Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Paste
P9118
power_password.py
Active
Public
Actions
Authored by
ayounsi
on Sep 17 2019, 1:56 PM.
Edit Paste
Archive Paste
View Raw File
Subscribe
Mute Notifications
Award Token
Flag For Later
Tags
None
Referenced Files
F30381113: raw.txt
Sep 17 2019, 1:56 PM
2019-09-17 13:56:36 (UTC+0)
Subscribers
None
#!/usr/bin/python3
#
# Command line tool to change password on Sentry 3 and 4 PDUs
# Can also check if the default password is still set
# 1/ Create a pdus.txt file
# 2/ usage: power_password.py [-h] [--username USERNAME] [--pdus_list PDUS_LIST]
# [--check_default]
#
# Update Sentry PDUs passwords
#
# optional arguments:
# -h, --help show this help message and exit
# --username USERNAME Username
# --pdus_list PDUS_LIST
# File containing list of hosts to tackle
# --check_default Check for default user
#
import
argparse
import
getpass
import
logging
import
requests
import
urllib3
logging
.
basicConfig
(
level
=
logging
.
INFO
)
logger
=
logging
.
getLogger
()
urllib3
.
disable_warnings
()
# Mute insecure TLS warning (as PDUs certs are self signed)
success
=
False
arg_parser
=
argparse
.
ArgumentParser
(
description
=
'Update Sentry PDUs passwords'
)
arg_parser
.
add_argument
(
'--username'
,
help
=
'Username'
,
default
=
'root'
)
arg_parser
.
add_argument
(
'--pdus_list'
,
help
=
'File containing list of hosts to tackle'
,
default
=
'pdus.txt'
)
arg_parser
.
add_argument
(
'--check_default'
,
help
=
'Check for default user'
,
action
=
'store_true'
,
default
=
True
)
args
=
arg_parser
.
parse_args
()
pdus_list
=
open
(
args
.
pdus_list
,
'r'
)
current_password
=
getpass
.
getpass
(
"Current password:"
)
if
current_password
==
''
:
logger
.
error
(
'Can
\'
t be empty ๐'
)
exit
(
1
)
new_password
=
getpass
.
getpass
(
"New password:"
)
new_password_bis
=
getpass
.
getpass
(
"Again, just to be sure:"
)
if
new_password
!=
new_password_bis
:
logger
.
error
(
'They don
\'
t match ๐'
)
exit
(
1
)
payload_sentry3
=
{
'Current_Password'
:
current_password
,
'New_Password'
:
new_password
,
'New_Password_Verify'
:
new_password
}
payload_sentry4
=
{
'FormButton'
:
'Apply'
,
'UPWC'
:
current_password
,
'UPW'
:
new_password
,
'UPWV'
:
new_password
}
for
line
in
pdus_list
.
readlines
():
pdu_fqdn
=
line
.
rstrip
(
'
\n
'
)
if
not
pdu_fqdn
:
# Skip empty lines if any
continue
logger
.
info
(
pdu_fqdn
)
try
:
response_version_check
=
requests
.
get
(
"https://{fqdn}/chngpswd.html"
.
format
(
fqdn
=
pdu_fqdn
),
verify
=
False
,
auth
=
(
args
.
username
,
current_password
))
if
response_version_check
.
status_code
is
200
:
if
'v7'
in
response_version_check
.
headers
[
'Server'
]:
payload
=
payload_sentry3
logger
.
info
(
'Sentry 3 detected'
)
elif
'v8'
in
response_version_check
.
headers
[
'Server'
]:
payload
=
payload_sentry4
logger
.
info
(
'Sentry 4 detected'
)
else
:
logger
.
error
(
'Unknown Sentry version'
)
continue
else
:
logger
.
error
(
"Error {status_code} while trying to change the password."
.
format
(
status_code
=
response_version_check
.
status_code
))
response_change_pw
=
requests
.
post
(
"https://{fqdn}/Forms/chngpswd_1"
.
format
(
fqdn
=
pdu_fqdn
),
data
=
payload
,
verify
=
False
,
auth
=
(
args
.
username
,
current_password
))
if
response_change_pw
.
status_code
is
200
:
response_check_success
=
requests
.
get
(
"https://{fqdn}/chngpswd.html"
.
format
(
fqdn
=
pdu_fqdn
),
verify
=
False
,
auth
=
(
args
.
username
,
new_password
))
if
response_check_success
.
status_code
is
200
:
logger
.
info
(
'Password updated successfully ๐'
)
else
:
logger
.
error
(
'Error {status_code}. New password not working,
\
the change probably failed'
.
format
(
status_code
=
response_check_success
.
status_code
))
else
:
logger
.
error
(
"Error {status_code} while trying to change the password."
.
format
(
status_code
=
response_change_pw
.
status_code
))
if
args
.
check_default
:
response
=
requests
.
get
(
"https://{fqdn}/chngpswd.html"
.
format
(
fqdn
=
pdu_fqdn
),
verify
=
False
,
auth
=
(
'admn'
,
'admn'
))
if
response
.
status_code
is
200
:
logger
.
warning
(
'Default user found ๐'
)
else
:
logger
.
warning
(
'No default user ๐'
)
except
Exception
:
logger
.
error
(
'Something went wrong.'
)
Event Timeline
ayounsi
created this paste.
Sep 17 2019, 1:56 PM
2019-09-17 13:56:36 (UTC+0)
Log In to Comment