/
SwissTik.py
169 lines (154 loc) · 5.81 KB
/
SwissTik.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
import argparse
import paramiko
import re
import time
from time import sleep
parser = argparse.ArgumentParser(description='\nThe ideal tool for the lazy Admin\n\nAssists in changing or checking common configurations within seconds without the need to manually log in.\n\nThis tool uses SSH to open a connection to the target device\nDue to SSH being used this tool is sensitive to ssh configuration - if the connection fails please check "/ip services" & firewalls on your Mikrotik device.\n\n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~', formatter_class=argparse.RawTextHelpFormatter)
parser.add_argument(
"--command",
"-c",
default="None",
help=(
"List of commands:\n"
" check-mac\n"
" check-identity\n"
" check-scanlist\n"
" change-radioname\n"
" create-ssl\n"
))
parser.add_argument(
"--username",
"-u",
default="admin",
help="specify username for login"
)
parser.add_argument(
"--password",
"-p",
default="None",
help="specify password for login"
)
parser.add_argument(
"--target",
"-t",
default="0.0.0.0",
help="specify IP address to target"
)
parser.add_argument(
"--ssl",
"-s",
default="Cert-1",
help="Specify name for ssl certificate"
)
parser.add_argument(
"--radioname",
"-r",
default="None",
help="specify radio-name for wlan1 interface"
)
def MacRegex():
macregex = "([0-9a-fA-F]{2}:){5}[1-9a-fA-F]{2}"
file = open('temp-maccheck.txt', 'r')
for lines in file:
matches = re.search(macregex, lines)
if matches != None:
print(matches.group())
def ScanlistRegex():
scanregex = "scan-list=\d{4}-\d{4}"
file = open('temp-scanlist.txt', 'r')
for lines in file:
matches = re.search(scanregex, lines)
if matches != None:
print(matches.group())
def main(args):
#Check mac address of wlan1 interface
if args.command == "check-mac":
try:
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy)
client.connect(hostname = args.target , port='22', username= args.username ,password= args.password ,look_for_keys=False)
print("Connected to: "+(args.target))
stdin,stdout,stderr = client.exec_command('/interface wireless print')
output_read = stdout.readlines()
file=open('temp-maccheck.txt','w')
file.write(''.join(output_read))
file.close()
stdin,stdout,stderr.flush()
except:
print("# Connection failed to: ", args.target)
print("check that the port 22 is open on the target")
finally:
client.close()
MacRegex()
#Check scanlist of unit
elif args.command == "check-scanlist":
try:
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy)
client.connect(hostname = args.target , port='22', username= args.username ,password= args.password ,look_for_keys=False)
print("Connected to: "+(args.target))
stdin,stdout,stderr = client.exec_command('/interface wireless print')
output_read = stdout.readlines()
file=open('temp-scanlist.txt', 'w')
file.write(''.join(output_read))
file.close()
stdin,stdout,stderr.flush()
except:
print("# Connection failed to: ", args.target)
print("check that the port 22 is open on the target")
finally:
client.close()
ScanlistRegex()
#Check system identity of unit
elif args.command == "check-identity":
try:
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy)
client.connect(hostname = args.target , port='22', username= args.username ,password= args.password ,look_for_keys=False)
print("Connected to: "+(args.target))
stdin,stdout,stderr = client.exec_command('/system identity print')
output_read = stdout.readlines()
print(output_read)
stdin,stdout,stderr.flush()
except:
print("# Connection failed to: ", args.target)
print("check that the port 22 is open on the target")
finally:
client.close()
elif args.command == "change-radioname":
try:
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy)
client.connect(hostname = args.target , port='22', username= args.username ,password= args.password ,look_for_keys=False)
print("Connected to: "+(args.target))
stdin,stdout,stderr = client.exec_command('/interface wireless set wlan1 radio-name='+str(args.radioname))
print("Unit is reconnecting, radio-name changed to:"+str(args.radioname))
print("closing ssh connection...")
client.close()
stdin,stdout,stderr.flush()
except:
print("# Connection failed to: ", args.target)
print("check that the port 22 is open on the target")
elif args.command == "create-ssl":
try:
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy)
client.connect(hostname = args.target , port='22', username= args.username ,password= args.password ,look_for_keys=False)
print("Connected to: "+(args.target))
print("Creating SSL Certificate...\nPlease wait, this may take a while...")
stdin,stdout,stderr = client.exec_command('/certificate add name='+(args.ssl)+' common-name='+(args.ssl)+' key-usage=key-cert-sign,crl-sign key-size=2048 trusted=yes days-valid=1175')
print("Done")
stdin,stdout,stderr = client.exec_command(('/certificate sign '+(args.ssl)+' name='+(args.ssl)+' ca-crl-host='+(args.target)))
print("Signing certificate, please wait...")
time.sleep(30)
print("Done")
print("Assigning certificate to API-SSL service...")
stdin,stdout,stderr = client.exec_command('/ip service set api-ssl certificate='+(args.ssl))
print("SSL Certificate completed!")
client.close()
stdin,stdout,stderr.flush()
except:
print("# Connection failed to: ", args.target)
print("check that the port 22 is open on the target")
if __name__ == "__main__":
main(parser.parse_args())