--- /dev/null
+#!/usr/bin/env expect
+
+# Agentless monitoring
+#
+# Copyright (C) 2009 Trend Micro Inc.
+# All rights reserved.
+#
+# This program is a free software; you can redistribute it
+# and/or modify it under the terms of the GNU General Public
+# License (version 2) as published by the FSF - Free Software
+# Foundation.
+
+if {$argc < 1} {
+ send_user "ERROR: ssh_pixconfig_diff <hostname> <commands>\n";
+ exit 1;
+}
+
+# NOTE: this script must be called from within /var/ossec for it to work
+set passlist "agentless/.passlist"
+set hostname [lindex $argv 0]
+set commands [lrange $argv 1 end]
+set pass "x"
+set addpass "x"
+set timeout 20
+
+if {[string compare $hostname "test"] == 0} {
+ if {[string compare $commands "test"] == 0} {
+ exit 0;
+ }
+}
+
+# Read the password list
+if [catch {
+ set in [open "$passlist" r]
+} loc_error] {
+ send_user "ERROR: Password list not present (use \"register_host\" first).\n"
+ exit 1;
+}
+
+while {[gets $in line] != -1} {
+ set me [string first "|" $line]
+ set me2 [string last "|" $line]
+ set length [string length $line]
+
+ if {$me == -1} {
+ continue;
+ }
+ if {$me2 == -1} {
+ continue;
+ }
+ if {$me == $me2} {
+ continue;
+ }
+
+ set me [expr $me-1]
+ set me2 [expr $me2-1]
+
+ set host_list [string range $line 0 $me]
+ set me [expr $me+2]
+ set pass_list [string range $line $me $me2]
+ set me2 [expr $me2+2]
+ set addpass_list [string range $line $me2 $length]
+
+ if {[string compare $host_list $hostname] == 0} {
+ set pass "$pass_list"
+ set addpass "$addpass_list"
+ break
+ }
+}
+close $in
+
+if {[string compare $pass "x"] == 0} {
+ send_user "ERROR: Password for '$hostname' not found.\n"
+ exit 1;
+}
+
+# SSH to the box and pass the directories to check
+if [catch {
+ spawn ssh -c des $hostname
+} loc_error] {
+ send_user "ERROR: Opening connection: $loc_error.\n"
+ exit 1;
+}
+
+expect {
+ "WARNING: REMOTE HOST" {
+ send_user "ERROR: RSA host key for '$hostname' has changed. Unable to access.\n"
+ exit 1;
+ }
+ "*sure you want to continue connecting*" {
+ send "yes\r"
+ expect "* password:*" {
+ send "$pass\r"
+
+ expect {
+ "Permission denied" {
+ send_user "ERROR: Incorrect password to remote host: $hostname .\n"
+ exit 1;
+ }
+ timeout {
+ send_user "ERROR: Timeout while running on host (too long to finish): $hostname .\n"
+ exit 1;
+ }
+ "*>" {
+ send_user "\nINFO: Starting.\n"
+ }
+ }
+ }
+ }
+ "ssh: connect to host*" {
+ send_user "ERROR: Unable to connect to remote host: $hostname .\n"
+ exit 1;
+ }
+ "no address associated with name" {
+ send_user "ERROR: Unable to connect to remote host: $hostname .\n"
+ exit 1;
+ }
+ "*Connection refused*" {
+ send_user "ERROR: Unable to connect to remote host: $hostname .\n"
+ exit 1;
+ }
+ "*Connection closed by remote host*" {
+ send_user "ERROR: Unable to connect to remote host: $hostname .\n"
+ exit 1;
+ }
+ "*Password:*" {
+ send "$pass\r"
+
+ expect {
+ "Permission denied" {
+ send_user "ERROR: Incorrect password to remote host: $hostname .\n"
+ exit 1;
+ }
+ timeout {
+ send_user "ERROR: Timeout while running on host (too long to finish): $hostname .\n"
+ exit 1;
+ }
+ "*>" {
+ send_user "INFO: Starting.\n"
+ }
+ }
+ }
+ timeout {
+ send_user "ERROR: Timeout while connecting to host: $hostname . \n"
+ exit 1;
+ }
+}
+
+# Go into enable mode
+send "enable\r"
+expect {
+ "Password:" {
+ send "$addpass\r"
+
+ expect {
+ "*asswor*" {
+ send_user "ERROR: Incorrect enable password to remote host: $hostname .\n"
+ exit 1;
+ }
+ "*rror in authenticatio*" {
+ send_user "ERROR: Incorrect enable password to remote host: $hostname .\n"
+ exit 1;
+ }
+ timeout {
+ send_user "ERROR: Timeout while going to enable mode on host: $hostname .\n"
+ exit 1;
+ }
+ "*#" {
+ send_user "ok on enable pass\n"
+ }
+ }
+ }
+ timeout {
+ send_user "ERROR: Timeout while running enable on host: $hostname .\n"
+ exit 1;
+ }
+}
+
+# Send commands
+set timeout 60
+send_user "\nSTORE: now\n"
+
+send "no pager\r"
+send "term len 0\r"
+send "terminal pager 0\r"
+
+# Exclude uptime from the output
+send "show version | grep -v Configuration last| up\r"
+send "show running-config\r"
+send "$commands\r"
+send "exit\r"
+
+expect {
+ timeout {
+ send_user "ERROR: Timeout while running commands on host: $hostname .\n"
+ exit 1;
+ }
+ eof {
+ send_user "\nINFO: Finished.\n"
+ exit 0;
+ }
+}
+
+send_user "ERROR: Unable to finish properly.\n"
+exit 1;