如果没有下载相应的库,应该先下载
Pexpect:https://pypi.python.org/pypi/pexpect/
Pexpect模块可以实现与程序交互、实现非交互登陆等一些操作的实现。
#!/usr/bin/python #coding=utf-8 import pexpect #SSH连接成功时的命令行交互窗口中前面的提示字符的集合 PROMPT = ['# ','>>> ','> ','\$ '] def send_command(child,cmd): #发送一条命令 child.sendline(cmd) #期望有命令行提示字符出现 child.expect(PROMPT) #将之前的内容都输出 print child.before def connect(user,host,password): #表示主机已使用一个新的公钥的消息 ssh_newkey = 'Are you sure you want to continue connecting' connStr = 'ssh ' + user + '@' + host #为ssh命令生成一个spawn类的对象 child = pexpect.spawn(connStr) #期望有ssh_newkey字符、提示输入密码的字符出现,否则超时 ret = child.expect([pexpect.TIMEOUT,ssh_newkey,'[P|p]assword: ']) #匹配到超时TIMEOUT if ret == 0: print '[-] Error Connecting' return #匹配到ssh_newkey if ret == 1: #发送yes回应ssh_newkey并期望提示输入密码的字符出现 child.sendline('yes') ret = child.expect([pexpect.TIMEOUT,'[P|p]assword: ']) #匹配到超时TIMEOUT if ret == 0: print '[-] Error Connecting' return #发送密码 child.sendline(password) child.expect(PROMPT) return child def main(): host='10.10.10.128' user='msfadmin' password='msfadmin' child=connect(user,host,password) send_command(child,'uname -a') if __name__ == '__main__': main()
这段代码没有进行命令行参数的输入以及没有实现命令行交互。
调用方式:myssh.py
【修改的代码】来自:https://blog.csdn.net/SKI_12
这段代码可以进一步改进一下,下面的是改进的代码,实现了参数化输入以及命令行shell交互的形式:
#!/usr/bin/python #coding=utf-8 import pexpect from optparse import OptionParser #SSH连接成功时的命令行交互窗口中的提示符的集合 PROMPT = ['# ','>>> ','> ','\$ '] def send_command(child,cmd): #发送一条命令 child.sendline(cmd) #期望有命令行提示字符出现 child.expect(PROMPT) #将之前的内容都输出 print child.before.split('\n')[1] def connect(user,host,password): #表示主机已使用一个新的公钥的消息 ssh_newkey = 'Are you sure you want to continue connecting' connStr = 'ssh ' + user + '@' + host #为ssh命令生成一个spawn类的对象 child = pexpect.spawn(connStr) #期望有ssh_newkey字符、提示输入密码的字符出现,否则超时 ret = child.expect([pexpect.TIMEOUT,ssh_newkey,'[P|p]assword: ']) #匹配到超时TIMEOUT if ret == 0: print '[-] Error Connecting' return #匹配到ssh_newkey if ret == 1: #发送yes回应ssh_newkey并期望提示输入密码的字符出现 child.sendline('yes') ret = child.expect([pexpect.TIMEOUT,ssh_newkey,'[P|p]assword: ']) #匹配到超时TIMEOUT if ret == 0: print '[-] Error Connecting' return #发送密码 child.sendline(password) child.expect(PROMPT) return child def main(): parser = OptionParser("[*] Usage : ./sshCommand2.py -H <target host> -u <username> -p <password>") parser.add_option('-H',dest='host',type='string',help='specify target host') parser.add_option('-u',dest='username',type='string',help='target username') parser.add_option('-p',dest='password',type='string',help='target password') (options,args) = parser.parse_args() if (options.host == None) | (options.username == None) | (options.password == None): print parser.usage exit(0) child=connect(options.username,options.host,options.password) while True: command = raw_input('<SSH> ') send_command(child,command) if __name__ == '__main__': main()
这样就可以指定目标主机进行SSH连接并实现了SSH一样的命令行交互体验了:
调用方式:myssh.py -H 192.168.1.1 -u lyshark -p 123123