenticate(account, flush=False) self.assertTrue(self.protocol.is_protocol_authenticated()) self.assertTrue(self.protocol.is_app_authenticated()) self.assertFalse(self.protocol.is_app_authorized())
def get_account_from_etree(node): """ Given a <account> node, this function returns a Exscript.Account instance. The following XML syntax is expected, whereby the children of <account> are all optional:: <account name="myaccount"> <password type="base64">Zm9v</password> <authorization-password type="cleartext">bar</authorization-password> <keyfile>/path/to/my/ssh/key</keyfile> </account> The <password> and <authorization-password> tags have an optional type attribute defaulting to 'cleartext'. Allowed values are 'cleartext' and 'base64'. @type node: lxml.etree.ElementNode @param node: A <account> element. @rtype: Exscript.Account @return: The resulting account. """ name = node.get('name', '').strip() password1_elem = node.find('password') password2_elem = node.find('authorization-password') keyfile = node.findtext('keyfile') if keyfile is None: key = None else: key = PrivateKey.from_file(keyfile) account = Exscript.Account(name, key = key) account.set_password(_get_password_from_node(password1_elem)) account.set_authorization_password(_get_password_from_node(password2_elem)) return account
def get_account_from_etree(node): """ Given a <account> node, this function returns a Exscript.Account instance. The following XML syntax is expected, whereby the children of <account> are all optional:: <account name="myaccount"> <password type="base64">Zm9v</password> <authorization-password type="cleartext">bar</authorization-password> <keyfile>/path/to/my/ssh/key</keyfile> </account> The <password> and <authorization-password> tags have an optional type attribute defaulting to 'cleartext'. Allowed values are 'cleartext' and 'base64'. @type node: lxml.etree.ElementNode @param node: A <account> element. @rtype: Exscript.Account @return: The resulting account. """ name = node.get('name', '').strip() password1_elem = node.find('password') password2_elem = node.find('authorization-password') keyfile = node.findtext('keyfile') if keyfile is None: key = None else: key = PrivateKey.from_file(keyfile) account = Exscript.Account(name, key=key) account.set_password(_get_password_from_node(password1_elem)) account.set_authorization_password(_get_password_from_node(password2_elem)) return account
import sys, unittest, re, os.path sys.path.insert(0, os.path.join(os.path.dirname(__file__), '..', '..', '..', 'src')) from ProtocolTest import ProtocolTest from Exscript.servers import SSHd from Exscript.protocols import SSH2 from Exscript import PrivateKey keyfile = os.path.join(os.path.dirname(__file__), 'id_rsa') key = PrivateKey.from_file(keyfile) class SSH2Test(ProtocolTest): CORRELATE = SSH2 def createDaemon(self): self.daemon = SSHd(self.hostname, self.port, self.device, key = key) def createProtocol(self): self.protocol = SSH2() def testConstructor(self): self.assert_(isinstance(self.protocol, SSH2)) def testLogin(self): self.assertRaises(IOError, ProtocolTest.testLogin, self) def testAuthenticate(self): self.assertRaises(IOError, ProtocolTest.testAuthenticate, self) def suite(): return unittest.TestLoader().loadTestsFromTestCase(SSH2Test)
# crash_id may not be set, if machine not present in initial vlist, if so then ignore log.info('Stopping running VM %s' % virtual_machine) conn.execute('vcrash %s' % crash_id) time.sleep(1) else: # conn.execute(start_command) lab_is_started = True first_match(conn, r'^The lab has been started') log.info('Lab started' ) # TODO: make this captured - need to debug capturing conn.send('exit') if key_filename: key = PrivateKey.from_file(key_filename) log.debug('Connecting to %s with username %s and key %s' % (host, username, key_filename)) accounts = [Account(username, key=key)] else: log.debug('Connecting to %s with username %s' % (host, username)) accounts = [Account(username)] hosts = ['ssh://%s' % host] verbosity = -1 start(accounts, hosts, start_lab, verbose=verbosity)
def testFromFile(self): self.key = PrivateKey.from_file(self.filename, self.password, 'dss') self.assertEqual(self.key.get_type(), 'dss') self.assertEqual(self.filename, self.key.get_filename()) self.assertEqual(self.password, self.key.get_password())
# crash_id may not be set, if machine not present in initial vlist, if so then ignore log.info('Stopping running VM %s' % virtual_machine) conn.execute('vcrash %s' % crash_id) time.sleep(1) else: # conn.execute(start_command) lab_is_started = True first_match(conn, r'^The lab has been started') log.info('Lab started') # TODO: make this captured - need to debug capturing conn.send('exit') if key_filename: key = PrivateKey.from_file(key_filename) log.debug('Connecting to %s with username %s and key %s' % (host, username, key_filename)) accounts = [Account(username, key=key)] else: log.debug('Connecting to %s with username %s' % (host, username)) accounts = [Account(username)] hosts = ['ssh://%s' % host] verbosity = -1 start(accounts, hosts, start_lab, verbose=verbosity)
from __future__ import absolute_import import sys import unittest import re import os.path sys.path.insert(0, os.path.join(os.path.dirname(__file__), '..', '..', '..')) from .ProtocolTest import ProtocolTest from Exscript.servers import SSHd from Exscript.protocols import SSH2 from Exscript import PrivateKey keyfile = os.path.join(os.path.dirname(__file__), 'id_rsa') key = PrivateKey.from_file(keyfile) class SSH2Test(ProtocolTest): CORRELATE = SSH2 def createDaemon(self): self.daemon = SSHd(self.hostname, self.port, self.device, key=key) def createProtocol(self): self.protocol = SSH2(timeout=1) def testConstructor(self): self.assertIsInstance(self.protocol, SSH2) def testLogin(self): self.assertRaises(IOError, ProtocolTest.testLogin, self)
def main(): args = args_parser() print_banner() host = args.host port = args.port username = args.username password = args.password privatekey = args.privatekey passphrase = args.passphrase keytype = args.keytype ssh = args.ssh telnet = args.telnet category = args.category plugin = args.plugin if plugin and (category == None): sys.exit(RED + '\n[!] No category\n' + ENDC) # Set host if host == None: host = raw_input('set host' + BLUE + ' > ' + ENDC) # Set service if (ssh == False) and (telnet == False): service = raw_input('set service [ssh|telnet]' + BLUE + ' > ' + ENDC) if service.lower() == 'ssh': ssh = True elif service.lower() == 'telnet': telnet = True if ssh: conn = SSH2() elif telnet: conn = Telnet() else: sys.exit(RED + '\n[!] Bad service type. Options: [ssh|telnet]\n' + ENDC) # Set username if username == None: username = raw_input('set username' + BLUE + ' > ' + ENDC) # Set password if (password == None) and (privatekey == None): password = getpass.getpass('set password (leave blank to enter a private key)' + BLUE + ' > ' + ENDC) #set privatekey if (password == None): #set privatekey if (privatekey == None): privatekey = getpass.getpass('set private key path' + BLUE + ' > ' + ENDC) #set passphrase if (passphrase == None): passphrase = getpass.getpass('set private key passphrase (optional)' + BLUE + ' > ' + ENDC) #set keytype if (keytype == None): keytype = raw_input('set keytype (optional)' + BLUE + ' > ' + ENDC) if (keytype != "") and (passphrase != ""): key = PrivateKey.from_file(privatekey, password=passphrase, keytype=keytype) elif (keytype != ""): key = PrivateKey.from_file(privatekey, password=passphrase) else: key = PrivateKey.from_file(privatekey) else: key = None # Create account account = Account(username, password, key = key) # Connect and login conn.connect(host, port) conn.login(account) # Try to disable history for current shell session conn.execute('unset HISTFILE') # Print info about used Exscript driver driver = conn.get_driver() print BLUE + '\n[i] Using driver: ' + ENDC + driver.name # Set logs directory logs_path = LOGS_PATH + '/' + host + '-' + str(int(time.time())) if category: print BLUE + '\n[i] Plugins category: ' + ENDC + category + '\n' dict_categories = {} dict_plugins = {} # Run single plugin if plugin: try: eval_file(conn, INSTALL_PATH + '/plugins/' + category + '/' + plugin) dict_plugins[plugin] = conn.response print ' %-20s' % (plugin) + '[' + GREEN + 'ok' + ENDC + ']' except: print ' %-20s' % (plugin) + '[' + RED + 'ko' + ENDC + ']' pass dict_categories[category] = dict_plugins # Run plugins by single category else: for plugin in sorted(os.listdir(INSTALL_PATH + '/plugins/' + category)): try: eval_file(conn, INSTALL_PATH + '/plugins/' + category + '/' + plugin) dict_plugins[plugin] = conn.response print ' %-20s' % (plugin) + '[' + GREEN + 'ok' + ENDC + ']' except: print ' %-20s' % (plugin) + '[' + RED + 'ko' + ENDC + ']' pass dict_categories[category] = dict_plugins # Run all plugins by category if (category == None) and (plugin == None): dict_categories = {} for category in sorted(os.listdir(INSTALL_PATH + '/plugins')): print BLUE + '\n[i] Plugins category: ' + ENDC + category + '\n' dict_plugins = {} for plugin in sorted(os.listdir(INSTALL_PATH + '/plugins/' + category)): try: eval_file(conn, INSTALL_PATH + '/plugins/' + category + '/' + plugin) dict_plugins[plugin] = conn.response print ' %-20s' % (plugin) + '[' + GREEN + 'ok' + ENDC + ']' except: print ' %-20s' % (plugin) + '[' + RED + 'ko' + ENDC + ']' pass dict_categories[category] = dict_plugins # Exit and close remote connection conn.send('exit\r') conn.close() # Generate report html_report(dict_categories, logs_path) print BLUE + '\n[i] Report saved to: ' + ENDC + logs_path + '/index.html\n'