Making Expect scripts for SSH Authentication and Privilege Elevation
Alexander Leonov
Vulnerability & Compliance Management, Security Automation, Metrics
Expect can help you to automate interactive console applications. For example, expect script can go to some Linux host via SSH, make additional authentication procedures (su, sudo) to elevate privileges and execute some commands. Like Vulnerability and Compliance management products do during the active Linux scanning, right? For example you can get the list of installed packages and make Vulnerability Assessment without Vulnerability Scanner.
Actually, the tool is pretty old. It was presented more than 20 years ago! And perhaps now it makes more sense to use python scripts, for example paramiko with paramiko-expect. Or even use some software provisioning tool, like Ansible. But my fun was in creating (generating?) a small old-school scripts that could be sent to any remote host (with expect installed) to gather information from the accessible hosts.
So, the installation is trivial:
# yum install expect
Expect scripting language is an extension to the Tcl. In this language you can set the variables, commands that you want to ran, the lines that you expect from the server response and the commands that will be sent back. I will not show it here, but you can set the timeouts flexibly and initialize the variables from command line (e.g. argv[1]).
Founder @Cyberstanc | Simulated Intelligence Malware Detection| EDR & SIEM connector | Govt| Defense| BFSI| Healthcare| OT | Powering Cloud Security on AWS & Azure | CS portal portal.cyberstanc.com/
6 年https://www.dhirubhai.net/pulse/safety-better-than-security-rohit-bankoti/ add more from past