awd自动化（一）

zhaorong · 发表于 WEB前端技术 2021-6-22 15:29:34


	前言之前用finalshell,但是总感觉有时候比较卡顿 download源码有些bug 现在已经转成electerm了写了几个小脚本来自动化代码比较烂还在不断更新中修改ssh弱口令 # coding:utf-8 # py2 import paramiko import os,sys import logging logging.raiseExceptions = False username = 'root' # 修改 file = open('ip.list') # 修改 newpasswd = "asdasd" # 修改 def ssh_connect(ip_line,username): ip = str(ip_line.split(' ')[0]) port = str(ip_line.split(' ')[1]) oldpasswd = str(ip_line.split(' ')[2]).strip() ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) try: ssh.connect(ip,port,username,oldpasswd) print(ip + " 连接成功!") return ip,ssh except: print(ip + " 连接失败!") exit() # 方法一暂时没有办法判断是否密码修改成功 def change_pwd_1(ssh,newpasswd): stdin,stdout,sterr = ssh.exec_command('echo root:%s \| chpasswd' % (newpasswd)) out, err = stdout.read(), sterr.read() # 方法二可以判断密码是否修改成功并输出返回信息 def change_pwd_2(ssh,newpasswd): command = "passwd %s" % (username) stdin, stdout, stderr = ssh.exec_command(command) stdin.write(newpasswd + '\n' + newpasswd + '\n') out, err = stdout.read(), stderr.read() successful = 'password updated successfully' if successful in str(err): print(ip + " 密码修改成功！") else: print(str(err)) print(ip + " 密码修改失败！") for line in file: ip,ssh = ssh_connect(line,username) # change_pwd_1(ssh,newpasswd) change_pwd_2(ssh,newpasswd) ssh.close() file.close() 复制代码 ip.list格式 ip 端口老密码 node3.buuoj.cn 25139 asdasd node3.buuoj.cn 25360 asdasd 复制代码效果演示修改密码前修改密码连接失败更换密码连接成功自动化download web源码 # coding:utf-8 # py2 import paramiko import os,sys import logging logging.raiseExceptions = False ip = "127.0.0.1" # 修改 port = 22222 # 修改 username = 'root' # 修改 PrivateKey_id_rsa_file = "./id_rsa" # 修改 game_dir = "/Users/asura/asura/za/xxxxctf/" # 修改 server_web_DOCUMENT_ROOT = "/var/www/html" # 修改 web_zip_name = "web1.tar.gz" # 修改 private_key = paramiko.RSAKey.from_private_key_file(PrivateKey_id_rsa_file) def ssh_connect(ip,port,username): ssh = paramiko.SSHClient() # 把要连接得机器添加到 known_hosts 文件中 ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) try: ssh.connect(ip,port,username,pkey=private_key,allow_agent=False, look_for_keys=False) print(ip + " 连接成功!") return ssh except: print(ip + " 连接失败!") exit() def download_bak_html(ssh): # 压缩源码到服务器的tmp目录下 command1 = "tar -zcvf /tmp/{} -C {} .".format(web_zip_name,server_web_DOCUMENT_ROOT) stdin, stdout, stderr = ssh.exec_command(command1) # stdin.write(newpasswd + '\n' + newpasswd + '\n') out, err = stdout.read(), stderr.read() print(out) # 将源码传到本地 transport = paramiko.Transport((ip, port)) transport.connect(username='root', pkey=private_key) sftp = paramiko.SFTPClient.from_transport(transport) sftp.get("/tmp/{}".format(web_zip_name),"{}{}".format(game_dir,web_zip_name)) # sftp.put('/tmp/location.py', '/tmp/test.py') # 上传1到2 transport.close() if __name__ == "__main__": # 创建ssh连接 ssh = ssh_connect(ip,port,username) download_bak_html(ssh) # 创建解压目录，解压源码 os.system("mkdir {} && tar -zxvf {} -C {}".format(game_dir+web_zip_name.split(".")[0],ga me_dir+web_zip_name,game_dir+web_zip_name.split(".")[0])) 复制代码效果演示 docker中的web目录 2ec43556ad8a kalinew2 "bash" 13 hours ago Up 13 hours 0.0.0.0:22222->22/tcp, 0.0.0.0:10011->80/tcp kalinew 复制代码 docker22端口映射到了22222端口 docker /tmp目录也-v 挂载了出来 xxxxctf文件夹运行脚本成功tar打包靶机的web源码到靶机的/tmp目录下然后sftp从靶机中拷贝到本机的这次xxxxctf比赛的文件夹下并解压

微信扫一扫 分享朋友圈

awd自动化（一）

微信扫一扫分享朋友圈