Top Level Namespace
Instance Method Summary collapse
- #_e_log_accessed?(raw_exception) ⇒ Boolean
- #_e_log_blocked?(raw_exception) ⇒ Boolean
- #_host ⇒ Object
- #_lu_password ⇒ Object
- #_p_log_accessed?(action) ⇒ Boolean
- #_p_log_blocked?(action) ⇒ Boolean
- #_port ⇒ Object
- #_ru_password ⇒ Object
- #add_nl(s) ⇒ Object
- #become_root ⇒ Object
- #debug(string) ⇒ Object
- #disable_echo(&block) ⇒ Object
- #err_check(buffer) ⇒ Object
- #extract_action(raw_assignment) ⇒ Object
- #extract_cff_profiles(raw_proxy_profile) ⇒ Object
- #extract_exceptions(http) ⇒ Object
- #extract_profiles(http) ⇒ Object
- #fingerprint_prompt?(string) ⇒ Boolean
- #get(x, command = 'get') ⇒ Object
- #get_action(raw_assignment) ⇒ Object
- #get_comment(raw) ⇒ Object
- #get_name(raw) ⇒ Object
- #get_object(x) ⇒ Object
- #log(string = String.new) ⇒ Object
- #login ⇒ Object
- #print_raction(raw_action) ⇒ Object
- #print_results(results) ⇒ Object
- #prompt(question, password = false) ⇒ Object
- #run ⇒ Object
- #search_exceptions(exceptions) ⇒ Object
- #search_profiles(profiles) ⇒ Object
- #until_prompt(prompt, alt = false) ⇒ Object
- #wrong_password?(buffer, regexp) ⇒ Boolean
Instance Method Details
#_e_log_accessed?(raw_exception) ⇒ Boolean
210 211 212 213 214 |
# File 'lib/utm-plc.rb', line 210 def _e_log_accessed? raw_exception raw_exception[/'skiplist' => \[[^\]]*/].gsub("'skiplist' => \[",'').split(',').collect {|l| l.gsub(/'/,'').strip }.include? 'log_access' end |
#_e_log_blocked?(raw_exception) ⇒ Boolean
216 217 218 219 220 |
# File 'lib/utm-plc.rb', line 216 def _e_log_blocked? raw_exception raw_exception[/'skiplist' => \[[^\]]*/].gsub("'skiplist' => \[",'').split(',').collect {|l| l.gsub(/'/,'').strip }.include? 'log_blocked' end |
#_host ⇒ Object
25 |
# File 'lib/utm-plc.rb', line 25 def _host; prompt('Which host?: ') end |
#_lu_password ⇒ Object
27 |
# File 'lib/utm-plc.rb', line 27 def _lu_password; prompt('What is the password for loginuser?: ', true) end |
#_p_log_accessed?(action) ⇒ Boolean
196 197 198 199 200 201 |
# File 'lib/utm-plc.rb', line 196 def _p_log_accessed? action if action[/'log_access' => \d/].nil? raise ArgumentError "_p_log_accessed?(action): action doesn't contain a 'log_access' attribute?" end action[/'log_access' => \d/].gsub(/'log_access' => /,'')=='1' end |
#_p_log_blocked?(action) ⇒ Boolean
203 204 205 206 207 208 |
# File 'lib/utm-plc.rb', line 203 def _p_log_blocked? action if action[/'log_blocked' => \d/].nil? raise ArgumentError "_p_log_blocked?(action): action doesn't contain a 'log_blocked' attribute?" end action[/'log_blocked' => \d/].gsub(/'log_blocked' => /,'')=='1' end |
#_port ⇒ Object
26 |
# File 'lib/utm-plc.rb', line 26 def _port; prompt('What port?: ') end |
#_ru_password ⇒ Object
28 |
# File 'lib/utm-plc.rb', line 28 def _ru_password; prompt('What is the password for root?: ', true) end |
#add_nl(s) ⇒ Object
87 88 89 90 |
# File 'lib/utm-plc.rb', line 87 def add_nl s #append a "\n" (newline) to a string if it doesn't already end with one. (s[/\\n$/].nil? ? s+"\n" : s) end |
#become_root ⇒ Object
112 113 114 115 116 117 118 119 |
# File 'lib/utm-plc.rb', line 112 def become_root log "Using su to become root..." $in.printf( "su\n" ) debug until_prompt( 'Password:' ) $in.printf( "#{_ru_password}\n" ) debug until_prompt( '/home/login #', :check_badpass ) log "Am now root." end |
#debug(string) ⇒ Object
99 100 101 102 103 104 |
# File 'lib/utm-plc.rb', line 99 def debug string if $logging and $debugging printf add_nl(string) end string end |
#disable_echo(&block) ⇒ Object
78 79 80 81 82 83 84 85 |
# File 'lib/utm-plc.rb', line 78 def disable_echo &block system('stty -echo') x=yield system('stty echo') #so that the next line doesn't start on the same line as the password prompt log x end |
#err_check(buffer) ⇒ Object
41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 |
# File 'lib/utm-plc.rb', line 41 def err_check buffer if fingerprint_prompt?(buffer) printf "SSH Fingerprint prompt detected.\nPlease SSH to this system at least once before using this program to verify the SSH fingerprint manually, then run this program again.\n\n" exit end if wrong_password?(buffer, 'Permission denied') printf "Permission denied! Get off my lawn!\n" exit end if wrong_password?(buffer, 'incorrect password') printf "Bad root password! Go away!\n" exit end end |
#extract_action(raw_assignment) ⇒ Object
148 149 150 |
# File 'lib/utm-plc.rb', line 148 def extract_action raw_assignment raw_assignment[/'action' => '[^']*/].gsub(/'action' => '/,'').strip end |
#extract_cff_profiles(raw_proxy_profile) ⇒ Object
140 141 142 143 144 145 146 |
# File 'lib/utm-plc.rb', line 140 def extract_cff_profiles raw_proxy_profile debug "Found cff_profiles: " cff_p=raw_proxy_profile[/'cff_profiles' => \[[^\]]*/].gsub( "'cff_profiles' => \[",'' ). strip.gsub(',','').strip.gsub(/^'/,'').gsub(/'$/,'').strip.gsub(/^'/,'').gsub(/'$/,'') debug " -- "+cff_p cff_p end |
#extract_exceptions(http) ⇒ Object
132 133 134 135 136 137 138 |
# File 'lib/utm-plc.rb', line 132 def extract_exceptions http exceptions=http[/'exceptions' => \[[^\]]*/].gsub("'exceptions' => \[",'').split(',').collect {|l| l.gsub(/'/,'').strip } debug "Found #{exceptions.size} exceptions:" exceptions.each {|e| debug " -- "+e } end |
#extract_profiles(http) ⇒ Object
121 122 123 124 125 126 127 128 129 130 |
# File 'lib/utm-plc.rb', line 121 def extract_profiles http debug "Extracting profiles from 'http'=" profiles=http[/'profiles' => \[[^\]]*/].gsub( "'profiles' => \[",'' ).split(',').collect {|p| p.strip.gsub(/^'/,'').gsub(/'$/,'') } debug "Found #{profiles.size} profiles:" profiles.each {|p| debug " -- "+p } end |
#fingerprint_prompt?(string) ⇒ Boolean
33 34 35 |
# File 'lib/utm-plc.rb', line 33 def fingerprint_prompt? string !string[/\(yes\/no\)\?/].nil? end |
#get(x, command = 'get') ⇒ Object
247 248 249 250 251 |
# File 'lib/utm-plc.rb', line 247 def get x, command='get' debug "Running: 'cc #{command} #{x}'..." $in.printf("cc #{command} #{x}\n") debug until_prompt(':/home/login #') end |
#get_action(raw_assignment) ⇒ Object
266 267 268 |
# File 'lib/utm-plc.rb', line 266 def get_action raw_assignment raw_assignment[/'action' => '[^']*/].gsub(/'action' => '/,'').strip end |
#get_comment(raw) ⇒ Object
262 263 264 |
# File 'lib/utm-plc.rb', line 262 def get_comment raw raw[/'comment' => '[^']*/].gsub(/'comment' => '/,'') end |
#get_name(raw) ⇒ Object
258 259 260 |
# File 'lib/utm-plc.rb', line 258 def get_name raw raw[/'name' => '[^']*/].gsub(/'name' => '/,'') end |
#get_object(x) ⇒ Object
270 271 272 |
# File 'lib/utm-plc.rb', line 270 def get_object x get x, 'get_object' end |
#log(string = String.new) ⇒ Object
92 93 94 95 96 97 |
# File 'lib/utm-plc.rb', line 92 def log string=String.new if $logging==true printf add_nl(string) end string end |
#login ⇒ Object
106 107 108 109 110 |
# File 'lib/utm-plc.rb', line 106 def login log "Logging in as loginuser..." $in.printf( _lu_password + "\n" ) debug until_prompt( '/home/login >', :check_badpass ) end |
#print_raction(raw_action) ⇒ Object
253 254 255 256 |
# File 'lib/utm-plc.rb', line 253 def print_raction raw_action log "Name: #{get_name(raw_action)}" log "Comment: #{get_comment(raw_action)}" end |
#print_results(results) ⇒ Object
222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 |
# File 'lib/utm-plc.rb', line 222 def print_results results log "\n\nPrinting results:" results.each {|x,y| if x==:profiles y.each {|z| if !_p_log_accessed?(z) log "Please activate the 'Log Accessed Pages' option for the Web Filter Action named: #{get_name(z)}" end if !_p_log_blocked?(z) log "Please activate the 'Log Blocked Pages' option for the Web Filter Action named: #{get_name(z)}" end } elsif x==:exceptions y.each {|z| if _e_log_accessed?(get_object(z)) log "Please deactivate the option to skip logging of accessed pages for the Exception named: #{get_name(get_object(z))}" end if _e_log_blocked?(get_object(z)) log "Please deactivate the option to skip logging of blocked pages for the Exception named: #{get_name(get_object(z))}" end } end } end |
#prompt(question, password = false) ⇒ Object
276 277 278 279 280 281 282 283 284 285 |
# File 'lib/utm-plc.rb', line 276 def prompt question, password=false printf question if password==true disable_echo { (s=gets.strip).empty? ? prompt(question) : s } else (s=gets.strip).empty? ? prompt(question) : s end end |
#run ⇒ Object
287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 |
# File 'lib/utm-plc.rb', line 287 def run PTY.spawn("ssh -p #{_port} loginuser@#{_host}") {|stdout,stdin,pid| begin old_out=$out; $out=stdout old_in=$in; $in =stdin debug( until_prompt('password:') ) login become_root #Because the main Web Filter is treated as a profile, this #will operate on all Web Filters and proxy profiles. results= search_profiles( extract_profiles( http=get('http') ) ) results.merge!( search_exceptions( extract_exceptions( http ) ) ) print_results( results ) stdin.printf( "exit\n" ) until_prompt( ":/home/login >" ) stdin.printf( "exit\n" ) $out=old_out $in=old_in rescue Errno::EIO printf "SSH Connection failed. Are you able to ssh in from this machine? If not, start troubleshooting from here.\n" exit end } log 'Done' end |
#search_exceptions(exceptions) ⇒ Object
152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 |
# File 'lib/utm-plc.rb', line 152 def search_exceptions exceptions if exceptions.class!=Array raise ArgumentError "search_exceptions(exceptions): 'exceptions' must be an array but it's something else, possibly a cheeseburger..." elsif exceptions.empty? raise ArgumentError "search_exceptions(exceptions): 'exceptions' must be a non-empty array! What have you done?!?" end results={:exceptions=>[]} exceptions.each {|exception| debug raw_exception=get_object(exception) log "Checking exception: #{get_name(raw_exception)}" if _e_log_accessed?(raw_exception) results[:exceptions] << exception elsif _e_log_blocked?(raw_exception) results[:exceptions] << exception end } results end |
#search_profiles(profiles) ⇒ Object
172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 |
# File 'lib/utm-plc.rb', line 172 def search_profiles profiles if profiles.class!=Array raise ArgumentError "search_profiles(profiles): 'profiles' must be an array but it's something else, possibly a cheeseburger..." elsif profiles.empty? raise ArgumentError "search_profiles(profiles): 'profiles' must be a non-empty array! What have you done?!?" end results={:profiles=>[]} profiles.each {|profile| debug raw_proxy_profile=get_object(profile) log "Checking profile: #{get_name(raw_proxy_profile)}" debug raw_assignment=get_object( extract_cff_profiles(raw_proxy_profile) ) log "Got the assignment for that profile..." action= get_action(raw_assignment) raw_action= get_object( extract_action(raw_assignment) ) log "Got the action for that assignment..." if !_p_log_accessed?(raw_action) || !_p_log_blocked?(raw_action) log "Found an action that isn't logging everything: #{get_name(raw_action)}" results[:profiles] << raw_action end } results end |
#until_prompt(prompt, alt = false) ⇒ Object
58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 |
# File 'lib/utm-plc.rb', line 58 def until_prompt( prompt, alt=false ) buffer= "" begin Timeout.timeout( 60 ) { loop do buffer << $out.getc.chr err_check( buffer ) break if buffer =~ Regexp.new(prompt) end } return buffer rescue Timeout::Error => error printf "Error - Timed out waiting for \"#{prompt.gsub('"','\"') }\", printing stacktrace...\n " printf error.backtrace.join("\n") + "\n" printf "Dumping buffer...\n" pp buffer printf "-------\n\n" end end |
#wrong_password?(buffer, regexp) ⇒ Boolean
37 38 39 |
# File 'lib/utm-plc.rb', line 37 def wrong_password? buffer, regexp !buffer[ Regexp.new( regexp ) ].nil? end |