-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathkvm_microserver.py
executable file
·97 lines (82 loc) · 2.45 KB
/
kvm_microserver.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
#!/usr/bin/env python3
import collections
import os
import os.path
import requests
import subprocess
import sys
import time
import simplexml
import urllib3
if len(sys.argv) != 4:
print("%s <user> <password> <ipmi address>" % (sys.argv[0],))
sys.exit(1)
user = sys.argv[1]
pswd = sys.argv[2]
host = sys.argv[3]
# Silence SSL Certification warnings
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
# Start a requests Session to have persistent cookies
s = requests.Session()
s.headers.update(
{
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:63.0) Gecko/20100101 Firefox/63.0",
"Accept-Language": "en-US,en;q=0.5",
}
)
s.verify = False
# Grab login page
s.get("https://%s/login.html" % (host,))
# Login
data = collections.OrderedDict([("user", user), ("password", pswd)])
r = s.post(
"https://%s/data/login" % (host,),
headers={"Referer": "https://%s/login.html" % (host,)},
data=data,
)
xml = simplexml.loads(r.text)
# Verify we correctly authenticated
assert int(xml["root"]["authResult"]) == 0
# Fetch the main menu
r = s.get(
"https://%s/%s" % (host, xml["root"]["forwardUrl"]),
headers={"Referer": "https://%s/login.html" % (host,)},
)
# Build viewer filename
host_ipv6 = 0
viewer_filename = "viewer.jnlp(%s@%s@%i000)" % (host, host_ipv6, int(time.time()))
# Download viewer
r = s.post(
"https://%s/%s" % (host, viewer_filename),
headers={"Referer": "https://%s/%s" % (host, "vkvm.html")},
)
with open("viewer.jnlp", "w") as f:
f.write(r.text)
# Verify we actually got some data
assert os.path.getsize("viewer.jnlp") > 0
# Write out temporary weak java security settings. Just to make sure we're not breaking on old KVM viewers
with open("java.security", "w") as f:
f.write(
"""jdk.certpath.disabledAlgorithms=
jdk.jar.disabledAlgorithms=
jdk.tls.disabledAlgorithms=
jdk.tls.legacyAlgorithms= \
K_NULL, C_NULL, M_NULL, \
DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
DH_RSA_EXPORT, RSA_EXPORT, \
DH_anon, ECDH_anon, \
RC4_128, RC4_40, DES_CBC, DES40_CBC, \
3DES_EDE_CBC"""
)
# Start javaws viewer
subprocess.call(
["javaws", "-J-Djava.security.properties=java.security", "-wait", "viewer.jnlp"]
)
# Remove our temporary files
os.remove("viewer.jnlp")
os.remove("java.security")
# Logout
r = s.get(
"https://%s/data/logout" % (host,),
headers={"Referer": "https://%s/%s" % (host, "vkvm.html")},
)