Hi gurus, I am trying to do some expect/TCL magic. My goal is to write some kind of password guessing script (nearly similar to dictionary attack against ssh). I read that this could be possible with expect/TCL, I am newbie in this language, its function and its terms so please be patient
The normal process of logging onto server looks like this:
However (probably due to ssh configuration - correct me if i am wrong) if I make typo in password typing I have another two chances:
So my goal is to try several passwords during login (it would be great to leverage all three chances for typing correct password, to prevent multiple connecting/disconnecting) and save some kind of report of this activity (for further processing).
My 1st attempt was following lines. Problem with this is that this solution "works" only if correct password is in pass1 variable, however I am still not able to catch the output in friendly format. In fact the output is not as straightforward that I can determine if login was successful or not.
2nd try was just simple script which uses exp_continue that is still unclear to me (and I would appreciate if somebody could clear it), however it throws some errors:
3rd try was this, still some errors and awful output useless for further processing:
4th try, after reading somewhere that expect consists of: "expect pattern action pattern action..." and action can include another expect command. But after closer look it is obvious that even if all three passwords will be wrong as a correct solution will be propagated pass3. Also this solutions throws error because it will "expect" password even if the previous (eg. pass2) attempt matched (see Result bellow)
Questions
1. How does expect knows when is typing of input possible (when I can invoke send) ?
- eg. Is expect capable to process also text that appears on screen but (user) input is not expected (in normal circumstances) ?
- or in other words, how expect know if app has input available or requires user interaction or what is the correct name
2. Does TCL=Expect ?
- or expect uses TCL ?
3. Does expect supports some kind of looping
- eg. If same text appears on screen which will match "expect" pattern (requesting password) the different "send" action will be called (passing next element from array)?
- in other words: How to "expect" same pattern for several times but "send" another string
4. Does expect supports something opposite to regexp, or negation of regexp ?
- eg. expecting some string in loop and calling send (passing password) but do another action if expect wont match string (password was guessed or chances expired)
- in other words: How to "expect" same pattern for several times and "send" another string but after not matching "expect"
5. In my situation, when I just want to know right password (connecting to server and after exiting) is command "interact" (or statement or whatever it is called) required ?
6. What exactly does exp_continue doing ? It seems like if it wont wait for requested input until "send" is invoked, is there some timeout or something similar ?
- eg. is possible to invoke "exp_continue" to repeat "send" but with different arguments and when "expect" wont match the exp_continue will break ?
7. Is possible to do some basic if else construction in input matching (in "expect")
- I would also handle following message "continue connecting yes/no"
I hope you understand what I am trying to say. If somebody cloud help I hope it will be helpful also for other expect/TCL newbies. Thank you very much.
hai all,
i have an tcl script in which i have been reading the DUT Command prompt of an cisco switch as
DUT Command Prompt : cisco*
and running the test case of stp now the problem is if i have given any blank space in between the cisco or at the startup then the Expect is not identifying the... (0 Replies)
Does anyone know of an expect/tcl forum that is as helpful as this one is for shell scripting?
Or if anyone has any expect knowledge, can you please provide some guidance on how to write to a local error log based on output from a ssh session?
I have something like this:
foreach host... (2 Replies)
In the following "for" loop I assume the the script will expect "anyway", "first" NOT in any paticular order and send "yes" when there found, breaking out of the loop when "$prompt" is found. The way it is working is like 3 individual expect lines, and they MUST be in cronological order. ANY help... (0 Replies)
Can someone identify what is the problem here?.
no children
while executing
"exp_wait -nowait -i -1"
(procedure "logOptions" line 45)
invoked from within
"logOptions"
(procedure "doExecute" line 98)
invoked from within
"doExecute"
(procedure "main" line 32)
... (7 Replies)
I'm having this problem with a very simple tcl expect script that is running on Solaris 5.3 with TCL version 8.4.7 and expect version 5.0.
below is the simplified version of the code snippet, which I think has everything to illustrate the problem, the full version is at the very bottom in... (0 Replies)
hi, I am new in Expect.
I have a question about expect timeout.
suppose I have a structure of
expect { ".."{
send"............"}
timeout{
...............
}
}
The silly question is if I reach timeout, how can I store the error message showing on the screen to... (2 Replies)
How can I pass password in SSH command without using expect in a shell program.
I don't have expect installed on my Solaris server.
#!/bin/bash
ssh user@hotname (how to supply pass in script?:wall:)
Experts please help its very urgent.
Shrawan Kumar Sahu (4 Replies)
Dear All,
I have a requirement where I have to SFTP or SCP a file in a batch script. Unfortunately, the destination server setup is such that it doesn't allow for shell command line login. So, I am not able to set up SSH keys. My source server is having issues with Expect. So, unable to use... (5 Replies)
Morning and Happy New Year to all.
I am in a situation where I need to connect to a list of devices that are using either telnet or ssh.
I want to try to telnet, if I receive any of the following I want to attempt ssh :
"Connection refused"
"Connection timed out"
timeout expiration
... (3 Replies)