• Stars
    star
    1
  • Language
    Python
  • License
    MIT License
  • Created over 1 year ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Python Connector for DBAPPSecurity Unified Security Management | 明御®运维审计与风险控制系统(堡垒机)

使用 Python 对明御堡垒机后的服务器进行自动化运维

明御®运维审计与风险控制系统(堡垒机)1 是由安恒信息出品的堡垒机产品,其支持通过 Web 界面与 SSH 对主机进行运维 2

其 Web 界面提供了批量运维的功能,用户可以通过申请 “API 访问键” 实现自动化运维;

而在其 SSH 方式中,运维者首先需要通过 SSH 协议登陆到统一的堡垒机,登陆后将会得到一个交互式终端,该终端无法执行系统命令,仅有选择服务器等基础功能。运维者需要通过方向键选择要运维的服务器,敲回车后,将会由该堡垒机连接内网的服务器,界面将会变为内网服务器的终端,此时将与直连内网服务器进行操作没有区别。

本项目通过使用 Paramiko 库将上述 SSH 方式的认证过程进行了自动化。通过使用本项目,你可以使用 Python 对明御堡垒机后的服务器进行自动化运维(批量执行 Shell 命令、批量获取交互式终端等),可以方便地与其他系统进行集成。

注意:堡垒机有能力“录制”你与堡垒机的完整交互过程,用于后续的安全审计。

环境搭建

# 安装 Python, pip, Poetry
sudo apt install python3 python3-pip
python3 -m pip install --upgrade pip
python3 -m pip config set global.index-url https://pypi.tuna.tsinghua.edu.cn/simple
python3 -m pip install poetry

# 下载代码
git clone https://github.com/WangYihang/DBAPPSecurity-Unified-Security-Management-Python-Connector
cd DBAPPSecurity-Unified-Security-Management-Python-Connector
poetry install

运行

  1. example.secrets.toml 复制为 .secrets.toml

  2. 编辑 .secrets.toml,填入对应的认证信息;

    1. DBAPP_SECURITY_USM_ENDPOINT 堡垒机地址,如:sso.example.com:60022
    2. DBAPP_SECURITY_USM_USERNAME 堡垒机账号;
    3. DBAPP_SECURITY_USM_PASSWORD 堡垒机密码;
    4. DBAPP_SECURITY_USM_OTP_SECRET 堡垒机“手机身份验证器”的“密钥”;
  3. 运行自动化运维脚本

    poetry run python main.py
    

示例代码

  1. 上传文件

    client = derive_new_client(server_id=1)
    client.enter_server()
    client.upload_file("/etc/passwd", "/tmp/49e43945-5270-4d16-9d73-917eff2710e8")
    client.exit_server()
    
  2. 执行系统命令并返回命令执行结果

    client = derive_new_client(server_id=1)
    client.enter_server()
    print(client.shell_exec("id"))
    client.exit_server()

FAQ

  1. 如何获取身份验证码

    poetry run python -c 'import pyotp; from config import settings; print(pyotp.TOTP(settings.DBAPP_SECURITY_USM_OTP_SECRET).now())'
    
  2. 可否通过 Paramiko 向内网服务器上传/下载文件?

    不能(应该)。

  3. 与服务器的连接最长能够维持多久?

    未知,但最大空闲时间是 30 分钟。

    经过测试,当与服务器的连接空闲超过 1800 秒时,连接将会被服务器主动关闭,并给出如下提示。

    [USM] session closed by 'idle timeout (1800 sec)'
    

More Repositories

1

Platypus

🔨 A modern multiple reverse shell sessions manager written in go
Go
1,503
star
2

GitHacker

🕷️ A `.git` folder exploiting tool that is able to restore the entire Git repository, including stash, common branches and common tags.
Python
1,408
star
3

Webshell-Sniper

🔨 Manage your website via terminal
Python
419
star
4

SourceLeakHacker

🐛 A multi threads web application source leak scanner
Python
379
star
5

ccupp

基于社会工程学的弱口令密码字典生成工具
Python
340
star
6

UsbKeyboardDataHacker

USB键盘流量包取证工具 , 用于恢复用户的击键信息
Python
320
star
7

Reverse-Shell-Manager

🔨 A multiple reverse shell session/client manager via terminal
Python
237
star
8

USB-Mouse-Pcap-Visualizer

USB mouse traffic packet forensic tool, mainly used to draw mouse movements and dragging trajectories
JavaScript
233
star
9

Exploit-Framework

🔥 An Exploit framework for Web Vulnerabilities written in Python
Python
170
star
10

Apache-HTTP-Server-Module-Backdoor

👺 A Simple Backdoor For Apache HTTP Server
C
151
star
11

MIT-6.031-Readings-zh-cn

麻省理工大学-18年春季学期-软件构造(6.031)课程阅读中文版
84
star
12

awesome-web-security

📓 Some notes and impressive articles of Web Security
74
star
13

Codiad-Remote-Code-Execute-Exploit

A simple exploit to execute system command on codiad
Python
64
star
14

Find-PHP-Vulnerabilities

🐛 A plug-in of sublime 2/3 which is able to find PHP vulnerabilities
Python
56
star
15

PwnMe

二进制渗透题目汇总
Python
54
star
16

IdiomsSolitaire

成语接龙
Python
48
star
17

sqli-labs

WriteUp of sqli-labs (GitBook : https://www.gitbook.com/book/wangyihang/sqli-labs/details)
39
star
18

12306

12306网站抢票Python脚本
Python
28
star
19

WebShellCracker

WebShell密码爆破工具
Python
19
star
20

LinuxShellScript

LinuxShell编程笔记
Shell
15
star
21

SQL-Hacker

简单SQL注入工具
Python
14
star
22

XorShellcode

Shellcode异或加密工具
Python
12
star
23

Subdomain-Crawler

A program for collecting subdomains of a list of given second-level domains (SLD)
Go
12
star
24

ShellcodeSpider

Shellcode Spider of Exploit-DB
C
12
star
25

HIT-Courses-Calendar

哈尔滨工业大学教务处课表Excel转换iCal脚本
Python
10
star
26

gojob

Go(od) Job is a simple job scheduler that supports task retries, logging, and task sharding.
Go
10
star
27

Proxy-Verifier

A set of tools designed to efficiently and effectively locate publicly available proxy server resources.
Go
9
star
28

PPT-Generator

Generate PPT via a simple summary
Python
9
star
29

tplayer

一个Linux终端播放器 , 使用字符绘制图片/视频 , 并按照帧率播放
Python
8
star
30

Presentations

8
star
31

t3sec-network-flow-analysis

6
star
32

acw-sc-v2.js

`acw_sc__v2` cookie generator
HTML
5
star
33

Docker-Container-Exposer

Expose docker containers to public network
Shell
5
star
34

pickle-pickle

A arbitary python code executer via python pickle
Python
5
star
35

CrackMe

CrackMe 汇总
Python
5
star
36

Platypus-Python

Python
5
star
37

SimpleEncrypter

简单shellcode加密工具(存在 0 字节)
Python
4
star
38

Markdown-URL-to-Title

Python
4
star
39

DBLP-Spider

A spider tool for downloading the DBLP search results into local BibTeX files.
Python
4
star
40

MovieSearcher

电影资源搜索工具
Python
3
star
41

Image-LSB-Stego

Python
3
star
42

http-grab

Go
2
star
43

tranco-go-package

Go
2
star
44

acw-sc-v2-py

Python requests.HTTPAdapter for `acw_sc__v2`
Python
2
star
45

dns-grab

Go
2
star
46

PrintableShellcodeCreator

可打印shellcode生成工具
C
2
star
47

bgphenet

Go
1
star
48

acw-sc-v2-go

Go
1
star
49

ModifyHeadersForChrome

ModifyHeadersForChrome
JavaScript
1
star
50

ProcessInjector

C
1
star
51

JBrowserWithPulgins

Java实现的一个简单的Web浏览器 , 提供了插件功能 , 目前插件有下载地址分析器
Java
1
star