#!/usr/bin/perl -w use strict; use Expect; $|++; open STDERR, "/dev/null"; my $username="testuser"; my $password="password"; my $host="localhost"; my $timeout=5; my $exp = new Expect; $exp->log_file(undef); print "Content-type: text/html\n\n"; telnet_login($username,$password,$host,\$exp); $exp->expect($timeout, ['ncorrect', sub { print "
ERROR:
Login Incorrect, check username or password
\n"; &html_stop; die; } ], [timeout => sub { $exp->send("/bin/sh\n"); $exp->send("/usr/bin/last -5 $username\n"); $exp->clear_accum(); $exp->log_file(\&formatoutput); $exp->send("/bin/cat /etc/passwd\n"); } ], ); $exp->soft_close(); sub formatoutput { my $input = shift; chomp($input); $input =~ tr/\r//; $input =~ s|\n|
\n|g; unless ($input =~ m!^(?:bin/sh|\$\s|/|\$)!) { print"${input}

\n"; } } sub telnet_login { my ($username, $password, $host, $exp) = @_; $$exp->raw_pty(1); #treat this terminal as a raw file $$exp->log_stdout(0); #do not show terminal output to STD Out $$exp->spawn("/usr/bin/telnet $host") || die "Cannot open telnet\n"; $$exp->expect(7, ['ogin:', sub { $$exp->send("$username\n"); exp_continue; } ], ['assword:', sub { $$exp->send("$password\n"); } ], [timeout => sub { die "

ERROR:
A timeout hast occure d at login
\n"; } ], ); } #### sub log_file { my $self = shift; return(${*$self}{exp_Log_File}) if not @_; # we got no param, return filehandle my $file = shift; my $mode = shift || "a"; if (${*$self}{exp_Log_File} and ref(${*$self}{exp_Log_File}) ne 'CODE') { close(${*$self}{exp_Log_File}); ${*$self}{exp_Log_File} = undef; } return if (not $file); my $fh = $file; if (not ref($file)) { # it's a filename $fh = new IO::File $file, $mode or croak "Cannot open logfile $file: $!"; } if (ref($file) ne 'CODE') { croak "Given logfile doesn't have a 'print' method" if not $fh->can("print"); $fh->autoflush(1); # so logfile is up to date } ${*$self}{exp_Log_File} = $fh; } #### testuser pts/6 localhost Tue Jun 17 09:16 still logged in testuser pts/5 localhost Tue Jun 17 09:16 still logged in testuser pts/4 localhost Mon Jun 16 15:55 - 15:55 (00:00) testuser pts/4 localhost Mon Jun 16 15:53 - 15:53 (00:00) testuser pts/4 localhost Mon Jun 16 15:53 - 15:53 (00:00) root:x:0:1::/:/sbin/sh daemon:x:1:1::/: bin:x:2:2::/usr/bin: sys:x:3:3::/: adm:x:4:4:Admin:/var/adm: lp:x:71:8:Line Printer Admin:/usr/spool/lp: uucp:x:5:5:uucp Admin:/usr/lib/uucp: nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico listen:x:37:4:Network Admin:/usr/net/nls: nobody:x:60001:60001:Nobody:/: noaccess:x:60002:60002:No Access User:/: nobody4:x:65534:65534:SunOS 4.x Nobody:/: fast:x:204:1:FastTrack Server:/web:/bin/sh postfix:x:100:1:postfix:/dev/null:/bin/false vscan:x:1001:10:Amavis User:/usr/local/encap/amavis-perl-11:/bin/sh sshd:x:22000:22000:SSHD privsep User:/var/empty:/bin/false --------- testuser pts/5 localhost Tue Jun 17 09:17 still logged in testuser pts/6 localhost Tue Jun 17 09:16 - 09:17 (00:00) testuser pts/5 localhost Tue Jun 17 09:16 - 09:17 (00:00) testuser pts/4 localhost Mon Jun 16 15:55 - 15:55 (00:00) testuser pts/4 localhost Mon Jun 16 15:53 - 15:53 (00:00) root:x:0:1::/:/sbin/sh daemon:x:1:1::/: bin:x:2:2::/usr/bin: sys:x:3:3::/: adm:x:4:4:Admin:/var/adm: lp:x:71:8:Line Printer Admin:/usr/spool/lp: uucp:x:5:5:uucp Admin:/usr/lib/uucp: nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico listen:x:37:4:Network Admin:/usr/net/nls: nobody:x:60001:60001:Nobody:/: noaccess:x:60002:60002:No Access User:/: nobody4:x:65534:65534:SunOS 4.x Nobody:/: fast:x:204:1:FastTrack Server:/web:/bin/sh postfix:x:100:1:postfix:/dev/null:/bin/false vscan:x:1001:10:Amavis User:/usr/local/encap/amavis-perl-11:/bin/sh sshd:x:22000:22000:SSHD privsep User:/var/empty:/bin/false ------- testuser pts/5 localhost Tue Jun 17 09:18 still logged in testuser pts/5 localhost Tue Jun 17 09:17 - 09:18 (00:00) testuser pts/6 localhost Tue Jun 17 09:16 - 09:17 (00:00) testuser pts/5 localhost Tue Jun 17 09:16 - 09:17 (00:00) testuser pts/4 localhost Mon Jun 16 15:55 - 15:55 (00:00) root:x:0:1::/:/sbin/sh daemon:x:1:1::/: bin:x:2:2::/usr/bin: sys:x:3:3::/: adm:x:4:4:Admin:/var/adm: lp:x:71:8:Line Printer Admin:/usr/spool/lp: uucp:x:5:5:uucp Admin:/usr/lib/uucp: nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico listen:x:37:4:Network Admin:/usr/net/nls: nobody:x:60001:60001:Nobody:/: noaccess:x:60002:60002:No Access User:/: nobody4:x:65534:65534:SunOS 4.x Nobody:/: fast:x:204:1:FastTrack Server:/web:/bin/sh postfix:x:100:1:postfix:/dev/null:/bin/false vscan:x:1001:10:Amavis User:/usr/local/encap/amavis-perl-11:/bin/sh sshd:x:22000:22000:SSHD privsep User:/var/empty:/bin/false ----- testuser pts/6 localhost Tue Jun 17 09:19 still logged in testuser pts/5 localhost Tue Jun 17 09:19 still logged in testuser pts/5 localhost Tue Jun 17 09:18 - 09:19 (00:00) testuser pts/5 localhost Tue Jun 17 09:17 - 09:18 (00:00) testuser pts/6 localhost Tue Jun 17 09:16 - 09:17 (00:00) $ root:x:0:1::/:/sbin/sh daemon:x:1:1::/: bin:x:2:2::/usr/bin: sys:x:3:3::/: adm:x:4:4:Admin:/var/adm: lp:x:71:8:Line Printer Admin:/usr/spool/lp: uucp:x:5:5:uucp Admin:/usr/lib/uucp: nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico listen:x:37:4:Network Admin:/usr/net/nls: nobody:x:60001:60001:Nobody:/: noaccess:x:60002:60002:No Access User:/: nobody4:x:65534:65534:SunOS 4.x Nobody:/: fast:x:204:1:FastTrack Server:/web:/bin/sh postfix:x:100:1:postfix:/dev/null:/bin/false vscan:x:1001:10:Amavis User:/usr/local/encap/amavis-perl-11:/bin/sh sshd:x:22000:22000:SSHD privsep User:/var/empty:/bin/false ------ testuser pts/5 localhost Tue Jun 17 09:20 still logged in testuser pts/6 localhost Tue Jun 17 09:20 - 09:20 (00:00) testuser pts/8 localhost Tue Jun 17 09:20 - 09:20 (00:00) testuser pts/5 localhost Tue Jun 17 09:20 - 09:20 (00:00) testuser pts/7 localhost Tue Jun 17 09:19 - 09:20 (00:00) root:x:0:1::/:/sbin/sh daemon:x:1:1::/: bin:x:2:2::/usr/bin: sys:x:3:3::/: adm:x:4:4:Admin:/var/adm: lp:x:71:8:Line Printer Admin:/usr/spool/lp: uucp:x:5:5:uucp Admin:/usr/lib/uucp: nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico listen:x:37:4:Network Admin:/usr/net/nls: nobody:x:60001:60001:Nobody:/: noaccess:x:60002:60002:No Access User:/: nobody4:x:65534:65534:SunOS 4.x Nobody:/: fast:x:204:1:FastTrack Server:/web:/bin/sh postfix:x:100:1:postfix:/dev/null:/bin/false vscan:x:1001:10:Amavis User:/usr/local/encap/amavis-perl-11:/bin/sh sshd:x:22000:22000:SSHD privsep User:/var/empty:/bin/false ----- testuser pts/5 localhost Tue Jun 17 09:29 still logged in testuser pts/5 localhost Tue Jun 17 09:28 - 09:29 (00:00) testuser pts/5 localhost Tue Jun 17 09:28 - 09:28 (00:00) testuser pts/5 localhost Tue Jun 17 09:27 - 09:27 (00:00) testuser pts/5 localhost Tue Jun 17 09:27 - 09:27 (00:00) root:x:0:1::/:/sbin/sh daemon:x:1:1::/: bin:x:2:2::/usr/bin: sys:x:3:3::/: adm:x:4:4:Admin:/var/adm: lp:x:71:8:Line Printer Admin:/usr/spool/lp: uucp:x:5:5:uucp Admin:/usr/lib/uucp: nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico listen:x:37:4:Network Admin:/usr/net/nls: nobody:x:60001:60001:Nobody:/: noaccess:x:60002:60002:No Access User:/: nobody4:x:65534:65534:SunOS 4.x Nobody:/: fast:x:204:1:FastTrack Server:/web:/bin/sh postfix:x:100:1:postfix:/dev/null:/bin/false vscan:x:1001:10:Amavis User:/usr/local/encap/amavis-perl-11:/bin/sh sshd:x:22000:22000:SSHD privsep User:/var/empty:/bin/false $