用python写的agent
解决apache+python无法执行一些root命令的问题
用root启动python服务器端,远程可以执行任何root命令
#/usr/bin/python
#Filename:agent.py
#siyu@2012-6-29
#example:
#curl hostname:PORT_NUMBER/?PASSWORD?COMMAND?OPTION
#
import time
import BaseHTTPServer
import urlparse
import os
PASSWORD = 'hello1234'
HOST_NAME = 'sqa.broom.cm4' # !!!REMEMBER TO CHANGE THIS!!!
PORT_NUMBER = 8082 # Maybe set this to 9000.
def testcommand(c):
commandzoo = ('ls','fdisk')
if c not in commandzoo:
return 1
return 0
class MyHandler(BaseHTTPServer.BaseHTTPRequestHandler):
def do_HEAD(s):
s.send_response(200)
s.send_header("Content-type", "text/html")
s.end_headers()
def do_GET(s):
"""Respond to a GET request."""
s.send_response(200)
s.send_header("Content-type", "text/html")
s.end_headers()
#s.wfile.write("<html><head><title>ngis agent</title></head>")
print s.path
string = s.path
string = string.split('?')
passwd = string[1]
command = string[2]
option = string[3]
if passwd == PASSWORD:
if testcommand(command) == 1:
s.wfile.write("command not found")
else:
x = ""
#x = "/bin/"
x = command
x += " "
x += option
print x
output = os.system(x)
print "result",output
s.wfile.write(output)
else:
s.wfile.write("password error")
#s.wfile.write("<p>You accessed path: %s</p>" % s.path)
#s.wfile.write("</body></html>")
if __name__ == '__main__':
server_class = BaseHTTPServer.HTTPServer
httpd = server_class((HOST_NAME, PORT_NUMBER), MyHandler)
print time.asctime(), "Server Starts - %s:%s" % (HOST_NAME, PORT_NUMBER)
try:
httpd.serve_forever()
except KeyboardInterrupt:
pass
httpd.server_close()
print time.asctime(), "Server Stops - %s:%s" % (HOST_NAME, PORT_NUMBER)
转载于:https://blog.51cto.com/myfuture/912687