X-Git-Url: https://git.ucc.asn.au/?a=blobdiff_plain;f=src%2Flink%2Fpexpect%2Fexamples%2Fcgishell.cgi;fp=src%2Flink%2Fpexpect%2Fexamples%2Fcgishell.cgi;h=0000000000000000000000000000000000000000;hb=edf8e5b569e75692d61a44f2c3241fb6410e4fbd;hp=1e3affc1cab62d23a37462d5b620e8523e414ca8;hpb=35ff18a5beda685e59ca898026570d67b7ead333;p=progcomp10.git diff --git a/src/link/pexpect/examples/cgishell.cgi b/src/link/pexpect/examples/cgishell.cgi deleted file mode 100755 index 1e3affc..0000000 --- a/src/link/pexpect/examples/cgishell.cgi +++ /dev/null @@ -1,762 +0,0 @@ -#!/usr/bin/python -##!/usr/bin/env python -"""CGI shell server - -This exposes a shell terminal on a web page. -It uses AJAX to send keys and receive screen updates. -The client web browser needs nothing but CSS and Javascript. - - --hostname : sets the remote host name to open an ssh connection to. - --username : sets the user name to login with - --password : (optional) sets the password to login with - --port : set the local port for the server to listen on - --watch : show the virtual screen after each client request - -This project is probably not the most security concious thing I've ever built. -This should be considered an experimental tool -- at best. -""" -import sys,os -sys.path.insert (0,os.getcwd()) # let local modules precede any installed modules -import socket, random, string, traceback, cgi, time, getopt, getpass, threading, resource, signal -import pxssh, pexpect, ANSI - -def exit_with_usage(exit_code=1): - print globals()['__doc__'] - os._exit(exit_code) - -def client (command, host='localhost', port=-1): - """This sends a request to the server and returns the response. - If port <= 0 then host is assumed to be the filename of a Unix domain socket. - If port > 0 then host is an inet hostname. - """ - if port <= 0: - s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) - s.connect(host) - else: - s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - s.connect((host, port)) - s.send(command) - data = s.recv (2500) - s.close() - return data - -def server (hostname, username, password, socket_filename='/tmp/server_sock', daemon_mode = True, verbose=False): - """This starts and services requests from a client. - If daemon_mode is True then this forks off a separate daemon process and returns the daemon's pid. - If daemon_mode is False then this does not return until the server is done. - """ - if daemon_mode: - mypid_name = '/tmp/%d.pid' % os.getpid() - daemon_pid = daemonize(daemon_pid_filename=mypid_name) - time.sleep(1) - if daemon_pid != 0: - os.unlink(mypid_name) - return daemon_pid - - virtual_screen = ANSI.ANSI (24,80) - child = pxssh.pxssh() - try: - child.login (hostname, username, password, login_naked=True) - except: - return - if verbose: print 'login OK' - virtual_screen.write (child.before) - virtual_screen.write (child.after) - - if os.path.exists(socket_filename): os.remove(socket_filename) - s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) - s.bind(socket_filename) - os.chmod(socket_filename, 0777) - if verbose: print 'Listen' - s.listen(1) - - r = roller (endless_poll, (child, child.PROMPT, virtual_screen)) - r.start() - if verbose: print "started screen-poll-updater in background thread" - sys.stdout.flush() - try: - while True: - conn, addr = s.accept() - if verbose: print 'Connected by', addr - data = conn.recv(1024) - request = data.split(' ', 1) - if len(request)>1: - cmd = request[0].strip() - arg = request[1].strip() - else: - cmd = request[0].strip() - arg = '' - - if cmd == 'exit': - r.cancel() - break - elif cmd == 'sendline': - child.sendline (arg) - time.sleep(0.1) - shell_window = str(virtual_screen) - elif cmd == 'send' or cmd=='xsend': - if cmd=='xsend': - arg = arg.decode("hex") - child.send (arg) - time.sleep(0.1) - shell_window = str(virtual_screen) - elif cmd == 'cursor': - shell_window = '%x,%x' % (virtual_screen.cur_r, virtual_screen.cur_c) - elif cmd == 'refresh': - shell_window = str(virtual_screen) - elif cmd == 'hash': - shell_window = str(hash(str(virtual_screen))) - - response = [] - response.append (shell_window) - if verbose: print '\n'.join(response) - sent = conn.send('\n'.join(response)) - if sent < len (response): - if verbose: print "Sent is too short. Some data was cut off." - conn.close() - except e: - pass - r.cancel() - if verbose: print "cleaning up socket" - s.close() - if os.path.exists(socket_filename): os.remove(socket_filename) - if verbose: print "server done!" - -class roller (threading.Thread): - """This class continuously loops a function in a thread. - This is basically a thin layer around Thread with a - while loop and a cancel. - """ - def __init__(self, function, args=[], kwargs={}): - threading.Thread.__init__(self) - self.function = function - self.args = args - self.kwargs = kwargs - self.finished = threading.Event() - def cancel(self): - """Stop the roller.""" - self.finished.set() - def run(self): - while not self.finished.isSet(): - self.function(*self.args, **self.kwargs) - -def endless_poll (child, prompt, screen, refresh_timeout=0.1): - """This keeps the screen updated with the output of the child. - This will be run in a separate thread. See roller class. - """ - #child.logfile_read = screen - try: - s = child.read_nonblocking(4000, 0.1) - screen.write(s) - except: - pass - -def daemonize (stdin=None, stdout=None, stderr=None, daemon_pid_filename=None): - """This runs the current process in the background as a daemon. - The arguments stdin, stdout, stderr allow you to set the filename that the daemon reads and writes to. - If they are set to None then all stdio for the daemon will be directed to /dev/null. - If daemon_pid_filename is set then the pid of the daemon will be written to it as plain text - and the pid will be returned. If daemon_pid_filename is None then this will return None. - """ - UMASK = 0 - WORKINGDIR = "/" - MAXFD = 1024 - - # The stdio file descriptors are redirected to /dev/null by default. - if hasattr(os, "devnull"): - DEVNULL = os.devnull - else: - DEVNULL = "/dev/null" - if stdin is None: stdin = DEVNULL - if stdout is None: stdout = DEVNULL - if stderr is None: stderr = DEVNULL - - try: - pid = os.fork() - except OSError, e: - raise Exception, "%s [%d]" % (e.strerror, e.errno) - - if pid != 0: # The first child. - os.waitpid(pid,0) - if daemon_pid_filename is not None: - daemon_pid = int(file(daemon_pid_filename,'r').read()) - return daemon_pid - else: - return None - - # first child - os.setsid() - signal.signal(signal.SIGHUP, signal.SIG_IGN) - - try: - pid = os.fork() # fork second child - except OSError, e: - raise Exception, "%s [%d]" % (e.strerror, e.errno) - - if pid != 0: - if daemon_pid_filename is not None: - file(daemon_pid_filename,'w').write(str(pid)) - os._exit(0) # exit parent (the first child) of the second child. - - # second child - os.chdir(WORKINGDIR) - os.umask(UMASK) - - maxfd = resource.getrlimit(resource.RLIMIT_NOFILE)[1] - if maxfd == resource.RLIM_INFINITY: - maxfd = MAXFD - - # close all file descriptors - for fd in xrange(0, maxfd): - try: - os.close(fd) - except OSError: # fd wasn't open to begin with (ignored) - pass - - os.open (DEVNULL, os.O_RDWR) # standard input - - # redirect standard file descriptors - si = open(stdin, 'r') - so = open(stdout, 'a+') - se = open(stderr, 'a+', 0) - os.dup2(si.fileno(), sys.stdin.fileno()) - os.dup2(so.fileno(), sys.stdout.fileno()) - os.dup2(se.fileno(), sys.stderr.fileno()) - - return 0 - -def client_cgi (): - """This handles the request if this script was called as a cgi. - """ - sys.stderr = sys.stdout - ajax_mode = False - TITLE="Shell" - SHELL_OUTPUT="" - SID="NOT" - print "Content-type: text/html;charset=utf-8\r\n" - try: - form = cgi.FieldStorage() - if form.has_key('ajax'): - ajax_mode = True - ajax_cmd = form['ajax'].value - SID=form['sid'].value - if ajax_cmd == 'send': - command = 'xsend' - arg = form['arg'].value.encode('hex') - result = client (command + ' ' + arg, '/tmp/'+SID) - print result - elif ajax_cmd == 'refresh': - command = 'refresh' - result = client (command, '/tmp/'+SID) - print result - elif ajax_cmd == 'cursor': - command = 'cursor' - result = client (command, '/tmp/'+SID) - print result - elif ajax_cmd == 'exit': - command = 'exit' - result = client (command, '/tmp/'+SID) - print result - elif ajax_cmd == 'hash': - command = 'hash' - result = client (command, '/tmp/'+SID) - print result - elif not form.has_key('sid'): - SID=random_sid() - print LOGIN_HTML % locals(); - else: - SID=form['sid'].value - if form.has_key('start_server'): - USERNAME = form['username'].value - PASSWORD = form['password'].value - dpid = server ('127.0.0.1', USERNAME, PASSWORD, '/tmp/'+SID) - SHELL_OUTPUT="daemon pid: " + str(dpid) - else: - if form.has_key('cli'): - command = 'sendline ' + form['cli'].value - else: - command = 'sendline' - SHELL_OUTPUT = client (command, '/tmp/'+SID) - print CGISH_HTML % locals() - except: - tb_dump = traceback.format_exc() - if ajax_mode: - print str(tb_dump) - else: - SHELL_OUTPUT=str(tb_dump) - print CGISH_HTML % locals() - -def server_cli(): - """This is the command line interface to starting the server. - This handles things if the script was not called as a CGI - (if you run it from the command line). - """ - try: - optlist, args = getopt.getopt(sys.argv[1:], 'h?d', ['help','h','?', 'hostname=', 'username=', 'password=', 'port=', 'watch']) - except Exception, e: - print str(e) - exit_with_usage() - - command_line_options = dict(optlist) - options = dict(optlist) - # There are a million ways to cry for help. These are but a few of them. - if [elem for elem in command_line_options if elem in ['-h','--h','-?','--?','--help']]: - exit_with_usage(0) - - hostname = "127.0.0.1" - #port = 1664 - username = os.getenv('USER') - password = "" - daemon_mode = False - if '-d' in options: - daemon_mode = True - if '--watch' in options: - watch_mode = True - else: - watch_mode = False - if '--hostname' in options: - hostname = options['--hostname'] - if '--port' in options: - port = int(options['--port']) - if '--username' in options: - username = options['--username'] - if '--password' in options: - password = options['--password'] - else: - password = getpass.getpass('password: ') - - server (hostname, username, password, '/tmp/mysock', daemon_mode) - -def random_sid (): - a=random.randint(0,65535) - b=random.randint(0,65535) - return '%04x%04x.sid' % (a,b) - -def parse_host_connect_string (hcs): - """This parses a host connection string in the form - username:password@hostname:port. All fields are options expcet hostname. A - dictionary is returned with all four keys. Keys that were not included are - set to empty strings ''. Note that if your password has the '@' character - then you must backslash escape it. - """ - if '@' in hcs: - p = re.compile (r'(?P[^@:]*)(:?)(?P.*)(?!\\)@(?P[^:]*):?(?P[0-9]*)') - else: - p = re.compile (r'(?P)(?P)(?P[^:]*):?(?P[0-9]*)') - m = p.search (hcs) - d = m.groupdict() - d['password'] = d['password'].replace('\\@','@') - return d - -def pretty_box (s, rows=24, cols=80): - """This puts an ASCII text box around the given string. - """ - top_bot = '+' + '-'*cols + '+\n' - return top_bot + '\n'.join(['|'+line+'|' for line in s.split('\n')]) + '\n' + top_bot - -def main (): - if os.getenv('REQUEST_METHOD') is None: - server_cli() - else: - client_cgi() - -# It's mostly HTML and Javascript from here on out. -CGISH_HTML=""" - - -%(TITLE)s %(SID)s - - - - - - - - -
- - -

- - - - -
- - - - - -
- - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - -
- - - - - - - - - - - - - -
- - - - - - - - - - - - - - -
- -
-
- - -""" - -LOGIN_HTML=""" - -Shell Login - - - - - -
- - -username:
-password:
- -
-
- - -""" - -if __name__ == "__main__": - try: - main() - except Exception, e: - print str(e) - tb_dump = traceback.format_exc() - print str(tb_dump) -