CODEWITHSUNDEEP
phpphpseclib
Caynadian
Caynadian

Reputation: 779

Parsing SSH2 Results in PHP

I am running PHP vc9 NTS 5.3.28 on Windows Server 2003 Standard 32bit with phpseclib 0.3.6. I am trying to creating a script that will connect to a Palo Alto Networks firewall and execute a command to hash a password. I have the following code:

<?php
include 'Net/SSH2.php';

define('NET_SSH2_LOGGING', NET_SSH2_LOG_COMPLEX);

$ssh = new Net_SSH2('hostname');
echo ">Logging in...\n";
if (!$ssh->login('user', 'password')) {
    exit('Login Failed');
}
echo ">Reading login results...\n";
/*echo $ssh->exec('request password-hash password test123');*/
$output = $ssh->read('user@PA-3020>');
echo $output . "\n";
echo ">Writing request...\n";
$ssh->write("request password-hash password test123\n");
$ssh->setTimeout(10);
echo ">Reading result...\n";
$output = $ssh->read('/^\$1\$.*$/', NET_SSH2_READ_REGEX);
echo $output . "\n";
echo ">Done.\n";
file_put_contents ('E:\PHP53\ssh2.log', $ssh->getLog());
?>

I have two problems with the above code:

  1. If I leave out the setTimeout(10) then the code never exists the next $ssh->read. If I have it in, then the code exists only after the timeout but does return results.

  2. The results it returns are including a bunch of stuff that shouldn't be there:

    ?[Kuser@PA-3020> request password-hash password test123 ?[?1h?=?[24;1H?[K $1$dgkhwrxe$kddYFmKCq9.zfiBKPAyN61

    ?[24;1H?[K?[?1l?>user@PA-3020>

I only want the line that starts with $1$ (line 3 above). I figure it has something to do with the regex but I can't figure out what.

If I run the command interactively with PuTTY I get the following:

user@PA-3020> request password-hash password test123

$1$pxqhdlco$MRsVusWtItC3QiMm4W.xZ1

user@PA-3020>

UPDATE:

As per suggestions from neubert below, replacing the line with $output = $ssh->read... with the following code works:

$output = $ssh->read('/\$1\$.*/', NET_SSH2_READ_REGEX);
$output = preg_replace('/.*\$1\$/s','\$1\$', $output);

Upvotes: 0

Views: 1581

Answers (1)

neubert
neubert

Reputation: 16802

The results it returns are including a bunch of stuff that shouldn't be there:

?[Kuser@PA-3020> request password-hash password test123 ?[?1h?=?[24;1H?[K $1$dgkhwrxe$kddYFmKCq9.zfiBKPAyN61

?[24;1H?[K?[?1l?>user@PA-3020>

Those are ANSI escape codes. You can use File_ANSI to remove them. More info:

http://phpseclib.sourceforge.net/ssh/examples.html#top

Anyway, my guess would be that you need to redo your regex. eg.

$output = $ssh->read('/^\$1\$.*$/', NET_SSH2_READ_REGEX);

Instead of doing that do this:

$output = $ssh->read('/\$1\$/', NET_SSH2_READ_REGEX);

The thing is... ^ matches at the start of the line and $ matches at the end. Usually when you do $ssh->write(...) the command is echo'd back to you and then there's a new line and then you get your output back. So that'd prevent ^ from working. And as for the $ at the end.. well per your own example $1$ doesn't occur at the end of a line. So that's why your code isn't working.

Upvotes: 2

Related Questions