Exemplo n.º 1
0
import hashlib
import os.path
import re

from libs import constants
from libs.getpass import getpass
from libs.cryptolib import encrypt_file
from libs.cryptolib import decrypt_file

askedaction = raw_input('What do you wanna do ? decrypt/encrypt - [D/e]: ')
if (re.match('^(?i)d(ecrypt|)$', askedaction) or not askedaction):
    action = 'decrypt'
elif (re.match('^(?i)e(ncrypt|)$', askedaction)):
    action = 'encrypt'
else:
    exit('Invalid value: "' + askedaction + '"')

askedfile = raw_input('What is the filename you want to ' + action + ' ? ')
if os.path.isfile(askedfile): file = askedfile
else: exit('Invalid filename: "' + askedfile + '"')

password = getpass('Please enter your password: '******'encrypt':
    encrypt_file(key, file)
    print('Encrypt "' + file + '" and save it in "' + file + '.enc"')
elif action == 'decrypt':
    outfile = raw_input('Name of clear file to be created ? ')
    decrypt_file(key, file, outfile)
    print('Decrypt "' + file + '" and save it to "' + outfile + '"')
Exemplo n.º 2
0
def main():
    p = argparse.ArgumentParser(usage='''
       %(prog)s -r "remote host"| -f "list of hosts" [options]
       %(prog)s -h #get help on numerous options
       ''' % {"prog": sys.argv[0]},
                                description='''
          A small tool to log into any piece of equipment with a decent CLI interface... 
          \nYou can pass a lot of options to comply with most of devices behavior.
          \n\n
          Note that if you ask %(prog)s to look for options in a file, that is "-o" option, 
          this file obviously contains your credentials, passwords,
          and thus MUST be encrypted using the "cipher.py" tool. 
                
          \n\nEnjoy ! 
       ''' % {"prog": sys.argv[0]},
                                conflict_handler='resolve')

    mut_excl_1 = p.add_mutually_exclusive_group()
    mut_excl_1.add_argument('-f',
                            '--hosts-file',
                            action='store',
                            type=str,
                            dest='array',
                            metavar='FILE',
                            help='file containing a list of hosts')
    mut_excl_1.add_argument('-r',
                            '--remote-host',
                            action='store',
                            type=str,
                            dest='remote',
                            metavar='REMOTE_HOSTNAME',
                            help='remote host name or IP')

    mut_excl_2 = p.add_mutually_exclusive_group()
    mut_excl_2.add_argument('-c',
                            '--command',
                            action='store',
                            type=str,
                            dest='cmd',
                            nargs='+',
                            metavar='COMMAND',
                            help='command(s) to be executed on remote host')
    mut_excl_2.add_argument('-cf',
                            '--command-file',
                            action='store',
                            type=str,
                            dest='cmdfile',
                            metavar='COMMAND_FILE',
                            help='file containing a list of commands')

    p.add_argument(
        '-d',
        '--debug',
        action='store_true',
        dest='debug',
        help='debug mode will out in clear all arguments passed to the script')
    p.add_argument('-i',
                   '--interact',
                   action='store_false',
                   dest='interact',
                   help='do not interact after connection')
    p.add_argument(
        '-j',
        '--jumphost-credentials',
        action='store',
        type=str,
        dest='jumphost',
        metavar='LIST',
        nargs='+',
        help=
        'an ordered list: (protocol,host,port,username,password,prompt,timeout,verbose)\nyou can omit latest elements'
    )
    p.add_argument('-l',
                   '--logfile',
                   action='store_true',
                   dest='logfile',
                   help='create a logging file in "logs" subdirectory')
    p.add_argument(
        '-m',
        '--no-more',
        action='store',
        type=str,
        dest='more',
        help=
        'command to pass to remote host to avoid --more-- in execution, defaults to "terminal length 0"'
    )
    p.add_argument(
        '-o',
        '--options-override',
        action='store',
        type=str,
        dest='override',
        help=
        'ciphered file containing arguments that override command line options'
    )
    p.add_argument(
        '-p',
        '--prompt',
        action='store',
        type=str,
        dest='prompt',
        help='expected prompt from remote host, this field accepts quoted regex'
    )
    p.add_argument('-po',
                   '--port-number',
                   action='store',
                   type=str,
                   dest='port',
                   metavar='TCP_PORT_NUMBER',
                   help='TCP port number for connection')
    p.add_argument(
        '-s',
        '--sub-proc',
        action='store',
        type=str,
        dest='sub',
        nargs=2,
        metavar=('MODULE', 'METHOD'),
        help=
        'module and function to execute after the connection is established')
    p.add_argument(
        '-ss',
        '--presub-proc',
        action='store',
        type=str,
        dest='presub',
        nargs=2,
        metavar=('MODULE', 'METHOD'),
        help='module and function to execute before connection to remote device'
    )
    p.add_argument('-t',
                   '--timeout',
                   action='store',
                   type=int,
                   dest='timeout',
                   help='max seconds to wait for an answer from remote host')
    p.add_argument('-u',
                   '--username-credentials',
                   action='store',
                   type=str,
                   dest='user',
                   metavar=('USERNAME'),
                   help='username to log into remote host')
    p.add_argument('-v',
                   '--verbose',
                   action='store_true',
                   dest='verbose',
                   help='unhide connection process, usefull for debugging')
    p.add_argument(
        '-w',
        '--password',
        action='store',
        type=str,
        dest='password',
        nargs='+',
        metavar=('PASSWORD'),
        help=
        'password to log into remote host and optionally an enable password')
    p.add_argument('-x',
                   '--protocol',
                   action='store',
                   type=str,
                   dest='proto',
                   choices=['telnet', 'ssh'],
                   help='protocol to be used for connection, defaults to ' +
                   constants.DEFAULT_PROTOCOL)

    p.set_defaults(debug=False,
                   interact=True,
                   logfile=False,
                   more=constants.MORE,
                   prompt=constants.PROMPT,
                   proto=constants.DEFAULT_PROTOCOL,
                   timeout='15',
                   user='',
                   verbose=False)

    # parse arguments from command line
    args = p.parse_args()

    # if "o" options is set,override arguments from local encrypted file
    if args.override:
        if not os.path.isfile(args.override):
            exit('ERROR: Invalid filename: "' + args.override + '"')
        else:
            password = getpass('Please enter your password: '******'ERROR: The file ' + args.override +
                     ' does not seem to be encrypted...')
            args_override_cleaned = CleanComments(args_override)
            if len(args_override_cleaned) == 0:
                exit('ERROR: wrong password, or file was empty...')
            else:
                try:
                    args_override_cleaned[0].decode('ascii')
                    # and now merge arguments in initial namespace
                    p.parse_args(args_override_cleaned, namespace=args)
                except UnicodeDecodeError:
                    exit('ERROR: wrong password...')

    #import and run presub procedure if any
    if args.presub:
        import importlib
        try:
            mod = importlib.import_module(args.presub[0])
            presubmethod = getattr(mod, args.presub[1])
        except ImportError as e:
            exit(e)
        # execute presub method
        try:
            presubmethod(args, c)
        except (ImportError, AttributeError, NameError) as e:
            exit(e)

    # if debug mode is on, we start with araw output of args
    if args.debug:
        print('debug mode is on')
        pprint.pprint(vars(args))

    # we need at least one of them
    if (args.remote is None and args.array is None):
        p.error(
            ' remote host IP address or name is required,\nyou miss either "-r" or "-f" option\n\n'
        )

    # here below, we try to get a host list from user arguments so we can iterate over this afterwards
    if args.remote:
        listhosts_cleaned = [args.remote]
    elif args.array:
        try:
            f = open(args.array)
            listhosts = f.read().splitlines()
            listhosts_cleaned = CleanComments(listhosts)
            args.interact = False
        except ValueError:
            print("WARNING: cannot open " + args.array +
                  " not a usable file..")
    if args.debug:
        print('List of hosts:')
        pprint.pprint(listhosts_cleaned)

    # if cmdfile or commands are provided, we build a list and sanitize it
    if args.cmdfile:
        try:
            f = open(args.cmdfile)
            listcmd = f.read().splitlines()
            listcmd_cleaned = CleanComments(listcmd)
        except ValueError:
            print("ERROR: cannot open " + args.cmdfile +
                  " not a usable file..")
    elif args.cmd:
        listcmd_cleaned = CleanComments(args.cmd)
    if args.debug and (args.cmdfile or args.cmd):
        print('List of commands:')
        pprint.pprint(listcmd_cleaned)

    # empty default port number if telnet without port options
    if args.proto == 'telnet' and not args.port: args.port = ''
    # defaults to port number 22 if ssh without port options
    if args.proto == 'ssh' and not args.port: args.port = '22'

    # complete password array with empty strings
    if args.password:
        password = args.password[0]
        try:
            enablepassword = args.password[1]
        except:
            args.password.append('')
            enablepassword = ''
    else:
        password = ''
        enablepassword = ''

    # complete jumphost credentials array with empty strings and initiate connection
    if args.jumphost:
        try:
            args.jumphost[0]
        except:
            exit(
                'ERROR: if "-j" option is set we need at least protocol and jumphost address'
            )
        try:
            args.jumphost[1]
        except:
            exit(
                'ERROR: if "-j" option is set we need at least protocol and jumphost address'
            )
        try:
            args.jumphost[2]
            try:
                int(args.jumphost[2])
            except:
                exit('ERROR: "args.jumphost[2]" is not a valid port number')
        except:
            if args.jumphost[1] == 'ssh': args.jumphost.append('22')
            elif args.jumphost[1] == 'telnet': args.jumphost.append('')
        try:
            args.jumphost[3]
        except:
            args.jumphost.append('')
        try:
            args.jumphost[4]
        except:
            args.jumphost.append('')
        try:
            args.jumphost[5]
        except:
            args.jumphost.append('')
        c = Connection(*(args.jumphost + [args.timeout] + [args.verbose]))
        if c == False: exit('ERROR: Cannot connect to jumphost')

    # import sub procedure if any
    if args.sub:
        import importlib
        try:
            mod = importlib.import_module(args.sub[0])
            submethod = getattr(mod, args.sub[1])
        except ImportError as e:
            exit(e)

    # main loop through hosts
    for host in listhosts_cleaned:
        h = host.rstrip('\n')
        # in case we loop through an array, we want the actual remote host to be part of 'args' object
        if args.array: args.remote = h
        if not args.jumphost:
            c = Connection(args.proto, h, args.port, args.user, password,
                           args.prompt, args.timeout, args.verbose)
            if c == False:
                print('ERROR: Cannot connect to remote host: ' + h)
                continue
        else:
            cmd = BuildCommand(args.proto, h, args.port, args.user)
            c.sendline(cmd)
            l = Login(c, args.proto, h, args.port, args.user, password,
                      args.prompt, args.timeout, args.verbose)
            if l == False:
                print('ERROR: Cannot connect to remote host: ' + h)
                continue

        # now switch to enable mode if needed
        if len(enablepassword) > 0:
            c.sendline('enable')
            index = c.expect(['assword:', args.prompt])
            if index == 0:
                if SendPassword(enablepassword, args.prompt, c, args.timeout):
                    print("\n>>> connected to: " + h)
            elif index == 1:
                print('INFO: enable password not needed for remote host: ' + h)

        # print internal details of pexpect object when debug option is turned on
        if args.debug: print('\n\nPexpect object details:\n\n' + str(c))

        # create a logfile if asked to do so
        if args.logfile:
            logfile = BuildLogfile(h)
            try:
                fout = open(logfile, 'wb')
            except (IOError, OSError) as e:
                print(
                    'WARNING; cannot log output because logfile cannot be opened...'
                )
                print "I/O error({0}): {1}".format(e.errno, e.strerror)

        # if commands in args or in a cmdfile, prepare terminal length
        if args.cmdfile or args.cmd:
            SendCommand(c, args.more, args.prompt, args.timeout)
            print("\t>>> now executing commands from " + str(listcmd_cleaned) +
                  " on " + h)
            if not args.logfile: c.logfile_read = sys.stdout
            # loop through the commands
            for line in listcmd_cleaned:
                SendCommand(c, line, args.prompt, args.timeout)
                # if logfile is set, we send a clean output inside the loop
                if args.logfile:
                    try:
                        fout.write('----- ' + line + ' -----\r\n')
                        fout.write(c.before)
                    except (IOError, OSError):
                        print('WARNING: cannot log output to ' + args.logfile)
        else:
            if args.logfile:
                c.logfile = fout
                c.logfile_send = None
                print("\t>>> now logging output from " + h + " in " + logfile)

        # execute sub method
        if args.sub:
            try:
                submethod(args, c)
            except (ImportError, AttributeError, NameError) as e:
                exit(e)

        # pass in interact mode, hit escape character to end connection
        if args.interact is True:
            SendCommand(c, '\n', args.prompt, args.timeout)
            c.interact(constants.ESCAPE_CHARACTER)
            print('\n<<< gracefully exited from: ' + h + '\n')
        else:
            if not args.jumphost: c.close(force=True)
            else:
                c.sendline('exit')
                c.sendline()
                c.expect(args.jumphost[5])
            print('\n<<< gracefully exited from: ' + h + '\n')
Exemplo n.º 3
0
# limitations under the License.

import hashlib
import os.path
import re

from libs import constants
from libs.getpass import getpass
from libs.cryptolib import encrypt_file
from libs.cryptolib import decrypt_file


askedaction = raw_input('What do you wanna do ? decrypt/encrypt - [D/e]: ')
if (re.match('^(?i)d(ecrypt|)$',askedaction) or not askedaction): action = 'decrypt'
elif (re.match('^(?i)e(ncrypt|)$',askedaction)): action = 'encrypt'
else: exit('Invalid value: "'+askedaction+'"')

askedfile = raw_input('What is the filename you want to '+action+' ? ')
if os.path.isfile(askedfile):file = askedfile
else: exit('Invalid filename: "'+askedfile+'"')

password = getpass('Please enter your password: '******'encrypt':
    encrypt_file(key,file)
    print('Encrypt "'+file+'" and save it in "'+file+'.enc"')
elif action == 'decrypt':
    outfile = raw_input('Name of clear file to be created ? ')
    decrypt_file(key,file,outfile)
    print('Decrypt "'+file+'" and save it to "'+outfile+'"')
Exemplo n.º 4
0
def main():
    p = argparse.ArgumentParser(
       usage='''
       %(prog)s -r "remote host"| -f "list of hosts" [options]
       %(prog)s -h #get help on numerous options
       ''' % { "prog": sys.argv[0]},
       description='''
          A small tool to log into any piece of equipment with a decent CLI interface... 
          \nYou can pass a lot of options to comply with most of devices behavior.
          \n\n
          Note that if you ask %(prog)s to look for options in a file, that is "-o" option, 
          this file obviously contains your credentials, passwords,
          and thus MUST be encrypted using the "cipher.py" tool. 
                
          \n\nEnjoy ! 
       ''' % { "prog": sys.argv[0]},
       conflict_handler='resolve'
    )
    
    mut_excl_1 = p.add_mutually_exclusive_group()
    mut_excl_1.add_argument('-f', '--hosts-file', action='store', type=str, dest='array', metavar='FILE', 
        help='file containing a list of hosts')
    mut_excl_1.add_argument('-r', '--remote-host', action='store', type=str, dest='remote', metavar='REMOTE_HOSTNAME', 
        help='remote host name or IP')
    
    mut_excl_2 = p.add_mutually_exclusive_group()
    mut_excl_2.add_argument('-c', '--command', action='store', type=str, dest='cmd', nargs='+', metavar='COMMAND',
        help='command(s) to be executed on remote host')
    mut_excl_2.add_argument('-cf', '--command-file', action='store', type=str, dest='cmdfile', metavar='COMMAND_FILE',
        help='file containing a list of commands')
    
    p.add_argument('-d', '--debug', action='store_true', dest='debug', 
        help='debug mode will out in clear all arguments passed to the script')
    p.add_argument('-i', '--interact', action='store_false', dest='interact', 
        help='do not interact after connection')
    p.add_argument('-j', '--jumphost-credentials', action='store', type=str, dest='jumphost', metavar='LIST', nargs='+',
        help='an ordered list: (protocol,host,port,username,password,prompt,timeout,verbose)\nyou can omit latest elements')
    p.add_argument('-l', '--logfile', action='store_true', dest='logfile', 
        help='create a logging file in "logs" subdirectory')
    p.add_argument('-m', '--no-more', action='store', type=str, dest='more',
        help='command to pass to remote host to avoid --more-- in execution, defaults to "terminal length 0"')
    p.add_argument('-o', '--options-override', action='store', type=str, dest='override',
        help='ciphered file containing arguments that override command line options')
    p.add_argument('-p', '--prompt', action='store', type=str, dest='prompt', 
        help='expected prompt from remote host, this field accepts quoted regex')
    p.add_argument('-po', '--port-number', action='store', type=str, dest='port', metavar='TCP_PORT_NUMBER', 
        help='TCP port number for connection')
    p.add_argument('-s', '--sub-proc', action='store', type=str, dest='sub', nargs=2, metavar=('MODULE', 'METHOD'),
        help='module and function to execute')
    p.add_argument('-t', '--timeout', action='store', type=int, dest='timeout', 
        help='max seconds to wait for an answer from remote host')
    p.add_argument('-u', '--username-credentials', action='store', type=str, dest='user', metavar=('USERNAME'),
        help='username to log into remote host')
    p.add_argument('-v', '--verbose', action='store_true', dest='verbose', 
        help='unhide connection process, usefull for debugging')
    p.add_argument('-w', '--password', action='store', type=str, dest='password', nargs='+', metavar=('PASSWORD'),
        help='password to log into remote host and optionally an enable password')
    p.add_argument('-x', '--protocol', action='store', type=str, dest='proto', choices=['telnet', 'ssh'],
        help='protocol to be used for connection, defaults to ' + constants.DEFAULT_PROTOCOL)
    
    p.set_defaults(
       debug=False,
       interact=True,
       logfile=False,
       more=constants.MORE,
       prompt=constants.PROMPT,
       proto=constants.DEFAULT_PROTOCOL,
       timeout='15',
       user='',
       verbose=False
    )
    
    # parse arguments from command line
    args = p.parse_args()
    
    # if "o" options is set,override arguments from local encrypted file 
    if args.override:
       if not os.path.isfile(args.override):exit('ERROR: Invalid filename: "' + args.override + '"')
       else:
           password = getpass('Please enter your password: '******'ERROR: The file ' + args.override + ' does not seem to be encrypted...')
           args_override_cleaned = CleanComments(args_override)
           if len(args_override_cleaned) == 0:
               exit('ERROR: wrong password, or file was empty...')
           else:
               try:
                   args_override_cleaned[0].decode('ascii')
                   # and now merge arguments in initial namespace
                   p.parse_args(args_override_cleaned, namespace=args)
               except UnicodeDecodeError:exit('ERROR: wrong password...')
               
    # if debug mode is on, we start with araw output of args
    if args.debug:
        print('debug mode is on')
        pprint.pprint(vars(args))
        
    # we need at least one of them
    if (args.remote is None and args.array is None):
        p.error(' remote host IP address or name is required,\nyou miss either "-r" or "-f" option\n\n')
    
    # here below, we try to get a host list from user arguments so we can iterate over this afterwards
    if args.remote:
        listhosts_cleaned = [args.remote]
    elif args.array:
        try:
           f = open(args.array)
           listhosts = f.read().splitlines()
           listhosts_cleaned = CleanComments(listhosts)
           args.interact = False
        except ValueError:
           print("WARNING: cannot open " + args.array + " not a usable file..")  
    if args.debug:
        print('List of hosts:')
        pprint.pprint(listhosts_cleaned)
    
    # if cmdfile or commands are provided, we build a list and sanitize it
    if args.cmdfile:
        try:
            f = open(args.cmdfile)
            listcmd = f.read().splitlines()
            listcmd_cleaned = CleanComments(listcmd)
        except ValueError:
           print("ERROR: cannot open " + args.cmdfile + " not a usable file..")
    elif args.cmd:
        listcmd_cleaned = CleanComments(args.cmd)
    if args.debug and (args.cmdfile or args.cmd):
        print('List of commands:')
        pprint.pprint(listcmd_cleaned)   
        
    # empty default port number if telnet without port options
    if args.proto == 'telnet' and not args.port:args.port = ''
    # defaults to port number 22 if ssh without port options
    if args.proto == 'ssh' and not args.port:args.port = '22'
    
    # complete password array with empty strings
    if args.password:
        password = args.password[0]
        try:enablepassword = args.password[1]
        except:args.password.append('')
    else:
        password = ''
        enablepassword = '' 
    
    # complete jumphost credentials array with empty strings and initiate connection
    if args.jumphost:
        try:args.jumphost[0]
        except:exit('ERROR: if "-j" option is set we need at least protocol and jumphost address') 
        try:args.jumphost[1]
        except:exit('ERROR: if "-j" option is set we need at least protocol and jumphost address')
        try:
            args.jumphost[2]
            try:int(args.jumphost[2])
            except:exit('ERROR: "args.jumphost[2]" is not a valid port number')
        except:
            if args.jumphost[1] == 'ssh':args.jumphost.append('22')
            elif args.jumphost[1] == 'telnet':args.jumphost.append('')
        try:args.jumphost[3]
        except:args.jumphost.append('')
        try:args.jumphost[4]
        except:args.jumphost.append('')
        try:args.jumphost[5]
        except:args.jumphost.append('')
        c = Connection(*(args.jumphost + [args.timeout] + [args.verbose]))
        if c == False:exit('ERROR: Cannot connect to jumphost') 
        
    # import sub procedure
    if args.sub:
        import importlib
        try:
            mod = importlib.import_module(args.sub[0])
            submethod = getattr(mod, args.sub[1])  
        except ImportError as e:exit(e)
    
    # main loop through hosts
    for host in listhosts_cleaned:
        h = host.rstrip('\n')
        # in case we loop through an array, we want the actual remote host to be part of 'args' object
        if args.array:args.remote = h
        if not args.jumphost:
            c = Connection(
                args.proto, h, args.port, args.user, password,
                args.prompt, args.timeout, args.verbose
            )
            if c == False:
                print('ERROR: Cannot connect to remote host: ' + h)
                continue
        else:
            cmd = BuildCommand(args.proto, h, args.port, args.user)
            c.sendline(cmd)
            l = Login(c, args.proto, h, args.port, args.user, password,
                args.prompt, args.timeout, args.verbose
            )
            if l == False:
                print('ERROR: Cannot connect to remote host: ' + h)
                continue
        
        # now switch to enable mode if needed       
        if len(args.password[1]) > 0:
            c.sendline('enable')
            index = c.expect(['assword:',args.prompt])
            if index == 0:
                if SendPassword(enablepassword, args.prompt, c, args.timeout):
                   print("\n>>> connected to: " + h)
            elif index == 1:
                print('INFO: enable password not needed for remote host: ' + h)
                
        # print internal details of pexpect object when debug option is turned on
        if args.debug:print('\n\nPexpect object details:\n\n'+str(c))
        
        # create a logfile if asked to do so
        if args.logfile:
            logfile = BuildLogfile(h) 
            try:
               fout = open(logfile, 'wb')
            except (IOError, OSError) as e:
               print('WARNING; cannot log output because logfile cannot be opened...')
               print "I/O error({0}): {1}".format(e.errno, e.strerror)
    
        # if commands in args or in a cmdfile, prepare terminal length
        if args.cmdfile or args.cmd:
            SendCommand(c, args.more, args.prompt, args.timeout)
            print("\t>>> now executing commands from " + str(listcmd_cleaned) + " on " + h)
            if not args.logfile:c.logfile_read = sys.stdout
            # loop through the commands
            for line in listcmd_cleaned:
                SendCommand(c, line, args.prompt, args.timeout)
                # if logfile is set, we send a clean output inside the loop
                if args.logfile:
                   try:
                       fout.write('----- '+line+' -----\r\n')
                       fout.write(c.before)
                   except (IOError, OSError):print('WARNING: cannot log output to ' + args.logfile)
        else:
            if args.logfile:
                c.logfile = fout
                c.logfile_send = None
                print("\t>>> now logging output from " + h + " in " + logfile)
                
        # execute sub method
        if args.sub:
            try:submethod(args,c)
            except (ImportError, AttributeError, NameError) as e:exit(e)
        
        # pass in interact mode, hit escape character to end connection
        if args.interact is True:
            SendCommand(c, '\n', args.prompt, args.timeout)
            c.interact(constants.ESCAPE_CHARACTER)
            print('\n<<< gracefully exited from: ' + h + '\n')
        else:
            if not args.jumphost:c.close(force=True)
            else:
                c.sendline('exit')
                c.sendline()
                c.expect(args.jumphost[5])
            print('\n<<< gracefully exited from: ' + h + '\n')