86 lines
1.8 KiB
Go
86 lines
1.8 KiB
Go
package ssh
|
|
|
|
import (
|
|
"bufio"
|
|
"bytes"
|
|
"fmt"
|
|
|
|
ocsm "git.loafle.net/overflow/commons-go/sensorconfig/model"
|
|
"git.loafle.net/overflow/container_network/crawler/ssh/client"
|
|
"git.loafle.net/overflow/container_network/crawler/ssh/parser"
|
|
crawler "git.loafle.net/overflow/crawler-go"
|
|
sensorConfigUtil "git.loafle.net/overflow/overflow_commons_go/modules/sensor_config/util"
|
|
)
|
|
|
|
type SSHCrawler struct {
|
|
crawler.Crawler
|
|
}
|
|
|
|
func (c *SSHCrawler) Name() string {
|
|
return "SSH_CRAWLER"
|
|
}
|
|
|
|
func (c *SSHCrawler) Get(config *ocsm.SensorConfig) (map[string]string, error) {
|
|
sshClient, err := client.New(config.Target)
|
|
if nil != err {
|
|
return nil, err
|
|
}
|
|
|
|
itemCount := len(config.Items)
|
|
results := make(map[string]string, 0)
|
|
boundary := uuid.NewV4().String()
|
|
commands := ""
|
|
|
|
for i := 0; i < itemCount; i++ {
|
|
switch i {
|
|
case 0:
|
|
commands = config.Items[i].QueryInfo.Query
|
|
default:
|
|
commands = fmt.Sprintf("%s ; echo \"--%s\" ; %s ", commands, boundary, config.Items[i].QueryInfo.Query)
|
|
}
|
|
}
|
|
commands = fmt.Sprintf("%s ; echo \"--%s--\" ", commands, boundary)
|
|
|
|
buf, err := sshClient.RunCommand(commands)
|
|
if nil != err {
|
|
return nil, err
|
|
}
|
|
r := bytes.NewReader(buf)
|
|
scanner := bufio.NewScanner(r)
|
|
|
|
pScanner := parser.NewParserScanner(scanner, boundary)
|
|
|
|
for i := 0; i < itemCount; i++ {
|
|
item := config.Items[i]
|
|
mode := item.QueryInfo.Extend["mode"].(string)
|
|
p := parser.GetParser(mode)
|
|
if nil == p {
|
|
return nil, fmt.Errorf("Container: Parser[%s] is not exist", mode)
|
|
}
|
|
|
|
rm, err := p.Parse(pScanner)
|
|
if nil != err {
|
|
return nil, err
|
|
}
|
|
|
|
if nil != rm {
|
|
mm := sensorConfigUtil.KeysToMap(item.Keys)
|
|
for key, value := range mm {
|
|
results[value] = rm[key]
|
|
}
|
|
}
|
|
|
|
if !pScanner.Clean() {
|
|
break
|
|
}
|
|
}
|
|
|
|
return results, nil
|
|
}
|
|
|
|
func NewCrawler() crawler.Crawler {
|
|
c := &SSHCrawler{}
|
|
|
|
return c
|
|
}
|