I wanted to change current user for script execution. I did this
import os
newuid = pwd.getpwnam('newuser').pw_uid
os.setuid(newuid)
print('User :' + getpass.getuser());
I am still getting root. Is there better way than this? I want switch user once and then continue rest of the commands execution in the script with that new user.
getpass.getuser() doesn't use getuid() or geteuid() to get the current user.
http://docs.python.org/3/library/getpass.html#getpass.getuser
This function checks the environment variables LOGNAME, USER, LNAME and USERNAME, in order, and returns the value of the first one which is set to a non-empty string. If none are set, the login name from the password database is returned on systems which support the pwd module, otherwise, an exception is raised.
After trying modules os, subprocess, getpass, I realised that the problem is not whether the user is set. The user gets set or gets changed using os.setuid, however, the methods from modules to get username like os.getlogin(), getpass.getuser(), actually does not get username properly. If you run a shell command whoami or idusing subprocess.Popen() or os.system(), you will get the changed user. These are little puzzled outputs for me. Below is script which shows all these weird behaviours.
import os
import subprocess
import pwd
import getpass
#os.chdir("/tmp")
#uid = pwd.getpwnam('newuser').pw_uid
os.setuid(500) # newuser's id found from shell cmd line
print os.getuid()
p = subprocess.Popen(['id'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
out, err = p.communicate()
# print os.system('useradd newuser1') # Try this commenting, it will not create, and then try commenting above line of setuid. i.e. it will become root, and then see the change.
# print os.getcwd()
print out,err
p = subprocess.Popen(['whoami'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
out, err = p.communicate()
print out,err
print getpass.getuser()
print os.getlogin()
print os.system('whoami')
Related
I have written a small Python code to test it for a bigger project. The subprocess works great if everything's fine. But I want to parse the output error message for particular errors so I can figure out what the error is such as- IP not in network, or wrong username, wrong password.
Even the print at the end doesnt work. My interest in however not to print those. I was merely checking if the parsing works!
import sys
import subprocess
import os
ip = "192.168.1.20"
password = "password"
username = "sam"
ans = subprocess.check_output(['sudo','xfreerdp','-p',password, ip])
for line in ans.split('\n'):
if "protocol security negotiation" in line:
print "Not Windows!"
print "JUST TO test if this print works and it doesnt!!"
Try using try..except
import sys
import subprocess
import os
ip = "192.168.1.20"
password = "password"
username = "sam"
try:
ans = subprocess.check_output(['sudo','xfreerdp','-p',password, ip])
except subprocess.CalledProcessError as e:
ans = e.output
for line in ans.split('\n'):
if "protocol security negotiation" in line:
print "Not Windows!"
print "JUST TO test if this print works and it doesnt!!"
You need to redirect STDERR in order to check messages printed to it. Add:
subprocess.check_output(['sudo','xfreerdp','-p',password, ip], stderr=subprocess.STDOUT)
I am writing a script to extract something from a specified path. I am returning those values into a variable. How can i check whether the shell command has returned something or nothing.
My Code:
def any_HE():
global config, logger, status, file_size
config = ConfigParser.RawConfigParser()
config.read('config2.cfg')
for section in sorted(config.sections(), key=str.lower):
components = dict() #start with empty dictionary for each section
#Retrieving the username and password from config for each section
if not config.has_option(section, 'server.user_name'):
continue
env.user = config.get(section, 'server.user_name')
env.password = config.get(section, 'server.password')
host = config.get(section, 'server.ip')
print "Trying to connect to {} server.....".format(section)
with settings(hide('warnings', 'running', 'stdout', 'stderr'),warn_only=True, host_string=host):
try:
files = run('ls -ltr /opt/nds')
if files!=0:
print '{}--Something'.format(section)
else:
print '{} --Nothing'.format(section)
except Exception as e:
print e
I tried checking 1 or 0 and True or false but nothing seems to be working. In some servers, the path '/opt/nds/' does not exist. So in that case, nothing will be there on files. I wanted to differentiate between something returned to files and nothing returned to files.
First, you're hiding stdout.
If you get rid of that you'll get a string with the outcome of the command on the remote host. You can then split it by os.linesep (assuming same platform), but you should also take care of other things like SSH banners and colours from the retrieved outcome.
As perror commented already, the python subprocess module offers the right tools.
https://docs.python.org/2/library/subprocess.html
For your specific problem you can use the check_output function.
The documentation gives the following example:
import subprocess
subprocess.check_output(["echo", "Hello World!"])
gives "Hello World"
plumbum is a great library for running shell commands from a python script. E.g.:
from plumbum.local import ls
from plumbum import ProcessExecutionError
cmd = ls['-ltr']['/opt/nds'] # construct the command
try:
files = cmd().splitlines() # run the command
if ...:
print ...:
except ProcessExecutionError:
# command exited with a non-zero status code
...
On top of this basic usage (and unlike the subprocess module), it also supports things like output redirection and command pipelining, and more, with easy, intuitive syntax (by overloading python operators, such as '|' for piping).
In order to get more control of the process you run, you need to use the subprocess module.
Here is an example of code:
import subprocess
task = subprocess.Popen(['ls', '-ltr', '/opt/nds'], stdout=subprocess.PIPE)
print task.communicate()
Python script is designed to run with elevated credentials, unfortunately
it still prompts me for password
when I enter the correct password it doesn't work
Here is script1, which calls script2 with elevated credentials
import os
import sys, subprocess, socket, string
import wmi, win32api, win32con
import win32com.shell.shell as sh
ASADMIN = '/user:DOMAIN\username'
os.system('"runas /user:DOMAIN\username "D:/Python27/python.exe script2.py sender-ip=10.10.10.10 < password.txt""')
sys.exit(0)
if sys.argv[-1] != ASADMIN:
script = os.path.abspath(sys.argv[0])
params = ''.join([ASADMIN] + ['D:\Python27\python.exe',script] + sys.argv[1:])
sh.ShellExecuteEx(lpVerb='runas',lpFile=sys.executable,lpParameters=params)
sys.exit(0)
Here is script2
import sys, subprocess, socket, string
import wmi, win32api, win32con
for args in [item.strip('sender-ip=') for item in sys.argv[1:]]:
userIP = args
userloggedon = ""
# perform system lookup of IP address
userIP = "\\\\" + userIP
pst = subprocess.Popen(
["D:\pstools\psloggedon.exe", "-l", "-x", userIP],
stdout = subprocess.PIPE,
stderr = subprocess.PIPE
)
out, error = pst.communicate()
userLoggedOn = out.split('\n')[1].strip()
print 'userId={}'.format(userLoggedOn)
f = open('D:\SymantecDLP\Protect\plugins\output.txt', 'w')
f.write('userId={}'.format(userLoggedOn))
output.txt is not created
Any ideas?
EDIT
I also read this thread, How to supply password to runas command when executing it from java
but no matter what I try I keep getting the error
Attempting to start c:\test.bat as user "DOMAIN\username" ...
RUNAS ERROR: Unable to run - c:\test.bat
1326: Logon failure: unknown user name or bad password.
Let's talk about your problems one at the time.
1. It still prompts me for password
In the line
os.system('"runas /user:DOMAIN\username "D:/Python27/python.exe script2.py sender-ip=10.10.10.10 < password.txt""')
you're providing the password to script2. runas command still need a password since is trying to run a program as another user.
2. When I enter the correct password it doesn't work
Well ... The code does'n work that's clear. But, you have to be more specific when asking a question. Right now a look to your code and I can see that you're trying to do ping on a remote machine.
Might the remote machine has a firewall?
Have you tryed doing ping manually?
Edit: The output.txt file is not created, and running the script don't tell you nothing about error writting the file, obviously your code is hitting one of the sys.exit() lines.
You can use PsExec
https://learn.microsoft.com/en-us/sysinternals/downloads/psexec
You can supply a username and password and executing does not need to be elevated to admin:
psexec [\computer[,computer2[,...] | #file]]\ [-u user [-p psswd] [-n s][-r servicename][-h][-l][-s|-e][-x][-i [session]][-c [-f|-v]][-w directory][-d][-][-a n,n,...] cmd [arguments]
Use the -e switch to give the same results as Runas /netonly:
-e Does not load the specified account’s profile.
I've been trying to code a bit of a "game" to help others learn python, but I've run into a wall right after I jumped out of the brainstorming phase.
See, it involves making a script open another script, and then insert input to it. For example:
username = raw_input('Insert username:')
password = raw_input('Insert password:')
if username == user:
if password == 1234:
print('Congratulations, you cracked it!')
This would be my source code. Then I'd have another code, in which I'd write something to open the former script, insert "user" as if I'd typed it myself in the command prompt, and then tried to insert every number between 0 and, say, 10000. So something like:
for n in range(0, 10000)
[Insert script to open file]
[input 'user']
[input n]
How would I go on about to code the last part?
The subprocess module lets you run another program—including a script—and control its input and output. For example:
import subprocess, sys
p = subprocess.Popen([sys.executable, 'thescript.py'], stdin=subprocess.PIPE)
p.stdin.write('user\n')
p.stdin.write('{}\n'.format(n))
p.wait()
If you can build all the input at once and pass it as a single string, you can use communicate.
If you also want to capture its output, add another PIPE for stdout.
import subprocess
p = subprocess.Popen(['python', 'thescript.py'],
stdin=subprocess.PIPE, stdout=subprocess.PIPE)
out, err = p.communicate('user\n{}\n'.format(n))
For details on how this works, read the documentation; it's all explained pretty well. (However, it's not organized perfectly; you might want to read the opening section, then skip down to "Replacing Older Functions", then read the "Frequently Used Arguments", then come back to the top and go through in order.)
If you need to interact with it in any way more complicated than "send all my input, then get all the output", that gets very hard to do correctly, so you should take a look at the third-party pexpect module.
Would this be what you wanted?
import subprocess
for n in range(0, 10000):
p = subprocess.Popen("python another_script.py", shell=True,
stdin=subprocess.PIPE, stdout=subprocess.PIPE)
p.stdin.write("user\n" + str(n) + "\n")
out = p.stdout.read()
if "cracked" in out:
print "cracked: " + str(n)
break
Okay, I did it. Thanks for the help guys, but I settled with using modules.
I made my own small module like this:
Filename: pass1
def insertpassword(username, password):
if username == 'user':
if password == '12345':
print('You did it!')
Then what I do is:
import pass1
pass1.insertpassword(raw_input('Insert username:'),raw_input('Insert password:'))
As for the cracking:
import pass1
for n in range(0, 100000):
pass1.insertpassword('user', str(n))
Thanks anyway, everyone.
I am trying to do a CVS login from Python by calling the cvs.exe process.
When calling cvs.exe by hand, it prints a message to the console and then waits for the user to input the password.
When calling it with subprocess.Popen, I've noticed that the call blocks. The code is
subprocess.Popen(cvscmd, shell = True, stdin = subprocess.PIPE, stdout = subprocess.PIPE,
stderr = subprocess.PIPE)
I assume that it blocks because it's waiting for input, but my expectation was that calling Popen would return immediately and then I could call subprocess.communicate() to input the actual password. How can I achieve this behaviour and avoid blocking on Popen?
OS: Windows XP
Python: 2.6
cvs.exe: 1.11
Remove the shell=True part. Your shell has nothing to do with it. Using shell=True is a common cause of trouble.
Use a list of parameters for cmd.
Example:
cmd = ['cvs',
'-d:pserver:anonymous#bayonne.cvs.sourceforge.net:/cvsroot/bayonne',
'login']
p = subprocess.Popen(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE)
This won't block on my system (my script continues executing).
However since cvs reads the password directly from the terminal (not from standard input or output) you can't just write the password to the subprocess' stdin.
What you could do is pass the password as part of the CVSROOT specification instead, like this:
:pserver:<user>[:<passwd>]#<server>:/<path>
I.e. a function to login to a sourceforge project:
import subprocess
def login_to_sourceforge_cvs(project, username='anonymous', password=''):
host = '%s.cvs.sourceforge.net' % project
path = '/cvsroot/%s' % project
cmd = ['cvs',
'-d:pserver:%s:%s#%s:%s' % (username, password, host, path),
'login']
p = subprocess.Popen(cmd, stdin=subprocess.PIPE,
stdout=subprocess.PIPE
stderr=subprocess.STDOUT)
return p
This works for me. Calling
login_to_sourceforge_cvs('bayonne')
Will log in anonymously to the bayonne project's cvs.
If you are automating external programs that need input - like password - your best bet would probably be to use pexpect.