-
Notifications
You must be signed in to change notification settings - Fork 4
/
kvm_avocent.py
executable file
·149 lines (127 loc) · 4.05 KB
/
kvm_avocent.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
#!/usr/bin/env python3
import bs4 as BeautifulSoup
import collections
import os
import os.path
import requests
import subprocess
import sys
import urllib.parse as urlparse
import urllib3
if len(sys.argv) != 5:
print("%s <user> <password> <ipmi address> <system>" % (sys.argv[0],))
sys.exit(1)
user = sys.argv[1]
pswd = sys.argv[2]
host = sys.argv[3]
syst = sys.argv[4].lower()
# Silence SSL Certification warnings
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
def meta_redirect(content):
soup = BeautifulSoup.BeautifulSoup(content, "html.parser")
result = soup.find("meta", attrs={"http-equiv": "Refresh"})
if result:
wait, text = result["content"].split(";")
if text.strip().lower().startswith("url="):
url = text[4:]
return url
return None
# Start a requests Session to have persistent cookies
s = requests.Session()
s.headers.update(
{
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:63.0) Gecko/20100101 Firefox/63.0",
"Accept-Language": "en-US,en;q=0.5",
}
)
s.verify = False
# Grab login page
s.get("https://%s/" % (host,))
# Login
data = collections.OrderedDict(
[
("action", "SAVE"),
("filename", "login"),
("htmlLanguage", 0),
("id", "(NULL)"),
("index", "(NULL)"),
("loginPassword", pswd),
("loginUsername", user),
("saveParms", "login"),
("spcDevice", "(NULL)"),
("spcInlet", "(NULL)"),
("spcSocket", "(NULL)"),
("userindex", "(NULL)"),
]
)
r = s.post(
"https://%s/cgi-bin/kvm.cgi?&file=login" % (host,),
headers={"Referer": "https://%s/cgi-bin/kvm.cgi?&file=login" % (host,)},
data=data,
)
# Verify we correctly authenticated
assert "User Login" not in r.text
# Follow meta redirects until we have the main page on the device
while meta_redirect(r.text):
r = s.get(
"https://%s%s" % (host, meta_redirect(r.text)),
headers={"Referer": "https://%s/cgi-bin/kvm.cgi?&file=login" % (host,)},
)
# Extract userid from url
userid = urlparse.parse_qs(urllib3.util.parse_url(r.url).query)["userid"][0]
# Parse our available hosts and their IDs
soup = BeautifulSoup.BeautifulSoup(r.text, "html.parser")
devices = {}
for item in (
soup.find(id="progressContent")
.find_all("table")[2]
.find("table")
.find_all("tr")[1:]
):
name = item.find_all("span")[1].text
devices[name.lower()] = {
"idx": None,
"intf": item.find_all("span")[2].text,
"state": item.find_all("span")[3].text,
"device_url": item.find_all("a")[0].attrs.get("href", None),
"action_url": item.find_all("a")[1].attrs.get("href", None),
}
devices[name.lower()]["idx"] = int(
urlparse.parse_qs(devices[name.lower()]["device_url"])["index"][0]
)
# Bail if the system is not found
assert syst in devices
# Download viewer
r = s.get(
"https://%s/cgi-bin/kvm.cgi?&file=jnlp&userID=%s&index=%s"
% (host, userid, devices[syst]["idx"]),
headers={"Referer": r.url},
)
with open("viewer.jnlp", "w") as f:
f.write(r.text)
# Verify we actually got some data
assert os.path.getsize("viewer.jnlp") > 0
# Write out temporary weak java security settings. Just to make sure we're not breaking on old KVM viewers
with open("java.security", "w") as f:
f.write(
"""jdk.certpath.disabledAlgorithms=
jdk.jar.disabledAlgorithms=
jdk.tls.disabledAlgorithms=
jdk.tls.legacyAlgorithms= \
K_NULL, C_NULL, M_NULL, \
DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
DH_RSA_EXPORT, RSA_EXPORT, \
DH_anon, ECDH_anon, \
RC4_128, RC4_40, DES_CBC, DES40_CBC, \
3DES_EDE_CBC"""
)
# Start javaws viewer
subprocess.call(
["javaws", "-J-Djava.security.properties=java.security", "-wait", "viewer.jnlp"]
)
# Remove our temporary files
os.remove("viewer.jnlp")
os.remove("java.security")
# Logout
data = collections.OrderedDict([("file", "logout"), ("userID", userid)])
r = s.get("https://%s/cgi-bin/kvm.cgi" % (host,), headers={"Referer": r.url})