enablePTY() публичный Метод

Enable request-pty when using exec()
public enablePTY ( )
Пример #1
0
    public function Exec($command, $stdin = '')
    {
        $database = $this->session->getDatabase();
        $name = $database['name'];
        $engine = $this->session->getSpoolerByName($name, 'waae');
        if (!isset($engine[0]['shell'])) {
            print "?!";
            exit;
        }
        set_include_path('../vendor/phpseclib' . PATH_SEPARATOR . get_include_path());
        include 'Net/SSH2.php';
        include 'Crypt/RSA.php';
        $shell = $engine[0]['shell'];
        $host = $shell['host'];
        $user = $shell['user'];
        $ssh = new \Net_SSH2($host);
        if (isset($shell['key'])) {
            $key = new \Crypt_RSA();
            $ret = $key->loadKey($shell['key']);
            if (!$ret) {
                echo "loadKey failed\n";
                print "<pre>" . $ssh->getLog() . '</pre>';
                exit;
            }
        } elseif (isset($shell['password'])) {
            $key = $shell['password'];
        } else {
            $key = '';
            // ?! possible ?
        }
        if (!$ssh->login('autosys', $key)) {
            print 'Login Failed';
            print "<pre>" . $ssh->getLog() . '</pre>';
            exit;
        }
        if ($stdin == '') {
            return $ssh->exec(". ~/.bash_profile;{$command}");
        }
        // Test STDIN
        $ssh->enablePTY();
        print "profile" . $ssh->exec(". ~/.bash_profile");
        print "sort" . ($exec = $ssh->exec('sort'));
        $ssh->write(<<<EOF
echo "update_job: SE.ERIC.JOB.JobType_UNIX"
echo "description: 'ok!!'
EOF
);
        $ssh->reset(true);
        $ssh->setTimeout(2);
        print $ssh->read();
        return;
        return $ssh->read();
        // outputs the echo above
    }
Пример #2
0
 $path = getcwd();
 chdir('php/pear');
 $path = getcwd();
 set_include_path($path);
 @($query = mysqli_query($connect, "SELECT * FROM configureddb where dbuid='{$option}'"));
 while ($query_row = mysqli_fetch_assoc($query)) {
     $hostname = $query_row['server'];
     $sslusername = $query_row['sslusername'];
     $sslpassword = $query_row['sslpassword'];
 }
 set_include_path(get_include_path() . '/' . 'phpsec');
 include 'Net/SSH2.php';
 include 'File/ANSI.php';
 $ssh = new Net_SSH2(@$hostname);
 if (@$ssh->login(@$sslusername, @$sslpassword)) {
     $ssh->enablePTY();
     $ssh->exec('ps axo pid,ppid,%cpu,pmem,user,group,args --sort %cpu');
     $ssh->setTimeout(2);
     $hello = $ssh->read();
     $ps = explode("\n", $hello);
     $proc = array();
     foreach ($ps as $process) {
         $processes[] = preg_split('@\\s+@', trim($process), 7);
     }
     unset($processes[0]);
     foreach ($processes as $pro) {
         $proc[] = @array('pid' => $pro[0], 'ppid' => $pro[1], 'cpu' => $pro[2], 'pmem' => $pro[3], 'user' => $pro[4], 'group' => $pro[5], 'cmd' => $pro[6]);
     }
     echo json_encode($proc);
 } else {
     echo "[]";
Пример #3
0
 public function checkDeviceFW($deviceID = false)
 {
     global $db_CS;
     global $access;
     global $allowedParams;
     global $allowedGroupsDeviceList;
     global $allowedGroupsArray;
     $deviceID = isset($_REQUEST['deviceID']) ? htmlspecialchars($_REQUEST['deviceID']) : $deviceID;
     $sql = "SELECT tLastAliveIP,tDeviceVPNName,tDeviceFirmware,tRootPwd FROM DeviceList WHERE id = '{$deviceID}'";
     $db_CS->autocommit(FALSE);
     $data["rstatus"] = false;
     if ($rs = $db_CS->query($sql)) {
         if ($connection = $rs->fetch_assoc()) {
             set_include_path(get_include_path() . PATH_SEPARATOR . '/var/www/html/sacp/includes/phpseclib');
             include 'Net/SSH2.php';
             include 'File/ANSI.php';
             $data["tDeviceVPNName"] = $connection["tDeviceVPNName"];
             if (filter_var($connection["tLastAliveIP"], FILTER_VALIDATE_IP)) {
                 $ssh = new Net_SSH2($connection["tLastAliveIP"], '22');
                 if (!$ssh->login('root', $connection["tRootPwd"])) {
                     $host_connected = false;
                     $data["result"] = "Auth failed!";
                     $data["alert_type"] = "danger alert";
                 } else {
                     // WE GOT A CONNECTION !
                     $ansi = new File_ANSI();
                     $ssh->enablePTY();
                     $fwCMD = "cat /http/default/_version.php | grep 'define' | grep 'PRODUCT_VERSION' | awk -F ',' '{print \$2}' | sed 's/[^[:alnum:]\\.[:space:]]\\+//g'";
                     $ssh->exec($fwCMD);
                     $ansi->appendString($ssh->read());
                     $response["cmdOutput"] = htmlspecialchars_decode(strip_tags($ansi->getHistory()));
                     if ($connection["tDeviceFirmware"] != $response["cmdOutput"]) {
                         $sql = "UPDATE DeviceList\n\t\t\t\t\t\t\t\t\tSET tDeviceFirmware = '" . $response["cmdOutput"] . "'\n\t\t\t\t\t\t\t\t\tWHERE id = '{$deviceID}'";
                         if ($db_CS->query($sql) && $db_CS->affected_rows > 0) {
                             if ($this->updateDeviceHistoryMember($deviceID, 'tDeviceFirmware')) {
                                 $db_CS->commit();
                                 $data["rstatus"] = true;
                                 $data["alert_type"] = "success alert";
                                 $data["result"] = "FW updated from " . $connection["tDeviceFirmware"] . " to " . $response["cmdOutput"] . "";
                             } else {
                                 $data["rstatus"] = true;
                                 //$data["sql"] = $sql;
                                 $data["alert_type"] = "danger alert";
                                 $data["result"] = 'Ошибка сохранения или такого устройства не существует';
                             }
                         }
                     } else {
                         $data["rstatus"] = true;
                         $data["alert_type"] = "success alert";
                         $data["result"] = "FW is up to date! (Answer: " . addslashes($response["cmdOutput"]) . ")";
                     }
                 }
             } else {
                 $data["result"] = "Wrong IP! (" . $connection["tLastAliveIP"] . ")";
             }
             header('Content-Type: application/json');
             echo json_encode($data);
         }
     }
 }
 public function fire($job, $data)
 {
     $output = new Symfony\Component\Console\Output\ConsoleOutput();
     $node = Node::find($data['message']['node_id']);
     $s3 = \Aws\S3\S3Client::factory(array('key' => 'AKIAIUCV4E2L4HDCDOUA', 'secret' => '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', 'region' => 'us-east-1'));
     $all_keys = Key::where('integration_id', '=', $data['message']['integration_id'])->get();
     foreach ($all_keys as $pem_key_reference) {
         if ($pem_key_reference->remote_url) {
             $unique_key_name = rand(0, 9999) . $pem_key_reference->remote_url;
             $key_bucket = App::isLocal() ? 'devkeys.nosprawl.software' : 'keys.nosprawl.software';
             $s3->getObject(array('Bucket' => $key_bucket, 'Key' => $pem_key_reference->remote_url, 'SaveAs' => '/tmp/' . $unique_key_name));
             // Shouldn't need these two lines at all.
             exec('chmod 400 /tmp/' . $unique_key_name);
             $empty = null;
             $s3_resource_root = App::isLocal() ? 'http://agent.nosprawl.software/dev/' : 'http://agent.nosprawl.software/';
             $latest_version = exec("curl -s " . $s3_resource_root . "latest", $empty);
             $latest_version_url = $s3_resource_root . $latest_version;
             $ssh = new Net_SSH2($node->public_dns_name);
             $ssh->enableQuietMode();
             $ssh->enablePTY();
             $key = new Crypt_RSA();
             $key->loadKey(file_get_contents('/tmp/' . $unique_key_name));
             exec('rm -rf /tmp/' . $unique_key_name);
             if (!$ssh->login($pem_key_reference->username, $key)) {
                 continue;
             } else {
                 $possible_installers = ["yum", "apt-get"];
                 foreach ($possible_installers as $possible_installer) {
                     $installer_check_result = false;
                     $found = false;
                     $ssh->exec("sudo " . $possible_installer . " -y install ruby");
                     $install_result = $ssh->read();
                     $output->writeln($install_result);
                     $install_exit_status = $ssh->getExitStatus();
                     if ($install_exit_status == 0) {
                         Queue::push('DeployAgentToNode', array('message' => array('node_id' => $node->id, 'integration_id' => $node->integration->id)));
                         return $job->delete();
                     }
                 }
             }
         } else {
             $output->writeln("This is what we do if all we have is a password.");
             continue;
         }
     }
     // If we got to this point we were unable to install Curl automatically.
     $problem = new Problem();
     $problem->description = "Couldn't install Curl.";
     $problem->reason = "Unable to automatically install Curl. Please install it manually.";
     $problem->node_id = $node->id;
     $problem->save();
     $remediation = new Remediation();
     $remediation->name = "Retry Deployment";
     $remediation->queue_name = "DeployAgentToNode";
     $remediation->problem_id = $problem->id;
     $remediation->save();
     $remediation = new Remediation();
     $remediation->name = "Cancel";
     $remediation->queue_name = "CancelDeployAgentToNode";
     $remediation->problem_id = $problem->id;
     $remediation->save();
     return $job->delete();
 }
Пример #5
0
 public function fire($job, $data)
 {
     $output = new Symfony\Component\Console\Output\ConsoleOutput();
     $node = Node::find($data['message']['node_id']);
     // Make sure node exists
     if (!$node) {
         $output->writeln("node doesn't exist anymore. no need for this job.");
         return $job->delete();
     }
     // Make sure node isn't terminated
     /*if($node->service_provider_status == "terminated") {
     			return $job->delete();
     		}*/
     // Make sure node is running
     if ($node->service_provider_status != "running") {
         return $job->release();
         $output->writeln("node is not running");
     }
     // Keys are always stored on S3. This is the NoS account.
     $s3 = \Aws\S3\S3Client::factory(array('key' => 'AKIAIUCV4E2L4HDCDOUA', 'secret' => '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', 'region' => 'us-east-1'));
     $all_keys = Key::where('integration_id', '=', $data['message']['integration_id'])->get();
     $unique_key_name = null;
     $cmdout = null;
     // Make sure the user has added credentials for this integration
     if ($all_keys->isEmpty()) {
         $problem = new Problem();
         $problem->description = "Couldn't deploy agent";
         $problem->reason = "No credentials added for this integration.<br /><br />You can manage your integration credentials on the <a href='#'>integrations</a> page.<br />Or <a href='#'>deploy manually</a>.";
         $problem->node_id = $node->id;
         $problem->long_message = true;
         $problem->save();
         $remediation = new Remediation();
         $remediation->name = "Cancel";
         $remediation->queue_name = "CancelDeployAgentToNode";
         $remediation->problem_id = $problem->id;
         $remediation->save();
         $remediation = new Remediation();
         $remediation->name = "Retry";
         $remediation->queue_name = "DeployAgentToNode";
         $remediation->problem_id = $problem->id;
         $remediation->save();
         return $job->delete();
     }
     $eventually_logged_in = false;
     foreach ($all_keys as $pem_key_reference) {
         if ($pem_key_reference->remote_url) {
             $unique_key_name = rand(0, 9999) . $pem_key_reference->remote_url;
             $key_bucket = App::isLocal() ? 'devkeys.nosprawl.software' : 'keys.nosprawl.software';
             $s3->getObject(array('Bucket' => $key_bucket, 'Key' => $pem_key_reference->remote_url, 'SaveAs' => '/tmp/' . $unique_key_name));
             exec('chmod 400 /tmp/' . $unique_key_name);
             $empty = null;
             $s3_resource_root = App::isLocal() ? 'http://agent.nosprawl.software/dev/' : 'http://agent.nosprawl.software/';
             $latest_version = exec("curl -s " . $s3_resource_root . "latest", $empty);
             $latest_version_url = $s3_resource_root . $latest_version;
             $ssh = new Net_SSH2($node->public_dns_name);
             $ssh->enableQuietMode();
             $ssh->enablePTY();
             $key = new Crypt_RSA();
             $key->loadKey(file_get_contents('/tmp/' . $unique_key_name));
             exec('rm -rf /tmp/' . $unique_key_name);
             if (!$ssh->login($pem_key_reference->username, $key)) {
                 $output->writeln("ssh fail.");
                 continue;
             } else {
                 $output->writeln("we are in ssh just fine.");
                 // Let's look for any problems running sudo first.
                 $ssh->exec("sudo whoami");
                 $exit_status = $ssh->getExitStatus();
                 if (!$exit_status && $exit_status != 0) {
                     // User can't sudo without a password. We can't auto-install.
                     $problem = new Problem();
                     $problem->description = "Couldn't deploy agent";
                     $problem->reason = "User '" . $pem_key_reference->username . "' doesn't have passwordless sudo priviliges. Please either enable  it or <a class='problem_cta_btn' href='#'>Manually deploy the NoSprawl Agent</a>";
                     $problem->node_id = $node->id;
                     $problem->long_message = true;
                     $problem->save();
                     $remediation = new Remediation();
                     $remediation->name = "Cancel";
                     $remediation->queue_name = "CancelDeployAgentToNode";
                     $remediation->problem_id = $problem->id;
                     $remediation->save();
                     $remediation = new Remediation();
                     $remediation->name = "Retry";
                     $remediation->queue_name = "DeployAgentToNode";
                     $remediation->problem_id = $problem->id;
                     $remediation->save();
                     return $job->delete();
                 }
                 $result = $ssh->read();
                 $output->writeln($result);
                 // Check for problems with curl
                 $ssh->exec("curl --help");
                 $curl_result = $ssh->read();
                 $curl_exit_status = $ssh->getExitStatus();
                 if ($curl_exit_status != 0) {
                     $problem = new Problem();
                     $problem->description = "Couldn't deploy agent";
                     $problem->reason = "cURL isn&rsquo;t installed.";
                     $problem->node_id = $node->id;
                     $problem->save();
                     $remediation = new Remediation();
                     $remediation->name = "Install cURL";
                     $remediation->queue_name = "InstallCurlAndRetryDeployment";
                     $remediation->problem_id = $problem->id;
                     $remediation->save();
                     $remediation = new Remediation();
                     $remediation->name = "Cancel";
                     $remediation->queue_name = "CancelDeployAgentToNode";
                     $remediation->problem_id = $problem->id;
                     $remediation->save();
                     return $job->delete();
                 }
                 $ssh->exec("(curl " . $latest_version_url . " > nosprawl-installer.rb) && sudo ruby nosprawl-installer.rb && rm -rf nosprawl-installer.rb");
                 $installer_result = $ssh->read();
                 $installer_exit_status = $ssh->getExitStatus();
                 if ($installer_exit_status == 0) {
                     // Everything is good.
                     $node->limbo = false;
                     $node->save();
                     return $job->delete();
                 } else {
                     $problem = new Problem();
                     $problem->description = "Couldn't deploy agent";
                     $problem->reason = "Ruby isn't installed.";
                     $problem->node_id = $node->id;
                     $problem->save();
                     $remediation = new Remediation();
                     $remediation->name = "Install";
                     $remediation->queue_name = "InstallRubyAndRetryDeployment";
                     $remediation->problem_id = $problem->id;
                     $remediation->save();
                     $remediation = new Remediation();
                     $remediation->name = "Cancel";
                     $remediation->queue_name = "CancelDeployAgentToNode";
                     $remediation->problem_id = $problem->id;
                     $remediation->save();
                     return $job->delete();
                 }
                 return $job->delete();
             }
         } else {
             $output->writeln("This is what we do if all we have is a password.");
             continue;
         }
     }
     if (!$eventually_logged_in) {
         $problem = new Problem();
         $problem->description = "Couldn't deploy agent";
         $problem->reason = "None of the credentials provided were sufficient to connect to this node. Manage your credentials on the <a href='#'>integrations</a> page.<br />Or <a href='#'>deploy manually</a>.";
         $problem->node_id = $node->id;
         $problem->long_message = true;
         $problem->save();
         $remediation = new Remediation();
         $remediation->name = "Cancel";
         $remediation->queue_name = "CancelDeployAgentToNode";
         $remediation->problem_id = $problem->id;
         $remediation->save();
         $remediation = new Remediation();
         $remediation->name = "Retry";
         $remediation->queue_name = "DeployAgentToNode";
         $remediation->problem_id = $problem->id;
         $remediation->save();
         return $job->delete();
     }
 }