我从CLI运行此命令,它工作正常......
curl -H Content-Type:text/plain -vLk https://10.42.0.197/exec/show%20ver --user chartley:<pw omitted>
现在当我把它放入bash脚本时,我得到以下内容......
* About to connect() to 10.42.0.197 port 443 (#0)
* Trying 10.42.0.197... connected
* Connected to 10.42.0.197 (10.42.0.197) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* warning: ignoring value of ssl.verifyhost
* skipping SSL peer certificate verification
* SSL connection using TLS_RSA_WITH_RC4_128_SHA
* Server certificate:
* subject: CN=ASA Temporary Self Signed Certificate
* start date: Jul 18 20:53:46 2013 GMT
* expire date: Jul 16 20:53:46 2023 GMT
* common name: ASA Temporary Self Signed Certificate
* issuer: CN=ASA Temporary Self Signed Certificate
* Server auth using Basic with user 'chartley'
> GET /exec/show%20version HTTP/1.1
> Authorization: Basic
> User-Agent: Firefox
> Host: 10.42.0.197
> Accept: */*
> Content-Type:text/plain
> < HTTP/1.1 401 Unauthorized < Date: Tue, 04 Apr 2017 22:06:53 UTC < Connection: close < Content-Type: text/html < Expires: Thu, 16 eb
1989 00:00:00 GMT
* Authentication problem. Ignoring this. < WWW-Authenticate: Basic realm="Authentication" < <HEAD><TITLE>Authorization
Required</TITLE></HEAD><BODY><H1>Authorization Required</H1>Browser
not authentication-capable or authentication failed.</BODY>
* Closing connection #0
我通过执行变量扩展回显了curl命令,并使用在CLI上运行的命令查找了字符的字符。
我错过了什么?
这是脚本
#!/usr/bin/bash
IFS=$'\n'
echo "Gimme yo password foo!!"
read -s pass
pass=$(echo $pass | sed 's/[(\!|\@|\#|\$|\%|\^|\&|\*|\(|\))&]/\\&/g')
if [[ "$2" =~ [:space:] ]];
then
CMD=`echo $2 | sed 's/ /\%20/g'`
#echo "space matched"
#echo "$2"
fi
if [[ "$CMD" =~ */* ]];
then
CMD=`echo $2 | 's/[\/]/\%2f/g'`
#echo "Slash matched"
#echo "$2"
fi
curl -H Content-Type:text/plain -vLk https://$1/exec/$CMD --user "$USER:$pass"
......它就这样运行...... ASA_do 10.42.0.197&#34; show ver&#34;
这是添加&#34; set -x&#34;的输出。在bash脚本中......
[chartley@s324phx-syslog ~]$ ASA_do 10.42.0.197 "show version"
+ echo 'Gimme yo password foo!!'
Gimme yo password foo!!
+ read -s pass
++ echo '<omitted>'
++ sed 's/[(\!|\@|\#|\$|\%|\^|\&|\*|\(|\))&]/\\&/g'
+ pass='<pw omitted>'
+ [[ show version =~ [:space:] ]]
++ echo 'show version'
++ sed 's/ /\%20/g'
+ CMD=show%20version
+ [[ show%20version =~ */* ]]
+ curl -H Content-Type:text/plain -vLk https://10.42.0.197/exec/show%20version --user 'chartley:<pw omitted>'
* About to connect() to 10.42.0.197 port 443 (#0)
* Trying 10.42.0.197... connected
* Connected to 10.42.0.197 (10.42.0.197) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* warning: ignoring value of ssl.verifyhost
* skipping SSL peer certificate verification
* SSL connection using TLS_RSA_WITH_RC4_128_SHA
* Server certificate:
* subject: CN=ASA Temporary Self Signed Certificate
* start date: Jul 18 20:53:46 2013 GMT
* expire date: Jul 16 20:53:46 2023 GMT
* common name: ASA Temporary Self Signed Certificate
* issuer: CN=ASA Temporary Self Signed Certificate
* Server auth using Basic with user 'chartley'
> GET /exec/show%20version HTTP/1.1
> Authorization: Basic <omitted>
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.18 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: 10.42.0.197
> Accept: */*
> Content-Type:text/plain
>
< HTTP/1.1 401 Unauthorized
< Date: Thu, 06 Apr 2017 20:39:38 UTC
< Connection: close
< Content-Type: text/html
< Expires: Thu, 16 Feb 1989 00:00:00 GMT
* Authentication problem. Ignoring this.
< WWW-Authenticate: Basic realm="Authentication"
<
<HEAD><TITLE>Authorization Required</TITLE></HEAD><BODY><H1>Authorization Required</H1>Browser not authentication-capable or authentication failed.</BODY>
* Closing connection #0
这是使用eval工作的脚本...
#!/usr/bin/bash
set -x
echo "Gimme yo password foo!!"
IFS=$'\n' read -r -s -p 'Password:' pass
pass=$(echo $pass | sed 's/[(\!|\@|\#|\$|\%|\^|\&|\*|\(|\))&]/\\&/g' | sed "s/'//g")
if [[ "$2" =~ [:space:] ]];
then
CMD=`echo $2 | sed 's/ /\%20/g'`
#echo "space matched"
#echo "$2"
fi
if [[ "$CMD" =~ */* ]];
then
CMD=`echo $2 | 's/[\/]/\%2f/g'`
#echo "Slash matched"
#echo "$2"
fi
eval curl -H Content-Type:text/plain -vLk https://$1/exec/$CMD --user "$USER:$pass"
答案 0 :(得分:0)
您可能想要使用:
read -r -s -p 'Password:' pass
curl ..... needed args .... --user "$USER:$pass"
没有任何密码mungling和喜欢。 (可能也不想改变IFS(是的,IFS=$'\n'在密码包含尾随空格时有帮助......但首先尝试没有任何IFS更改...)和{{ 1}}
答案 1 :(得分:0)
答案是添加&#34; eval&#34;到curl命令。
#!/usr/bin/bash
set -x
echo "Gimme yo password foo!!"
IFS=$'\n' read -r -s -p 'Password:' pass
pass=$(echo $pass | sed 's/[(\!|\@|\#|\$|\%|\^|\&|\*|\(|\))&]/\\&/g' | sed "s/'//g")
if [[ "$2" =~ [:space:] ]];
then
CMD=`echo $2 | sed 's/ /\%20/g'`
#echo "space matched"
#echo "$2"
fi
if [[ "$CMD" =~ */* ]];
then
CMD=`echo $2 | 's/[\/]/\%2f/g'`
#echo "Slash matched"
#echo "$2"
fi
eval curl -H Content-Type:text/plain -vLk https://$1/exec/$CMD --user "$USER:$pass"