container_network/crawler/ssh/SSHCrawler.go
crusader 3efa746c76 ing
2018-04-23 19:23:29 +09:00

95 lines
1.9 KiB
Go

package ssh
import (
"bufio"
"bytes"
"fmt"
uuid "github.com/satori/go.uuid"
ocsm "git.loafle.net/overflow/commons-go/sensorconfig/model"
"git.loafle.net/overflow/container_network/crawler/ssh/client"
"git.loafle.net/overflow/container_network/crawler/ssh/parser"
crawler "git.loafle.net/overflow/crawler-go"
)
type SSHCrawler struct {
crawler.Crawler
}
func (c *SSHCrawler) Name() string {
return "SSH"
}
func (c *SSHCrawler) String() string {
return "SSH Crawler"
}
func (c *SSHCrawler) Auth(auth map[string]interface{}) error {
return nil
}
func (c *SSHCrawler) Get(config *ocsm.SensorConfig) (map[string]string, error) {
sshClient, err := client.New(config.Target)
if nil != err {
return nil, err
}
itemCount := len(config.Items)
results := make(map[string]string, 0)
boundary := uuid.NewV4().String()
commands := ""
for i := 0; i < itemCount; i++ {
switch i {
case 0:
commands = config.Items[i].QueryInfo.Query
default:
commands = fmt.Sprintf("%s ; echo \"--%s\" ; %s ", commands, boundary, config.Items[i].QueryInfo.Query)
}
}
commands = fmt.Sprintf("%s ; echo \"--%s--\" ", commands, boundary)
buf, err := sshClient.RunCommand(commands)
if nil != err {
return nil, err
}
r := bytes.NewReader(buf)
scanner := bufio.NewScanner(r)
pScanner := parser.NewParserScanner(scanner, boundary)
for i := 0; i < itemCount; i++ {
item := config.Items[i]
mode := item.QueryInfo.Extend["mode"].(string)
p := parser.GetParser(mode)
if nil == p {
return nil, fmt.Errorf("Container: Parser[%s] is not exist", mode)
}
rm, err := p.Parse(pScanner)
if nil != err {
return nil, err
}
if nil != rm {
mm := ocsm.KeysToMap(item.Keys)
for key, value := range mm {
results[value] = rm[key]
}
}
if !pScanner.Clean() {
break
}
}
return results, nil
}
func NewCrawler() crawler.Crawler {
c := &SSHCrawler{}
return c
}