I wrote a script for nmap but it doesn't work
Maybe a problem with the libraries, but not sure (I'm new to this)
import nmap
import sys
import traceback
def scan_hosts(hosts, scan_type):
try:
nm = nmap.PortScanner()
if scan_type == 'SYN':
nm.scan(hosts=hosts, arguments='-p- -sS -T4 -A --script=vulners')
elif scan_type == 'UDP':
nm.scan(hosts=hosts, arguments='-p- -sU -T4 -A --script=vulners')
elif scan_type == 'FULL':
nm.scan(hosts=hosts, arguments='-p- -sS -sU -T4 -A --script=vulners')
for host in nm.all_hosts():
print('Host: %s (%s)' % (host, nm[host].hostname()))
for proto in nm[host].all_protocols():
print('Protocol: %s' % proto)
lport = nm[host][proto].keys()
for port in lport:
print('port : %s\tstate : %s' % (port, nm[host][proto][port]['state']))
except Exception as e:
print(f"An error occurred while scanning the host: {e}")
print("\n".join(traceback.format_exception(etype=type(e), value=e, tb=e.__traceback__)))
# Attempt to correct the error
if "timed out" in str(e):
print("Error: Host timed out. Retrying with increased timeout...")
nm.scan(hosts=hosts, arguments='-p- -sS -T4 -A --script=vulners --host-timeout=60')
else:
print("Error could not be corrected. Exiting...")
sys.exit(1)
if __name__ == '__main__':
hosts = '0.0.0.0/0'
scan_type = 'FULL' # can be one of 'SYN', 'UDP', or 'FULL'
scan_hosts(hosts, scan_type)
Maybe a problem with the libraries, but not sure (I'm new to this)
I have installed Ansible using "pip" as a root user on RHEL
python version - Python 2.7.5
Ansible version -
ansible 2.7.4
config file = None
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /bin/ansible
python version = 2.7.5 (default, May 31 2018, 09:41:32) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
whenever I try to use ansible as a different user getting an error
Error:
$ ansible --version
Traceback (most recent call last):
File "/usr/bin/ansible", line 40, in <module>
from ansible.errors import AnsibleError, AnsibleOptionsError, AnsibleParserError
ImportError: No module named ansible.errors
I find two ansible files located in different places, Is this abnormal?
one at /bin/ansible & other at /usr/bin/ansible
$ cd /bin
$ ls -lart ansible
-rwxr-xr-x 1 root root 5837 Dec 9 13:12 ansible
$ cd ansible
-ksh: cd: ansible: [Not a directory]
$ ls -lart /usr/bin/ansible
-rwxr-xr-x 1 root root 5837 Dec 9 13:12 /usr/bin/ansible
Content of /bin/ansible
$ cat /bin/ansible
#!/bin/python
# (c) 2012, Michael DeHaan <michael.dehaan#gmail.com>
#
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
########################################################
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
__requires__ = ['ansible']
try:
import pkg_resources
except Exception:
# Use pkg_resources to find the correct versions of libraries and set
# sys.path appropriately when there are multiversion installs. But we
# have code that better expresses the errors in the places where the code
# is actually used (the deps are optional for many code paths) so we don't
# want to fail here.
pass
import os
import shutil
import sys
import traceback
from ansible.errors import AnsibleError, AnsibleOptionsError, AnsibleParserError
from ansible.module_utils._text import to_text
# Used for determining if the system is running a new enough python version
# and should only restrict on our documented minimum versions
_PY3_MIN = sys.version_info[:2] >= (3, 5)
_PY2_MIN = (2, 6) <= sys.version_info[:2] < (3,)
_PY_MIN = _PY3_MIN or _PY2_MIN
if not _PY_MIN:
raise SystemExit('ERROR: Ansible requires a minimum of Python2 version 2.6 or Python3 version 3.5. Current version: %s' % ''.join(sys.version.splitlines()))
class LastResort(object):
# OUTPUT OF LAST RESORT
def display(self, msg, log_only=None):
print(msg, file=sys.stderr)
def error(self, msg, wrap_text=None):
print(msg, file=sys.stderr)
if __name__ == '__main__':
display = LastResort()
try: # bad ANSIBLE_CONFIG or config options can force ugly stacktrace
import ansible.constants as C
from ansible.utils.display import Display
except AnsibleOptionsError as e:
display.error(to_text(e), wrap_text=False)
sys.exit(5)
cli = None
me = os.path.basename(sys.argv[0])
try:
display = Display()
display.debug("starting run")
sub = None
target = me.split('-')
if target[-1][0].isdigit():
# Remove any version or python version info as downstreams
# sometimes add that
target = target[:-1]
if len(target) > 1:
sub = target[1]
myclass = "%sCLI" % sub.capitalize()
elif target[0] == 'ansible':
sub = 'adhoc'
myclass = 'AdHocCLI'
else:
raise AnsibleError("Unknown Ansible alias: %s" % me)
try:
mycli = getattr(__import__("ansible.cli.%s" % sub, fromlist=[myclass]), myclass)
except ImportError as e:
# ImportError members have changed in py3
if 'msg' in dir(e):
msg = e.msg
else:
msg = e.message
if msg.endswith(' %s' % sub):
raise AnsibleError("Ansible sub-program not implemented: %s" % me)
else:
raise
try:
args = [to_text(a, errors='surrogate_or_strict') for a in sys.argv]
except UnicodeError:
display.error('Command line args are not in utf-8, unable to continue. Ansible currently only understands utf-8')
display.display(u"The full traceback was:\n\n%s" % to_text(traceback.format_exc()))
exit_code = 6
else:
cli = mycli(args)
cli.parse()
exit_code = cli.run()
except AnsibleOptionsError as e:
cli.parser.print_help()
display.error(to_text(e), wrap_text=False)
exit_code = 5
except AnsibleParserError as e:
display.error(to_text(e), wrap_text=False)
exit_code = 4
# TQM takes care of these, but leaving comment to reserve the exit codes
# except AnsibleHostUnreachable as e:
# display.error(str(e))
# exit_code = 3
# except AnsibleHostFailed as e:
# display.error(str(e))
# exit_code = 2
except AnsibleError as e:
display.error(to_text(e), wrap_text=False)
exit_code = 1
except KeyboardInterrupt:
display.error("User interrupted execution")
exit_code = 99
except Exception as e:
if C.DEFAULT_DEBUG:
# Show raw stacktraces in debug mode, It also allow pdb to
# enter post mortem mode.
raise
have_cli_options = cli is not None and cli.options is not None
display.error("Unexpected Exception, this is probably a bug: %s" % to_text(e), wrap_text=False)
if not have_cli_options or have_cli_options and cli.options.verbosity > 2:
log_only = False
if hasattr(e, 'orig_exc'):
display.vvv('\nexception type: %s' % to_text(type(e.orig_exc)))
why = to_text(e.orig_exc)
if to_text(e) != why:
display.vvv('\noriginal msg: %s' % why)
else:
display.display("to see the full traceback, use -vvv")
log_only = True
display.display(u"the full traceback was:\n\n%s" % to_text(traceback.format_exc()), log_only=log_only)
exit_code = 250
finally:
# Remove ansible tmpdir
shutil.rmtree(C.DEFAULT_LOCAL_TMP, True)
sys.exit(exit_code)
list:
$ ls -lart /usr/lib/python2.7/site-packages/ansible/errors/
total 36
-rw------- 1 root root 3820 Dec 9 13:12 yaml_strings.py
-rw------- 1 root root 11555 Dec 9 13:12 __init__.py
-rw------- 1 root root 3147 Dec 9 13:12 yaml_strings.pyc
-rw------- 1 root root 11535 Dec 9 13:12 __init__.pyc
drwx------ 2 root root 88 Dec 9 13:12 .
drwx------ 17 root root 4096 Dec 9 13:12 ..
can anyone help me in solving it.
In my case I was working in a venv in python and that caused Ansible to not find all it's python modules. Might not necessarily be the OP's issue here but it's worth being aware of.
It's because the installation did not make the files in /usr/lib/python2.7/site-packages/ansible readable by groups or world, meaning that only the file's owner (root in this case) can read them:
$ ls -lart /usr/lib/python2.7/site-packages/ansible/errors/
total 36
-rw------- 1 root root 11555 Dec 9 13:12 __init__.py
# ^^^^^^ should be -rw-r--r-- for files
You can change this one specific problem with chmod but likely in the future you will want to run umask go-w first in order to keep pip from defaulting to 0600 permissions for files that it writes out
# chmod -R a+rX /usr/lib/python2.7/site-packages/ansible
The X in that expression is to set the eXecute bit but only for files that already have execute in the user's permissions (so, for directories and executable files, but not for "normal" files; you can read the full story in man 1 chmod)
In my case the problem turned out to be following:
i was executing the command using sudo, which was picking different .ssh/id_rsa.pub compared to what I had posted public key in the ssh-server. This was rightly resulting into permission denied.
This was discovered only by doing (taken from the dump that comes from ansible ping command using -vvv. Note that I have added -v command to ssh, that gives you the hint on what has failed during the login process.
sudo sshpass -d11 ssh -v -C -o ControlMaster=auto -o ControlPersist=60s -o 'User="ubuntu"' -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/66b206be85 10.115.216.134 '/bin/sh -c '"'"'echo ~ubuntu && sleep 0'"'"''
In my case, I was using a broken venv. Deactivated it, removed it and reinstalled every thing:
deactivate
rm -rf .venv
python3 -m venv .venv
. .venv/bin/activate
pip install -r requirements.txt
I have a set of commands that I am attempting to run in a script. To be exact, the lines are
rm tmp_pipe
mkfifo tmp_pipe
python listen_pipe.py &
while [ true ]; do nc -l -w30 7036 >>tmp_pipe; done &
listen_pipe.py is simply
if __name__ == "__main__":
f = open("tmp_pipe")
vals = " "
while "END" not in vals:
vals = f.readline()
if len(vals) > 0:
print(vals)
else:
f = open("tmp_pipe")
If I run the commands in the order shown I get my desired output, which is a connection to an ESP device that streams motion data. The connection resets after 30 seconds if the ESP device leaves the network range or if the device is turned off. The python script continues to read from the pipe and does not terminate when the tcp connection is reset. However, if I run this code inside a script file nc fails to connect and the device remains in an unconnected state indefinitely. The script is just
#!/bin/bash
rm tmp_pipe
mkfifo tmp_pipe
python listen_pipe.py &
while [ true ]; do nc -l -w30 7036 >>tmp_pipe; done &
This is being run on Ubuntu 16.04. Any suggestions are greatly welcomed, I have been fighting with this code all day. Thanks,
Ian
By default, pexpect.spawn() would not output anything. But when I specify logfile=sys.stdout it'll also echo the password (e.g. for ssh). So how can I see the real time interaction with the spawned process without the password being echoed (just like the Expect (the Tcl extension) does)?
pexepct example:
# cat expect.py
import pexpect, sys
logfile = sys.stdout if len(sys.argv) == 2 else None
ssh = pexpect.spawn('ssh foo#localhost', logfile=logfile)
ssh.delaybeforesend = 1
ssh.expect('assword:')
ssh.sendline('123456')
ssh.expect('\r\n\\$')
ssh.sendline('exit')
ssh.expect(pexpect.EOF)
ssh.wait()
# python expect.py <-- no output
# python expect.py stdout
foo#localhost's password: 123456 <-- the password is visible
Last login: Tue Mar 22 10:32:49 2016 from localhost
$ exit
exit
Connection to localhost closed.
#
Expect example:
# cat ssh.exp
spawn ssh foo#localhost
expect assword:
send "123456\r"
expect {\$}
send "exit\r"
expect eof
wait
# expect ssh.exp
spawn ssh foo#localhost
foo#localhost's password: <-- the password is invisible
Last login: Tue Mar 22 10:45:03 2016 from localhost
$ exit
Connection to localhost closed.
#
Just to make the question answered. The credit goes to Thomas K. See his comments under the question for more details.
[STEP 101] # cat foo.py
#!/usr/bin/env python3
import pexpect, sys
spawn = pexpect.spawnu if sys.version_info[0] >= 3 else pexpect.spawn
ssh = spawn('ssh -t foo#localhost bash --noprofile --norc')
ssh.logfile_read = sys.stdout
ssh.expect('assword:')
ssh.sendline('123456')
ssh.expect('bash-[.0-9]+[$#]')
ssh.sendline('exit')
ssh.expect(pexpect.EOF)
ssh.wait()
[STEP 102] #
[STEP 103] # python2 foo.py
foo#localhost's password:
bash-5.1$ exit
exit
Connection to localhost closed.
[STEP 104] #
[STEP 105] # python3 foo.py
foo#localhost's password:
bash-5.1$ exit
exit
Connection to localhost closed.
[STEP 106] #
I'm having trouble programmatically running a local script over ssh.
I'm unsure if this is a problem with the shell variable substitution on the local host.
When manually running,
ssh monit#server1 'bash -s' < /u02/splunk/splunk/etc/apps/Splunk_TA_nix/bin/cpu.sh
I get the expected output,
CPU pctUser pctNice pctSystem pctIowait pctIdle
all 11.21 0.00 1.50 0.31 86.98
0 0.00 0.00 0.00 0.00 100.00
1 3.00 0.00 1.00 0.00 96.00
....
but I get
bash: /u02/splunk/splunk/etc/apps/Splunk_TA_nix/bin/cpu.sh: No such file or directory
when running the following code,
splunk_bin_dir = '/u02/splunk/splunk/etc/apps/Splunk_TA_nix/bin'
hostname = 'server1'
username = 'monit'
password = 'monit#_'
command = "/usr/bin/ssh %(username)s#%(hostname)s 'bash -s' < %(splunk_bin_dir)s/cpu.sh" % locals()
print command
ssh_new_conn = 'Are you sure you want to continue connecting'
p = pexpect.spawn(command, timeout=360)
# Handles the 3 possible connection outcomes:
# a) Ssh to the remote host for the first time, triggering 'Are you sure you want to continue connecting'
# b) ask you for password
# c) No password is needed at all, because you already have the key.
i = p.expect([ssh_new_conn,'[pP]assword:',pexpect.EOF])
print ' Initial pexpect command output: ', i
if i == 0:
# send 'yes'
p.sendline('yes')
i = p.expect(['[pP]assword:',pexpect.EOF])
print 'sent yes. pexpect command output', i
if i == 0:
# send the password
p.sendline(password)
p.expect(pexpect.EOF)
elif i == 1:
# send the password
p.sendline(password)
p.expect(pexpect.EOF)
elif i == 2:
print "pexpect faced key or connection timeout"
pass
print p.before
These are the printed outputs,
/usr/bin/ssh monit#server1 'bash -s' < /u02/splunk/splunk/etc/apps/Splunk_TA_nix/bin/cpu.sh
Initial pexpect command output: 1
bash: /u02/splunk/splunk/etc/apps/Splunk_TA_nix/bin/cpu.sh: No such file or directory
pexpect is bumping into the [pP]assword line so I guess the password is being correctly passed,
Here the note from pexpect manual:
Remember that Pexpect does NOT interpret shell meta characters such as
redirect, pipe, or wild cards (>, |, or *). This is a common mistake.
If you want to run a command and pipe it through another command then
you must also start a shell.
This is the working line
command = """/bin/bash -c "/usr/bin/ssh %(username)s#%(hostname)s 'bash -s' < %(splunk_bin_dir)s/cpu.sh" """ % locals()