API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 2nd, 2018
159
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.67 KB | None | 0 0
raw download clone embed print report
  1. # Programme pour automatiser l'envoi de log au serveur SIEM
  2. # Fait dans le cadre du projet annuel ESGI
  3. # Auteurs : Florian Boulic & Julien Combe
  4.  
  5. # Python 3.4
  6.  
  7. import subprocess
  8. import ipaddress
  9. import pxssh
  10. import getpass
  11.  
  12. # Fonction to validate that the argument is an IPv4
  13. def validIP(address):
  14. parts = address.split(".")
  15. if len(parts) != 4:
  16. return False
  17. for item in parts:
  18. if not 0 <= int(item) <= 255:
  19. return False
  20. return True
  21.  
  22. def hiddenPassword(password):
  23. i = 0
  24. passwordHidden = ""
  25. while i < len(password):
  26. if i != 0 and i != (len(password)-1):
  27. passwordHidden = passwordHidden + '*'
  28. else:
  29. passwordHidden = passwordHidden + password[i]
  30. i = i+1
  31. return passwordHidden
  32.  
  33. # Introduction for the user
  34. print('Welcome to ESGI_ProjetAnnuel Script that will help you with the installation of your OSSIM SIEM.')
  35. print('We will help you to configure your network and devices in order to monitore them properly.')
  36. print('Make sure those devices are reachable from the current SIEM.')
  37.  
  38. # Get serveur SIEM IP
  39. bashCommand = "ifconfig | grep -A 1 'eth0' | tail -1 | cut -d ':' -f 2 | cut -d ' ' -f 1"
  40. siem_ip = subprocess.check_output(['bash', '-c', bashCommand])
  41. siem_ip = siem_ip.decode('utf-8')
  42. siem_ip = siem_ip.rstrip()
  43.  
  44. # Prompt the user to input a network address
  45. net_addr = input("Enter a network address in CIDR format that contain your devices (ex.192.168.1.0/24): ")
  46.  
  47. # Create the network
  48. ip_net = ipaddress.ip_network(net_addr)
  49.  
  50. # Get all hosts on that network
  51. all_hosts = list(ip_net.hosts())
  52.  
  53. # For each IP address in the subnet,
  54. # run the ping command with subprocess.popen interface
  55.  
  56. list_online = list()
  57.  
  58. for i in range(len(all_hosts)):
  59. output = subprocess.Popen(['ping', '-n', '-w', '1', str(all_hosts[i])],stdout=subprocess.PIPE, startupinfo=None).communicate()[0]
  60. if str(all_hosts[i]) == siem_ip:
  61. print(str(all_hosts[i]), "is the SIEM.")
  62. elif "Destination host unreachable" in output.decode('utf-8'):
  63. print(str(all_hosts[i]), "is Offline")
  64. elif "Request timed out" in output.decode('utf-8'):
  65. print(str(all_hosts[i]), "is Offline")
  66. elif "100% packet loss" in output.decode('utf-8'):
  67. print(str(all_hosts[i]), "is Offline")
  68. else:
  69. print(str(all_hosts[i]), "is Online")
  70. list_online.append(str(all_hosts[i]))
  71. if len(list_online) == 0:
  72. print('No device answered ping request. Check your network parameters.')
  73. exit()
  74. else:
  75. print('Devices answer ping requests at the following IPs :')
  76. for ip in (list_online):
  77. print(ip)
  78.  
  79. answer_listcomplete = input('Do you want to remove some devices on the previous list ? Y/N')
  80. while(answer_listcomplete != 'N' and answer_listcomplete != 'Y'):
  81. answer_listcomplete = input('Answer is not correct. Do you want to remove some devices on the previous list ? Y/N')
  82.  
  83.  
  84. list_online2 = list()
  85.  
  86. if(answer_listcomplete == 'Y'):
  87. for ip in list_online:
  88. current_delete = input('Do you want to delete the device at address ' + ip + ' from the list ? Y/N')
  89. while(current_delete != 'N' and current_delete != 'Y'):
  90. current_delete = input('Answer is not correct. Do you want to delete the device at address ' + ip + ' from the list ? Y/N')
  91. if current_delete == 'N':
  92. list_online2.append(ip)
  93.  
  94. list_online = list_online2
  95. print('Here is the updated device list :')
  96. for ip in (list_online):
  97. print(ip)
  98.  
  99. answer_listcomplete = input('Do you want to add some devices on the previous list ? Y/N')
  100. while(answer_listcomplete != 'N' and answer_listcomplete != 'Y'):
  101. answer_listcomplete = input('Answer is not correct. Do you want to add some devices on the previous list ? Y/N')
  102.  
  103. if(answer_listcomplete == 'Y'):
  104. add_more = 'Y'
  105. while(add_more == 'Y'):
  106. current_add = input('Please enter the IP address of the device to add.')
  107. while validIP(current_add) == False:
  108. current_add = input('Not a valid IP address. Please enter the IP address of the device to add.')
  109. list_online.append(current_add)
  110. add_more = input('Address ' + current_add + ' added to the list. Do you want to add more ? Y/N')
  111. while(add_more != 'N' and add_more != 'Y'):
  112. add_more = input('Answer not correct. Address ' + current_add + ' added to the list. Do you want to add more ? Y/N')
  113.  
  114. #list_online.sort()
  115.  
  116. print('Here is the updated device list :')
  117. for ip in (list_online):
  118. print(ip)
  119.  
  120. # Ask for a defaut account/password. Ask then if you need to use it for all of devices, or if you want to pick for each IP.
  121. sure_account = 'P'
  122. while (sure_account != 'Y'):
  123. print('Please enter a defaut profile to connect to those devices :')
  124. def_account = input('Account ?')
  125. def_password = getpass.getpass('Password ?')
  126. sure_account = input('You entered the couple ' + def_account + ' / ' + hiddenPassword(def_password) + ' to be the defaut profile. Is that correct ? Y/N')
  127. while(sure_account != 'N' and sure_account != 'Y'):
  128. sure_account = input('Answer is not correct. You entered the couple ' + def_account + ' / ' + hiddenPassword(def_password) + ' to be the defaut profile. Is that correct ? Y/N')
  129.  
  130. list_account = list()
  131. list_password = list()
  132.  
  133. sure_account = input('Do you want to use the couple ' + def_account + ' / ' + hiddenPassword(def_password) + ' for all devices ? Y/N')
  134. while(sure_account != 'N' and sure_account != 'Y'):
  135. answer_listcomplete = input('Answer is not correct. Do you want to use the couple ' + def_account + ' / ' + hiddenPassword(def_password) + ' for all devices ? Y/N')
  136. if sure_account == 'Y':
  137. i = 0
  138. while i < len(list_online):
  139. list_account.append(def_account)
  140. list_password.append(def_password)
  141. i = i+1
  142. else:
  143. i = 0
  144. while i < len(list_online):
  145. current_account = input('Do you want to use the couple ' + def_account + ' / ' + hiddenPassword(def_password) + ' for the device at address ' + list_online[i] + '? Y/N')
  146. while(current_account != 'N' and current_account != 'Y'):
  147. current_account = input('Answer is not correct. Do you want to use the couple ' + def_account + ' / ' + hiddenPassword(def_password) + ' for the device at address ' + list_online[i] + '? Y/N')
  148. if current_account == 'Y':
  149. list_account.append(def_account)
  150. list_password.append(def_password)
  151. i = i+1
  152. else:
  153. confirm_account = 'P'
  154. while confirm_account != 'Y':
  155. print('Please enter a profile to connect to the device at address ' + list_online[i] + ' :')
  156. cur_account = input('Account ?')
  157. cur_password = getpass.getpass('Password ?')
  158. confirm_account = input('You entered the couple ' + cur_account + ' / ' + hiddenPassword(cur_password) + ' to be the profile for the device at address ' + list_online[i] + '. Is that correct ? Y/N')
  159. while(confirm_account != 'N' and confirm_account != 'Y'):
  160. confirm_account = input('Answer is not correct. You entered the couple ' + cur_account + ' / ' + hiddenPassword(cur_password) + ' to be the profile for the device at address ' + list_online[i] + '. Is that correct ? Y/N')
  161. if confirm_account == 'Y':
  162. list_account.append(cur_account)
  163. list_password.append(cur_password)
  164. i = i+1
  165.  
  166. print('Here is the list for devices and connexion profiles:')
  167. print('IP address - Account - Password')
  168. i = 0
  169. while i < len (list_online):
  170. print(list_online[i] + ' - ' + list_account[i] + ' - ' + hiddenPassword(list_password[i]))
  171. i = i+1
  172.  
  173.  
  174.  
  175. print('END OF LIST GENERATING')
  176.  
  177. print ('DEBUT TEST CONNEXION SSH')
  178.  
  179. i = 0
  180. while i < len(list_online):
  181. s = pxssh.pxssh()
  182.  
  183. hostname = list_online[i]
  184. username = list_account[i]
  185. password = list_password[i]
  186.  
  187. if not s.login(hostname, username, password):
  188. print ('SSH session failed on login to '+ hostname +'. Please check network and server configuration.')
  189. print ('Error message : ' + str(s))
  190. else:
  191. s.sendline('cat /etc/*-release')
  192. s.prompt()
  193. answer = (s.before).decode('utf-8')
  194. distrib = ""
  195. if "Debian" in answer:
  196. distrib = "Debian"
  197. elif "Ubuntu" in answer:
  198. distrib = "Ubuntu"
  199. elif "Red Hat Entreprise Linux" in answer:
  200. distrib = "RHEL"
  201. else:
  202. distrib = "Unknown"
  203.  
  204.  
  205. if distrib == "Debian":
  206. print('We detected that the server use a '+ distrib +'distribution. We will use rsyslog to transmit logs to SIEM.')
  207. s.sendline('sudo apt-get install rsyslog')
  208. s.prompt()
  209. answer = (s.before).decode('utf-8')
  210. print(answer)
  211. if("password for" in answer):
  212. root_pass = input('Please enter root password for this server :')
  213. s.sendline(root_pass)
  214. s.prompt()
  215. answer = (s.before).decode('utf-8')
  216. print(answer)
  217. if("newly installed," in answer):
  218. print('Rsyslog installed !')
  219. elif("is not in the sudoers file:" in answer):
  220. print('It seems that your account is not in the sudoers file and thus can\'t use sudo command. Please add account to sudoers and relaunch the script.')
  221. exit(3)
  222. elif("command not found" in answer):
  223. print('It seems that the apt-get command was not present on the server. Please check your configuration.')
  224. exit(3)
  225. else:
  226. print('Error : sudo answer no in list - Ask your admin for help')
  227. exit(3)
  228. elif("command not found" in answer):
  229. print('It seems that sudo command is not installed on your server. Server won\'t be configured. Please install sudo and relaunch the script.')
  230. exit(2)
  231. else:
  232. print('Error : sudo answer no in list - Ask your admin for help')
  233. exit(2)
  234.  
  235. #s.sendline('sudo echo "*.* @' + siem_ip + ':514" >> /etc/rsyslog.conf')
  236. #s.prompt()
  237. #answer = (s.before).decode('utf-8')
  238. #print(answer)
  239.  
  240. #s.sendline('sudo systemctl status apache2')
  241. #s.prompt()
  242. #answer = (s.before).decode('utf-8')
  243. #if("Active: active" in answer):
  244.  
  245. else:
  246. print('Sorry, that distribution is not supported yet.')
  247. s.logout()
  248. i = i+1
  249.  
  250. print('DEBUG DEBUG - Fin du script - DEBUG DEBUG')
  251. exit()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!