CODEWITHSUNDEEP
pythonpexpect
insecure-IT
insecure-IT

Reputation: 2188

Am I using the wrong module? pxssh

I am trying to build a python script to check usernames, passwords and enable password on Cisco devices.

The script clearly logs into the device, but is trying to set and unset the shell prompt. Should I be using just standard pexpect and not pxssh? I tried this too, but 'if' statements don't seem to work well with expect. Any advice would help greatly.

Exception:
could not set shell prompt
unset PROMPT_COMMAND
            ^
% Invalid input detected at '^' marker.

3750_core#PS1='[PEXPECT]\$ '
3750_core#set prompt='[PEXPECT]\$ '
              ^
% Invalid input detected at '^' marker.

Code:

def check_creds(host, user, password, en_passwd):
    global success
    global failure

    try:
        ssh = pxssh.pxssh()
        ssh.login(host, user, password, en_passwd)
        if ssh.prompt(PRIV_EXEC_MODE):
            print 'privilege mode creds work'
            ssh.logout()
            success = True
        if ssh.prompt(USER_EXEC_MODE):
            print('username and password are correct')
            ssh.sendline('enable')
            ssh.sendline(en_passwd)
            if ssh.prompt(PRIV_EXEC_MODE):
                print 'enable password is correct'
                ssh.logout()
                success = True
            else:
                print 'enable password is incorrect'
                ssh.logout()
                failure = True

    except pxssh.ExceptionPxssh, fail:
        print str(fail)
        failure = True
        exit(0)

Upvotes: 1

Views: 1321

Answers (1)

insecure-IT
insecure-IT

Reputation: 2188

Yes, wrong module. I found the proper way to use pexpect and the if statments.

def check_creds(host, user, passwd, en_passwd):
    ssh_newkey = 'Are you sure you want to continue connecting (yes/no)?'
    constr = 'ssh ' + user + '@' + host
    ssh = pexpect.spawn(constr)
    ret = ssh.expect([pexpect.TIMEOUT, ssh_newkey, '[P|p]assword:'])
    if ret == 0:
        print '[-] Error Connecting to ' + host
        return
    if ret == 1:
        ssh.sendline('yes')
        ret = ssh.expect([pexpect.TIMEOUT, '[P|p]assword:'])
        if ret == 0:
            print '[-] Could not accept new key from ' + host
            return
    ssh.sendline(passwd)
    auth = ssh.expect(['[P|p]assword:', '>', '#'])
    if auth == 0:
        print 'User password is incorrect'
        return
    if auth == 1:
        print('username and password are correct')
        ssh.sendline('enable')
        ssh.sendline(en_passwd)
        enable = ssh.expect(['[P|p]assword:', '#'])
        if enable == 0:
            print 'enable password is incorrect'
            return
        if enable == 1:
            print 'enable password is correct'
            return
    if auth == 2:
        print 'privilege mode creds work'
        return
    else:
        print 'creds are incorrect'
        return

Upvotes: 1

Related Questions