Top Level Namespace
Instance Method Summary collapse
- #_host ⇒ Object
- #_lu_password ⇒ Object
- #_port ⇒ Object
- #_ru_password ⇒ Object
- #add_nl(s) ⇒ Object
- #become_root ⇒ Object
- #debug(string) ⇒ Object
- #disable_echo(&block) ⇒ Object
- #extract_action(raw_assignment) ⇒ Object
- #extract_cff_profiles(raw_proxy_profile) ⇒ Object
- #extract_profiles(http) ⇒ Object
- #fingerprint_prompt?(string) ⇒ Boolean
- #get(x, command = 'get') ⇒ Object
- #get_action(raw_assignment) ⇒ Object
- #get_comment(raw) ⇒ Object
- #get_name(raw) ⇒ Object
- #get_object(x) ⇒ Object
- #log(string = String.new) ⇒ Object
- #log_accessed?(action) ⇒ Boolean
- #log_blocked?(action) ⇒ Boolean
- #login ⇒ Object
- #print_raction(raw_action) ⇒ Object
- #print_results(results) ⇒ Object
- #prompt(question, password = false) ⇒ Object
- #run ⇒ Object
- #search_profiles(profiles) ⇒ Object
- #until_prompt(prompt) ⇒ Object
Instance Method Details
#_host ⇒ Object
25 |
# File 'lib/utm-plc.rb', line 25 def _host; prompt('Which host?: ') end |
#_lu_password ⇒ Object
27 |
# File 'lib/utm-plc.rb', line 27 def _lu_password; prompt('What is the password for loginuser?: ', true) end |
#_port ⇒ Object
26 |
# File 'lib/utm-plc.rb', line 26 def _port; prompt('What port?: ') end |
#_ru_password ⇒ Object
28 |
# File 'lib/utm-plc.rb', line 28 def _ru_password; prompt('What is the password for root?: ', true) end |
#add_nl(s) ⇒ Object
42 43 44 45 |
# File 'lib/utm-plc.rb', line 42 def add_nl s #append a "\n" (newline) to a string if it doesn't already end with one. (s[/\\n$/].nil? ? s+"\n" : s) end |
#become_root ⇒ Object
67 68 69 70 71 72 73 74 |
# File 'lib/utm-plc.rb', line 67 def become_root log "Using su to become root..." $in.printf( "su\n" ) debug until_prompt( 'Password:' ) $in.printf( "#{_ru_password}\n" ) debug until_prompt( '/home/login #' ) log "Am now root." end |
#debug(string) ⇒ Object
54 55 56 57 58 59 |
# File 'lib/utm-plc.rb', line 54 def debug string if $logging and $debugging printf add_nl(string) end string end |
#disable_echo(&block) ⇒ Object
33 34 35 36 37 38 39 40 |
# File 'lib/utm-plc.rb', line 33 def disable_echo &block system('stty -echo') x=yield system('stty echo') #so that the next line doesn't start on the same line as the password prompt log x end |
#extract_action(raw_assignment) ⇒ Object
95 96 97 |
# File 'lib/utm-plc.rb', line 95 def extract_action raw_assignment raw_assignment[/'action' => '[^']*/].gsub(/'action' => '/,'').strip end |
#extract_cff_profiles(raw_proxy_profile) ⇒ Object
87 88 89 90 91 92 93 |
# File 'lib/utm-plc.rb', line 87 def extract_cff_profiles raw_proxy_profile log "Found cff_profiles: " cff_p=raw_proxy_profile[/'cff_profiles' => \[[^\]]*/].gsub( "'cff_profiles' => \[",'' ). strip.gsub(',','').strip.gsub(/^'/,'').gsub(/'$/,'').strip.gsub(/^'/,'').gsub(/'$/,'') log " -- "+cff_p cff_p end |
#extract_profiles(http) ⇒ Object
76 77 78 79 80 81 82 83 84 85 |
# File 'lib/utm-plc.rb', line 76 def extract_profiles http debug "Extracting profiles from 'http'=" profiles=http[/'profiles' => \[[^\]]*/].gsub( "'profiles' => \[",'' ).split(',').collect {|p| p.strip.gsub(/^'/,'').gsub(/'$/,'') } log "Found #{profiles.size} profiles:" profiles.each {|p| log " -- "+p } end |
#fingerprint_prompt?(string) ⇒ Boolean
175 176 177 |
# File 'lib/utm-plc.rb', line 175 def fingerprint_prompt? string !string[/\(yes\/no\)\?/].nil? end |
#get(x, command = 'get') ⇒ Object
148 149 150 151 152 |
# File 'lib/utm-plc.rb', line 148 def get x, command='get' debug "Running: 'cc #{command} #{x}'..." $in.printf("cc #{command} #{x}\n") debug until_prompt(':/home/login #') end |
#get_action(raw_assignment) ⇒ Object
167 168 169 |
# File 'lib/utm-plc.rb', line 167 def get_action raw_assignment raw_assignment[/'action' => '[^']*/].gsub(/'action' => '/,'').strip end |
#get_comment(raw) ⇒ Object
163 164 165 |
# File 'lib/utm-plc.rb', line 163 def get_comment raw raw[/'comment' => '[^']*/].gsub(/'comment' => '/,'') end |
#get_name(raw) ⇒ Object
159 160 161 |
# File 'lib/utm-plc.rb', line 159 def get_name raw raw[/'name' => '[^']*/].gsub(/'name' => '/,'') end |
#get_object(x) ⇒ Object
171 172 173 |
# File 'lib/utm-plc.rb', line 171 def get_object x get x, 'get_object' end |
#log(string = String.new) ⇒ Object
47 48 49 50 51 52 |
# File 'lib/utm-plc.rb', line 47 def log string=String.new if $logging==true printf add_nl(string) end string end |
#log_accessed?(action) ⇒ Boolean
123 124 125 126 127 128 |
# File 'lib/utm-plc.rb', line 123 def log_accessed? action if action[/'log_access' => \d/].nil? raise ArgumentError "log_accessed?(action): action doesn't contain a 'log_access' attribute?" end action[/'log_access' => \d/].gsub(/'log_access' => /,'')=='1' end |
#log_blocked?(action) ⇒ Boolean
130 131 132 133 134 135 |
# File 'lib/utm-plc.rb', line 130 def log_blocked? action if action[/'log_blocked' => \d/].nil? raise ArgumentError "log_blocked?(action): action doesn't contain a 'log_blocked' attribute?" end action[/'log_blocked' => \d/].gsub(/'log_blocked' => /,'')=='1' end |
#login ⇒ Object
61 62 63 64 65 |
# File 'lib/utm-plc.rb', line 61 def login log "Logging in as loginuser..." $in.printf( _lu_password + "\n" ) debug until_prompt( '/home/login >' ) end |
#print_raction(raw_action) ⇒ Object
154 155 156 157 |
# File 'lib/utm-plc.rb', line 154 def print_raction raw_action log "Name: #{get_name(raw_action)}" log "Comment: #{get_comment(raw_action)}" end |
#print_results(results) ⇒ Object
137 138 139 140 141 142 143 144 145 146 |
# File 'lib/utm-plc.rb', line 137 def print_results results log "\n\nPrinting results:" results.each {|action| if !log_accessed?(action) log "Please activate the 'Log Accessed Pages' option for the Web Filter Action named: #{get_name(action)}" elsif !log_blocked?(action) log "Please activate the 'Log Blocked Pages' option for the Web Filter Action named: #{get_name(action)}" end } end |
#prompt(question, password = false) ⇒ Object
202 203 204 205 206 207 208 209 210 211 |
# File 'lib/utm-plc.rb', line 202 def prompt question, password=false printf question if password==true disable_echo { (s=gets.strip).empty? ? prompt(question) : s } else (s=gets.strip).empty? ? prompt(question) : s end end |
#run ⇒ Object
213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 |
# File 'lib/utm-plc.rb', line 213 def run PTY.spawn("ssh -p #{_port} loginuser@#{_host}") {|stdout,stdin,pid| old_out=$out; $out=stdout old_in=$in; $in =stdin $logging=true debug( until_prompt('password:') ) login become_root #Because the main Web Filter is treated as a profile, this #will operate on all Web Filters and proxy profiles. results= search_profiles( extract_profiles( get('http') ) ) print_results( results ) stdin.printf( "exit\n" ) until_prompt( ":/home/login >" ) stdin.printf( "exit\n" ) $out=old_out $in=old_in } log 'Done' end |
#search_profiles(profiles) ⇒ Object
99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 |
# File 'lib/utm-plc.rb', line 99 def search_profiles profiles if profiles.class!=Array raise ArgumentError "search_profiles(profiles): 'profiles' must be an array but it's something else, possibly a cheeseburger..." elsif profiles.empty? raise ArgumentError "search_profiles(profiles): 'profiles' must be a non-empty array! What have you done?!?" end results=[] profiles.each {|profile| debug raw_proxy_profile=get_object(profile) log "\nChecking profile: #{get_name(raw_proxy_profile)}" debug raw_assignment=get_object( extract_cff_profiles(raw_proxy_profile) ) log "Got the assignment for that profile..." action= get_action(raw_assignment) raw_action= get_object( extract_action(raw_assignment) ) log "Got the action for that assignment..." if !log_accessed?(raw_action) || !log_blocked?(raw_action) log "Found an action that isn't logging everything: #{get_name(raw_action)}" results << raw_action end } results end |
#until_prompt(prompt) ⇒ Object
179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 |
# File 'lib/utm-plc.rb', line 179 def until_prompt( prompt ) buffer= "" begin Timeout.timeout( 5 ) { loop do buffer << $out.getc.chr if fingerprint_prompt?(buffer) printf "SSH Fingerprint prompt detected.\nPlease SSH to this system at least once before using this program to verify the SSH fingerprint manually, then run this program again.\n\n" exit end break if buffer =~ Regexp.new(prompt) end } buffer rescue Timeout::Error => error printf "Error - Timed out waiting for \"#{prompt.gsub('"','\"') }\", printing stacktrace...\n " printf error.backtrace.join("\n") + "\n" printf "Dumping buffer...\n" pp buffer printf "-------\n\n" end end |