Welcome to the VanDyke Software Forums

Join the discussion today!


Go Back   VanDyke Software Forums > Scripting

Notices

Reply
 
Thread Tools Rating: Thread Rating: 6 votes, 2.33 average. Display Modes
  #1  
Old 01-12-2007, 12:33 PM
eazy2001x eazy2001x is offline
Registered User
 
Join Date: Jan 2007
Posts: 17
Need Help - Username/Password Prompt Variable Set, Nmap Port Errorlevel Check And Log

Ok,

I was looking into the multiple login VB script and wanted to match it to a batch file i was using with another application. My batch file did the following.

1. Logged into pre defined IP addresses using a command line SSH client then executed commands
2. Tested the IP address to ensured that I pinged
3 Ran NMAP on port 23 to see it Telnet was enabled.

I am in the proceed of moving away from the batch file completely because of the limitations of BATCH.

The output of my batch file would tell me the following for each line.

1. The IP address 192.168.1.2 Has A Successful Backup/Failed Backup
2. This Router Is A SSH Enabled Device/A Telnet Enabled Device
3. The Static Ip Address Is Responding/Not Responding

Then it would log it to one fine called log with a three-line answer for each IP address.

Example:

1. The IP address 192.168.1.2 Has A Successful Backup
2. This Router Is A SSH Enabled Device
3. The Static Ip Address Is Responding

1. The IP address 192.168.1.3 Has Failed Backup
2. This Router Is A Telnet Enabled Device
3. The Static Ip Address Is Not Responding

1. The IP address 192.168.1.4 Has A Successful Backup
2. This Router Is A SSH Enabled Device
3. The Static Ip Address Is Responding

Now I'm using the multiple connection VBS sample fine and able to connect to multiple router however, I have logging to multiple files, donít know how to integrate NMAP and Would like to use some type of environment variable so I donít have to save a username and password to a text file.


Here is an example of my batch file:

@echo off
echo.Router Backup Log>accesslog.txt
echo.>>accesslog.txt

echo.Backup In Progress.. Please Wait..
echo.Section A, NY:>>accesslog.txt

plink 192.168.1.2 -l username -pw password -m bkup.ew ¶FIND "Refused">nul
IF ERRORLEVEL 0 SET status=A Successful Backup
IF ERRORLEVEL 1 SET status=Failed Backup
echo.The IP address 192.168.1.2 Has %status%>>accesslog.txt
nmap 192.168.1.2 -p 23 | find "open">nul
IF ERRORLEVEL 0 SET status=Telnet Enabled Device
IF ERRORLEVEL 1 SET status=SSH Enabled Device
echo.This Router Is A %status%>>accesslog.txt
ping -n 1 192.168.1.2 | find "Reply">nul
IF ERRORLEVEL 0 SET status=Responding
IF ERRORLEVEL 1 SET status=Not Responding (Device May Be Down, Removed)
echo.The Static Ip Address Is %status%>>accesslog.txt

echo.>>accesslog.txt

The VB Script is attached...
Attached Files
File Type: txt multi.txt (6.4 KB, 715 views)

Last edited by eazy2001x; 01-12-2007 at 12:36 PM.
Reply With Quote
  #2  
Old 01-14-2007, 10:33 PM
eazy2001x eazy2001x is offline
Registered User
 
Join Date: Jan 2007
Posts: 17
Can anyone Help?
Reply With Quote
  #3  
Old 01-15-2007, 04:23 PM
jjh jjh is offline
VanDyke Customer Support
 
Join Date: Feb 2004
Posts: 819
Hello eazy2001x

We don't have a script that does specifically what you are
looking for, but I have included two scripts below that
should help you.

The following VBScript doesn't use NMAP, but it does show
you how you can parse out information from an nslookup
command:

Code:
Set g_shell = CreateObject("WScript.Shell")
Set g_fso = CreateObject("Scripting.FileSystemObject")

Dim szRemoteAddress
szRemoteAddress = crt.Session.RemoteAddress

Sub Main()

    szOutputFolder = g_shell.SpecialFolders("MyDocuments")
    szOutputFilename = szOutputFolder & "\nslookup-" & g_fso.GetTempName

    ' Run nslookup locally
    szCmd = "cmd /C nslookup " & szRemoteAddress & _
        " > " & chr(34) & szOutputFilename & chr(34)
    ' MsgBox szCmd
    ' use Shell.Run(), to run the 'nslookup' command (szCmd) in
    ' a hidden window (0), and wait for it to completed so
    ' we can check the exit code (true).
    nResult = g_shell.Run(szCmd, 0, true)

    If nResult <> 0 then
        MsgBox "Error looking up hostname: " & nResult
        if g_fso.FileExists(szOutputFilename) then
            g_fso.DeleteFile szOutputFilename
            exit sub
        end if
    end if

    ' Read in the results from the file into a variable we
    ' can work with.
    Const ForReading = 1, ForWriting = 2, ForAppending = 8
    Set objFile = g_fso.OpenTextFile(szOutputFilename, ForReading, False)
    szResultsText = objFile.ReadAll
    objFile.Close

    ' We're done with the temp file.  Delete it.
    g_fso.DeleteFile szOutputFilename

    ' Parse the results from the file.  Should look
    ' something like:
    '   Server:  my.dns.com
    '   Address:  10.0.0.10
    '
    '   Name:    myHostname.mydomain.com
    '   Address:  10.0.0.123

    Set re = New RegExp
    re.multiline = True
    re.Global = True
    re.IgnoreCase = True
    re.Pattern = "^Name:\s*(\S+)$"

    Dim szHostname

    if re.Test(szResultsText) then
        Set Matches = re.Execute(szResultsText)
        For each match in Matches
            szHostname = match.Submatches(0)
            ' We only care about the first (and only) match
            exit for
        Next
    else
        ' No luck finding the info from nslookup; default to
        ' IP address
        szHostname = szRemoteAddress
    end if

    ' Now we have the hostname that we can use as part of
    ' the log file name
    MsgBox "Session IP: " & szRemoteAddress & vbcrlf & _
           "Reverse Look'd Up Hostname: " & szHostName
end Sub
You also mentioned that you would like to read in your
username and password from an environment variable. The
following script shows you how you can read in information
from an environment variable. You would need to create the
necessary environment variables on your system:

Code:
' EnvironmentVariableExample.vbs
'
' Description:
' Example script which shows how to read and set envrionment variables using
' built-in VBScript functionality.
' 
' For a completed listing of the variables provided by the Windows operating
' system, see the "Environment Property" topic in the Windows Script Host
' documentation available from Microsoft:
'
'   http://msdn.microsoft.com/library/default.asp?url=/downloads/list/webdev.asp
'   http://www.microsoft.com/downloads/details.aspx?FamilyId=01592C48-207D-4BE1-8A76-1C4099D7BBB9&displaylang=en

' Global objects we'll use:
Set g_shell = CreateObject("WScript.Shell")

Dim g_objSysEnv
Dim g_objUserEnv

Set g_objSysEnv  = g_shell.Environment("SYSTEM")
Set g_objUserEnv = g_shell.Environment("USER")

'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
' ##### USER Env Variable examples #####
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
' Example #1.1: Read user-specific environment variable
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
szValue = g_objUserEnv("TEMP")
MsgBox "Here's your temporary folder (%TEMP%) value: " & vbcrlf & vbcrlf & _
       szValue
       
' If the value contains embedded variables, expand them and show the expanded
' value.
If Instr(szValue, "%") > 0 then 
    MsgBox "Here's your temporary folder with any embedded variables expanded:" & _
            vbcrlf & vbcrlf & _
            g_shell.ExpandEnvironmentStrings(szValue)
end if

'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
' Example #1.2: Write value to user-specific environment variable
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
szValue = InputBox("We're going to create a user-specific environment" & _
                        " variable." & vbcrlf & vbcrlf & _
                        "Please enter the value we should assign to " & _
                        "%MY_NEW_SPECIAL_ENV_VALUE%: ", _
                   "Set Env Variable", _
                   "Default value text")
                   
if szValue <> "" then
    g_objUserEnv("MY_NEW_SPECIAL_ENV_VALUE") = szValue
       
    ' Read it back in... and display it.
    MsgBox "Reading in the value again... now it's: " & vbcrlf & vbcrlf & _
        g_objUserEnv("MY_NEW_SPECIAL_ENV_VALUE")
end if

'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
' ##### SYSTEM Env Variable example #####
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
' Example #2.1: Read system-wide environment variable
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
szValue = g_objSysEnv("COMSPEC")
MsgBox "Here's the value of the %COMSPEC% environment variable: " & vbcrlf & _
        vbcrlf & _
        szValue
        
if Instr(szValue, "%") > 0 then
    MsgBox "Here's the value of %COMSPEC% with all embedded env variables " & _
        "expanded: " & vbcrlf & vbcrlf & _
        g_shell.ExpandEnvironmentStrings(szValue)
end if
Do these scripts help you to get started?

Thank you
JJH
Reply With Quote
  #4  
Old 01-15-2007, 09:38 PM
eazy2001x eazy2001x is offline
Registered User
 
Join Date: Jan 2007
Posts: 17
Thanks,

The Nslookup script wonít help much. What I was looking for was a way to call the nmap.exe program. Once the command finishes it will spit out an error code depending on what happens (Error level 0/1/2). Then I wanted to take the error level and use an ďif errorlevel =Ē statement 0 do this, 1 do this or 2 do that.

The environment values will help out a lot however, I would need to find out a way to prompt the user to enter username and password then take those values and have them set in the environment. This will allow me never to store username and passwords in the VBS script.
Reply With Quote
  #5  
Old 01-16-2007, 11:10 AM
jjh jjh is offline
VanDyke Customer Support
 
Join Date: Feb 2004
Posts: 819
Hi eazy2001x

The nslookup script will probably help you if you change the
command from nslookup to issuing an nmap command.
For example, you might change the command to look something
like this

Code:
    szCmd = "cmd /C nmap " & szRemoteAddress & "-p 23 " &_
        " > " & chr(34) & szOutputFilename & chr(34)
The nResult in the script is actually your error level.

Does this help you to change the nslookup script to use your
nmap command to get what you are looking for?

Thank you

JJH
Reply With Quote
  #6  
Old 01-16-2007, 03:43 PM
eazy2001x eazy2001x is offline
Registered User
 
Join Date: Jan 2007
Posts: 17
JJH thanks..

Ok.. i was able to execute the NS lookup connand and i wanted to use the find command so i can look for te word open. now if it fined the word open i want it to go to the next step. however, i cant seem to get the format to work right for the find command.

Code:
    ' Run nslookup locally
    szCmd = "cmd /C nmap " & szRemoteAddress & "-p 23 " & "| " & "find &chr(34)&open&chr(34)" & ">" & "nul" &_
        " > " & chr(34) & szOutputFilename & chr(34)
    ' MsgBox szCmd
    ' use Shell.Run(), to run the 'nslookup' command (szCmd) in
    ' a hidden window (0), and wait for it to completed so
    ' we can check the exit code (true).
    nResult = g_shell.Run(szCmd, 1, true)
I used the szCmd, 1, true to display the results on the screen.

The find command should work like this:
Code:
nmap 192.168.1.2 -p 23 | find "open">nul
and im executing the secure CRT like this:

securecrt /SCRIPT /l user /password pass 192.168.1.2
Reply With Quote
  #7  
Old 01-17-2007, 11:35 AM
jjh jjh is offline
VanDyke Customer Support
 
Join Date: Feb 2004
Posts: 819
Hi eazy.

It looks like you just need to change the way you are
quoting your string. Your string looked like this:

Code:
szcmd "cmd /C nmap " & szRemoteAddress & "-p 23 " & "| " & "find &chr(34)&open&chr(34)" & ">" & "nul" & " > " & chr(34) & szOutputFilename & chr(34)
Which will really be sending:
cmd /C nmap -p 23 | find &chr(34)&open&chr(34)>nul > ""
You'll probably want to change your string to look like this
instead:

Code:
szCmd "cmd /C nmap " & szRemoteAddress & "-p 23 | find ""open"" > " & chr(34) & szOutputFilename & chr(34)
What we are really looking for is the exit code of the
"find" command, which returns either zero (text was found)
or one (text was not found).

It's also not necessary to redirect to null - especially if
you specify parameter #2 as zero when calling g_Shell.run().
Zero as the second parameter tells the shell object to run
the command in a hidden window. For example:
nResult = g_shell.Run(szCmd, 0, true)
Does that work better for you?

Thanks
JJH

Last edited by jdev; 01-17-2007 at 11:56 AM.
Reply With Quote
  #8  
Old 01-17-2007, 01:18 PM
eazy2001x eazy2001x is offline
Registered User
 
Join Date: Jan 2007
Posts: 17
Ok,

I tried and tried and tried again.. even went and got a book on VB Scripting to help along with tons of googleing..

I was able to use the code you in the format you set for me and it seemed like it worked. however, i didnt see the file create so i tried to keep things simple by just doing the nmap then seeing if i could get the correct errorlevel when it found the string.

New Code:

Code:
 
Set g_shell = CreateObject("WScript.Shell")
Set g_fso = CreateObject("Scripting.FileSystemObject")

crt.screen.synchronous = true

Dim szRemoteAddress
szRemoteAddress = crt.Session.RemoteAddress

    szOutputFolder = g_shell.SpecialFolders("MyDocuments")
    szOutputFilename = szOutputFolder & "\nslookup-" & g_fso.GetTempName

    ' Run Searches for Telnet Active (port 23)
    szCmd = "cmd /C C:\progra~1\Secure~1\nmap " & szRemoteAddress & "-p 23 | find ""closed"" > " & chr(34) & szOutputFilename & chr(34)

    On Error Resume Next
    MsgBox ("Error # " & CStr(Err.Number) )
No mater whats found in from the find command i still get errorlevel 0. what am i doing wrong?
Reply With Quote
  #9  
Old 01-17-2007, 03:22 PM
jjh jjh is offline
VanDyke Customer Support
 
Join Date: Feb 2004
Posts: 819
Hi Eazy.

It looks like you have made a change to the code, which
leaves out the g_shell.run(szcmd), which means that you are
no longer issuing the command. The script in it's original
state issues an nslookup command and redirects the output to
a file. Then it reads the through the contents of the file
to parse out the data we are looking for.

Since you are not running the command, the errorlevel you
that is being reported is probably coming from something
other than Find.

Does this make sense?

JJH
Reply With Quote
  #10  
Old 01-18-2007, 07:22 AM
eazy2001x eazy2001x is offline
Registered User
 
Join Date: Jan 2007
Posts: 17
Correct, The error level reported is coming from find.exe because I’m sending the output from the Nmap port 23 check to it to determined weather the device is enabled or not for that connection.

IF its telnet I want it to follow a different set of commands verses the device being SSH enabled.

Example: The device 192.168.1.2 is a SSH enabled Cisco device. My batch file looks like this:

Code:
Nmap.exe 192.168.1.2 -p 23 | Find.exe closed>nul
echo %errorlevel%
Nmap.exe will check the device for telnet and pipe the output to the Find.exe command.

Code:
Starting Nmap 4.20 ( http://insecure.org ) at 2007-01-18 09:12 EST
Interesting ports on name.domain.com (192.168.1.2):
PORT   STATE  SERVICE
23/tcp closed telnet

Nmap finished: 1 IP address (1 host up) scanned in 2.172 seconds
The Find.exe command will kick out this output:

Code:
23/tcp closed telnet
Then set the errorlevel to 0 meaning that it found the word closed or set it to 1 meaning that it couldn’t find the word closed.

When I run the batch file from a command prompt I get the following:

Code:
c:\>test.bat
0
or

Code:
c:\>test.bat
1
Depending on what it finds.

I don’t think it’s really necessary for me to send the output to a file since I’m only using it to check for port 23 open or not. I also really appreciate all the help that you guys are giving me to get this project off the ground. I have spent days/hours trying to convert my batch file to script to work in SecureCRT.

Last edited by eazy2001x; 01-18-2007 at 09:56 AM.
Reply With Quote
  #11  
Old 01-18-2007, 11:28 AM
eazy2001x eazy2001x is offline
Registered User
 
Join Date: Jan 2007
Posts: 17
On a side note..

I was able to get the username and password function to work. Thank God For My Book and Google...


Code:
Dim us, ps
us = InputBox("Whats Your Username")
ps = InputBox("Whats Your Password")
Then i refer to the username and password like this

Code:
crt.session.connect "/SSH2 /ACCEPTHOSTKEYS /L "& us &" /PASSWORD "& ps &" /Z 6 " & szHost
Reply With Quote
  #12  
Old 01-18-2007, 01:04 PM
eazy2001x eazy2001x is offline
Registered User
 
Join Date: Jan 2007
Posts: 17
Ok,

So it doesnít seem like VBS kicks back "ErrorLevels" after applications complete. I did happen to see something in Visual Basic that used the main

This is what I used to see what type of errors got kicked back.
Code:
Dim szRemoteAddress
szRemoteAddress = crt.Session.RemoteAddress

    ' Run Searches for Telnet Active (port 23)
    szCmd = "cmd /C nmap.exe " & szRemoteAddress & " -p 23|find ""Closed"""

    On Error Resume Next
    MsgBox szCmd
    MsgBox ("Error Context " & Err.helpContext)
    MsgBox ("Error Help: " & Err.helpfile)
    MsgBox ("Error Description: " & Err.description)
    MsgBox ("Error Number: " & Err.number)
    MsgBox ("Error String: " & Err.Source)
It did return an Error Number and Error Context and they both were 0 no matter what was found. I also did a message box for the szCmd command to display the actual command that was getting issued then adjusted the format to perfection.

Another problem I have is that I donít think the actual commands get initiated. Because I sent the output to a file and still nothing no file was ever created.
Reply With Quote
  #13  
Old 01-18-2007, 03:02 PM
jjh jjh is offline
VanDyke Customer Support
 
Join Date: Feb 2004
Posts: 819
Hi Eazy.

You'll need to actually run the command in order to get any
exit code returned.

You're doing a great job setting up a variable that contains
a command string...
szCmd = "cmd /C nmap.exe " &
szRemoteAddress & " -p 23|find ""Closed"""
...but you're never actually running the command.

Here's an example of how to correct your current code use
the Run() function that is made available to you by
means of the VBScript WSHSHELL object:
szCmd = "cmd /C nmap.exe " &
szRemoteAddress & " -p 23|find ""Closed"""
Set objShell = CreateObject("WScript.Shell")
nResult = objShell.Run(szCmd, 5, True)

MsgBox "Command we attempted to run: " & vbcrlf & szCmd &
vbcrlf & "Exit code: " & nResult
Also, you're checking the Err object, but it won't
likely contain what you're really interested in (in this
case) even if you did run the command because it's the
return value of the VBScript Shell.Run() function
that will provide you with the exit code indicating the
return value of the "find" command you're running. The
Err object is designed to tell you about syntax
errors within your VBScript code, which is different than
looking for the exit code of an external process you have
launched.

JJH
Reply With Quote
  #14  
Old 01-18-2007, 04:03 PM
eazy2001x eazy2001x is offline
Registered User
 
Join Date: Jan 2007
Posts: 17
Thanks a million.. This makes two of three down before I can start putting everything together. I guess Iím not doing too bad for a person who just started VBS scripting a few days ago. I doubt that I will ever go back to batch again once I learn this as well as I know batch.


Ok, with the code below I am able to get the error levels by checking the nResult value once the command box closes.

Code:
Dim szRemoteAddress
szRemoteAddress = crt.Session.RemoteAddress

    ' Run Searches for Telnet Active (port 23)
    szCmd = "cmd /C nmap.exe " & szRemoteAddress & " -p 23|find ""open"">nul"
Set objShell = CreateObject("WScript.Shell")
nResult = objShell.Run(szCmd, 5, True)

If nResult = 0 then MsgBox "This Router Is A Telnet Enabled Device (Nortel/CPE)"
If nResult = 1 then MsgBox "This Router Is A SSH Enabled Device (Cisco/CPE)"
These two codes should be very helpful for many and i cant wait to get started on the reporting/log side now.
Reply With Quote
  #15  
Old 01-18-2007, 05:44 PM
jjh jjh is offline
VanDyke Customer Support
 
Join Date: Feb 2004
Posts: 819
Hi Eazy.

Regarding your need to enter a username and password, I also
wanted to let you know about the crt.dialog.messagebox
object, which will allow you to pop up a prompt for your
username and password, but it will display asterisks instead
of the actual characters that you are typing. That should
prevent bystanders from being able to see your password as
you type it.

The following code is an example of how it works:

Code:
szpassword = PromptForPassword
If szpassword <> "" then 
    crt.dialog.messagebox "You entered: " & szpassword
else
    crt.dialog.messagebox "Canceled"
end if

function PromptForPassword()
    nresult = crt.dialog.prompt("Please enter your password:","Enter Password","",True)  

    PromptForPassword = nresult
end function
Does that look like something you will want to use in your
script?

Thanks
JJH
Reply With Quote
Reply

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 01:35 PM.