Note: i have not included exact addresses for privacy reasons.
Here is the procedure I would like to be able to do:
I am first proceeding into telnet as follows.
telnet <myaddress> <myport>
Then, the following message appears, followed by a flashing cursor
Trying <some address>...
Connected to <cloud address>.
Escape character is '^]'.
At this stage, I would like to enter Two Carriage Returns (ASCII 13 or '\r') spaced 100 milliseconds apart.
--
How can I achieve this while in telnet mode that does not require me to manually hit Carriage Return at the right timing?
Pipe the output of a command or script that outputs the characters you want with appropriate timing.
{ printf '\r'; sleep .1; printf '\r'; } | telnet <myaddress> <myport>
Related
I am struggling with executing command via telnet/expect.
set send_slow {500 .5}
send -s -- "show slot *\r"
expect {
".*>" {
send -s -- "y\r"
exp_continue
}
".*#\s"
}
send -s "who\r"
expect "# "
send -s "alm\r"
expect "# "
send -s -- "logout\r"
show slot command prints card in slots. Due to paging user is asked to continue. After execution that a prompt NODE2-1# is shown and I want to execute command who.
What I get is:
2/36 PF Empty Up Down UEQ
2/37 FAN FAN Up Up
2/38 Empty Empty Down Down UAS UEQ
2/39 Empty Empty Down Down UAS UEQ
25/1 SFD40 SFD40 Up Up
Node2-1#<br> Node2-1# who
Session Username Date Terminal
-------------------------------------------------------------------------------
116 (cli tel) * admin May 29 06:57 XX.X.XX.XX
Node2-1# almlogout
Alarm Status: Critical-3 Major-0 Minor-0
As you can see, first prompt is left empty and in second one there is a command. It takes few seconds to execute it.
Moreover, below one can see, that in prompt there is pasted command almlogout. These two are separate commands -> alm and logout. However, they are pasted together.
Question is - how to execute command in prompt without that delay, and second - how to separate two commands
By default, expect statement's pattern is in glob style so ".*>" should be -re ".*>" and ".*#\s" should be -re ".*#\\s" or -re {.*#\s} ("\s" is actually "s").
And since .* can match nothing, so -re {.*>} is the same as -re {>} and -re {.*#\s} the same as -re {#\s}.
I'm using 2 scripts. A bash and an expect script. the bash is just a for loop with a set of IPs. If I can, I would use the expect script to create a variable near the beginning, right after login. It would look for the hostname, assign it to a variable, then use that variable as the 'match' after show tech output.
Also, the IPs are example. I'm not actually expecting (no pun intended) this to operate on public DNS IPs. Ok ok, you got me, I put this disclaimer here just so I could 'not' make that pun.
#!/bin/bash
arrayHOST+=( '8.8.8.8' '8.8.4.4' '4.2.2.2' '4.2.2.1' )
username="user1"; password="pass1"
for host in ${arrayHOST[#]}; do
./expect.sh $host $username $password >> $host.txt
done
and the expect script:
#!/usr/bin/expect -f
#log_user 0
set timeout -1
set varIP1 [lindex $argv 0]
set varUSER [lindex $argv 1]
set varPASS [lindex $argv 2]
spawn telnet $varIP1
expect "Username:"
send "$varUSER\r"
expect "Password:"
send "$varPASS\n"
expect "#"
send "term leng 0\r"
expect "#"
send "term wid 0\r"
expect "#"
send "show tech\r"
expect "#"
puts $expect_out(buffer);
Problem is that there are '#' characters that match before the command finishes so I don't get to capture the whole thing. Points to consider:
The end of the output from 'show tech' isn't the same on every device in the IP list unless you consider the hostname of the device itself.
Yes, I know I can "show tech | redirect tftp:// etc". This wont help me achieve the desired results.
I've tried 'not expecting anything' but this causes expect to not capture anything. (sending show tech without following with a new line containing expect "#" or anything else)
spawn telnet 8.8.8.8
Trying 8.8.8.8...
Connected to 8.8.8.8.
Escape character is '^]'.
User Access Verification
Username: benjamin
Password:
rowtar#term leng 0
rowtar#term wid 0
rowtar#term wid 0
rowtar#
I really like the idea of trying to regex/match an expect variable to the output that matches the hostname of the device but I don't how to do that. In my example, I would try to match "rowtar#" but without per-defining that ahead of time or before the expect script is called.
The solution was looking me right in the face.
Simply:
expect -re #$
matching any line ending with #
I still encourage someone to help/answer with hostname matching to a variable
I’m creating a small script to take the output from tshark and print it out to terminal. I'm trying to to only filter by requests made through the browser address bar.
So when www.facebook.com is loaded, the terminal only prints out facebook.com, rather than fbstatic-a.akamaihd.net etc .. (other DNS requests made through the requested website)
This program loops forever repeating dns requests and writes to the terminal.
Any ideas?
Would the following work for you?
$ tshark -r dns.pcap -T fields -e dns.qry.name -Y "dns.qry.type == 0x0001 and udp.dstport == 53"
www.yahoo.com
The display filter (the part after "Y") is to limit the query type to be for A record (you want to avoid CNAME etc) in the request.
dns.qry.type == 0x0001 is for A record, udp.dstport == 53 is for DNS request.
Hope it helps.
I have a file opened both for reading and writing and associated this file with file descriptor 3, i.e. exec 3<>/dev/udp/10.10.10.1/161. When I redirect a crafted UDP packet to file descriptor 3 and receive a reply, then how can I read it from file-descriptor 3? Usual tools like cat or read do not work well as UDP packet(essentially just a bit stream) received as a reply does not have a newline or EOF and for example cat does not know that there is no more data to expect. For example here you can see how I had to SIGINT the cat:
$ cat <&3
0Gpublic�:�0,0+C1841.local^C
$
I would like to check if there was any UDP data received from 10.10.10.1 and this means that if file-descriptor 3 contains some data(even a single bit), then reply was received.
Your problem is that you cannot recognize an end-of-packet properly. There is not EOF (as you noticed) signifier (like a special character or file-closed event or similar). Instead all you can do is either
read a fixed size of characters (in case your packets are fixed in size) or
read single tokens (maybe bytes) until your packet's syntax states that it is complete or
read until a timeout occurred.
The first two are up to your responsibility, in case this is possible.
The last one can be achieved using a cat in a subshell which you kill after a certain amount of time:
cat <&3 & pid=$!
sleep 0.1
kill "$pid" 2>/dev/null
Put this in a function and each call will last one 0.1s and output what could be read in that time.
Have a text file w/ around 3 million URL's of sites I want to block.
Trying to ping them one by one (yes, I know it is going to take some time).
Have a script (yes, I am a bit slow in BASH) which reads the lines one at a time from text file.
Obviously cannot print text file here. Text file was created >> w/ Python some time ago.
Problem is that ping returns "unknown host" w/ every entry. If I make a smaller file by hand using the same entries the script works. I thought it may be a white space or end of line issue so tried addressing that in script. What could the issue possibly be?
#!/bin/bash
while read line
do
li=$(echo $line|tr -d '\n')
li2=$(echo $li|tr -d ' ')
if [ ${#line} -lt 2 ]
then
continue
fi
ping -c 2 -- $li2>>/dev/null
if [ $? -gt 0 ]
then
echo 'bad'
else
echo 'good'
fi
done<'temp_file.txt'
Does the file contains URLs or hostnames ?
If it contains URLs you must extract the hostname from URLs before pinging:
hostname=$(echo "$li2"|cut -d/ -f3);
ping -c 2 -- "$hostname"
Ping is used to ping hosts. If you have URLs of websites, then it will not work. Check that you have hosts in your file , example www.google.com or an IP address and not actual full website urls. If you want to check actual URLs, use a tool like wget and another tool like grep/awk to grab for errors like 404 or others. Last but not least, people who are security conscious will sometimes block pinging from the outside, so take note.
C heck if the file contains windows-style \r\n line endings: head file | od -c
If so, to fix it: dos2unix filename filename
I wouldn't use ping for this. It can easily be blocked, and it's not the best way to check for either ip addresses or if a server presents web pages.
If you just want to find the corresponding IP, use host:
$ host www.google.com
www.google.com is an alias for www.l.google.com.
www.l.google.com has address 209.85.149.106
www.l.google.com has address 209.85.149.147
www.l.google.com has address 209.85.149.99
www.l.google.com has address 209.85.149.103
www.l.google.com has address 209.85.149.104
www.l.google.com has address 209.85.149.105
As you see, you get all the IPs registered to a host. (Note that this requires you to parse the hostname from your urls!)
If you want to see if a URL points at a web server, use wget:
wget --spider $url
The --spider flag makes wget not save the page, just check that it exists. You could look at the return code, or add the -S flag (which prints the HTTP headers returned)