1

In my CTF environment, if I want to access an application in a server, I have to perform SSH. Here's what it looks like:

  1. (my terminal) ssh username@ssh_ip
  2. enter password

The steps start to annoy me because if I have to access the same application more than once, I have to perform these steps multiple times.

Thus, I want to create a script that does this automatically, like './run_everything', which will autorun everything and immediately brings me to the application CLI instantly.

What kind of python library that can do this? I'm not asking for someone to make it for me, but more like asking for advice like what libraries to use and stuff.

ThomasWest
  • 485
  • 1
  • 7
  • 21
  • You can skip 1., 2. and 4. with a proper SSH setup: private key authentication and jumphost. 3. and 5. are a one liner then. – Klaus D. May 11 '19 at 04:00

4 Answers4

1

Try python api of iTerm2 or use some packages like paramiko.

HzCheng
  • 401
  • 4
  • 11
  • Hey, I'm actually using paramiko right now. I'm having an issue of not being able to connect. No error whatsoever on my terminal, just doesn't do anything. – ThomasWest May 11 '19 at 04:37
1

you can use expect. Though it is not a python library, it is a great tool to automate your terminal commands and easy to use. I have used it to automate ssh logins and automated some basic commands. It has a feature called autoexpect. With that, it'll generate a simple script which can be executed every time to run the commands in order, with a simple modification.

you can find how to use it on this link.

Dharanidhar Reddy
  • 818
  • 6
  • 15
1

pexpect is a pretty good python library for this. You can use it to input and read output from a terminal.

For example using it to ssh and execute ls:

import pexpect

ssh = 'your server'

child = pexpect.spawn(f'ssh {ssh}', maxread=1)
child.expect(f"{ssh}'s password: ", timeout=120)
child.sendline('password')
child.sendline('ls')

# just printing the output to verify it, but this is not needed
while True:
    print(child.readline())

For your intents and purposes you just need to do is child.sendline('ssh ...') and child.expect and child.sendline the password a second time to get into your actual server from the jump server. From there you can send the command to run your app.

Primusa
  • 13,136
  • 3
  • 33
  • 53
  • Hey, thanks for the suggestion! Quick question, can I do this `child = pexpect.spawn('ssh my_username@' + jumphostname + ' -p 50000')`, where jumphostname is `10.10.10.10` for example? I'm trying this and my terminal keeps bringing me back to local terminal. – ThomasWest May 11 '19 at 04:52
  • @ThomasWest if that command will work in your terminal it should work as well in `pexpect`, I'm not too familiar with the library but you can test it out. If you type the exact command into your terminal without pexpect what happens? – Primusa May 11 '19 at 04:54
  • It works, but for some reason, it doesn't work when I put it in pexpect.spawn() – ThomasWest May 11 '19 at 05:13
1

Below is the sample Python SSH Paramiko Library example.

import paramiko

ip='server ip'
port=22
username='username'
password='password'

cmd='some useful command' 

ssh=paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(ip,port,username,password)

stdin,stdout,stderr=ssh.exec_command(cmd)
outlines=stdout.readlines()
resp=''.join(outlines)
print(resp)

My assumption based on your last comment are of below types :

  1. As the script is not throwing any error, It may happen that there is no issue in connecting. But in STDOUT the output is not getting stored.
  2. The command you are executing , that is not getting executed correctly.

You can execute such a command which does not require any output. It just executes and you will be able to see it. Then you can be sure that the command is actually working and issue is with response. If the command is not working then check for the connectivity.

You can refer to this page later if no solution found from above mentioned points. This is another method called Invoke_Shell. Implement an interactive shell over ssh in Python using Paramiko?

Surajit Mitra
  • 414
  • 8
  • 15
  • Yeah so weird every time I run the script, it brings me back to `Thomas-MBP: Desktop thomas$` again instead of `Thomas@jumphost:` – ThomasWest May 11 '19 at 05:26