Nditabwera kudzagwira ntchito ku kampaniyi, ndinali ndi zida za IP kale, ma seva angapo okhala ndi asterisk ndi chigamba cha FreeBPX. Kuphatikiza apo, analogue PBX Samsung IDCS500 inagwira ntchito limodzi ndipo, makamaka, inali njira yayikulu yolumikizirana pakampani; telephony ya IP idagwira ntchito ku dipatimenti yogulitsa kokha. Ndipo zonse zikadapitilira kuphika chonchi, koma tsiku lina lamulo linaperekedwa kuti asamutsire aliyense ku IP telephony, masiku omaliza adagwirizana, zida zidagulidwa ndipo dongosolo losamutsa bizinesiyo m'zaka za zana la 21 lidayamba kukhazikitsidwa.
Chinthu choyamba chomwe chimayamba kudandaula muzochitika zotere ndi kuchuluka kwa mafoni omwe akuyenera kuyendetsedwa mwanjira ina, chinthu chachiwiri chomwe chidali chodetsa nkhawa kwambiri chinali buku lamafoni. Ngati Endpoint Manager atha kutithandiza ndi yoyamba (yomwe, mwa njira, idadulidwa kuchokera kumitundu yaposachedwa ya FreePBX), ndiye mafunso ena adawuka ndi bukhuli:
- Choyamba, mungatsimikizire bwanji kulondola kwake pamene malo / madzi ogwiritsira ntchito akusintha nthawi zonse?
- Kachiwiri, momwe mungasinthire mafoni kwathunthu. Ndipo osalemba dzina lolumikizana nthawi zonse?
Vutoli linali losangalatsa, yankho silinatenge nthawi kuti lifike. Tsopano ndipereka mndandanda wonse, ndiyeno tiziyang'ana mwadongosolo.
from scapy.all import sniff
from scapy.layers.inet import IP
import mysql.connector
import ldap
import getpass
import tftpy
import requests
import os
import time
from string import replace
def conn_ldap(login):
ad = ldap.initialize('ldap://***.local')
ad.simple_bind_s('voip@***.local', 'password')
basedn = 'OU=IT,DC=***,DC=LOCAL'
basedn_user = 'OU=***,OU=***,DC=***,DC=LOCAL'
scope = ldap.SCOPE_SUBTREE
filterexp = "(&(sAMAccountName=" + login + ")(ObjectClass=person))"
filterexp2 = "(&(ObjectClass=organizationUnit))"
attrlist = ['cn']
attrlist2 = ['OU']
search = ad.search_s(basedn, scope, filterexp, attrlist)
adname = search[0][1]['cn'][0].decode('utf-8')
if adname == ' ':
search = ad.search_s(basedn_user, scope, filterexp2, attrlist2)
for i in range(1, len(search)+1):
group = search[i][1]['ou'][0]
basedn_user2 = 'OU='+group+','+basedn_user
search = ad.search_s(basedn_user2, scope, filterexp, attrlist)
adname = search[0][1]['cn'][0].decode('utf-8')
if adname != ' ':
return adname
adname = search[0][1]['cn'][0].decode('utf-8')
ad.unbind_s()
return adname
def tftp_file_change(config,place,adname,current_account,current_account_password):
client = tftpy.TftpClient("192.168.0.3", 69)
client.download('template.cfg', place)
fileread = open(place, 'r')
line = fileread.readlines()
fileread.close()
line[5] = (('account.1.label = ').encode('utf-8') + adname.encode('utf-8') + 'n')
line[2] = (('account.1.auth_name = ').encode('utf-8') + current_account.encode('utf-8') + 'n')
line[3] = (('account.1.display_name = ').encode('utf-8') + current_account.encode('utf-8') + 'n')
line[6] = (('account.1.password = ').encode('utf-8') + current_account_password[0][0] + 'n')
filewrite = open(place, 'w')
for i in line:
filewrite.write(i)
filewrite.close()
print place
print config
client.upload(config,place)
def get_phone_inform(ipaddr):
fileconf = requests.get('http://admin:admin@'+ipaddr+'/servlet?phonecfg=get[&accounts=1]')
conf = fileconf.text.split('|')
current_account = conf[2]
return current_account
def sniff_frame():
pcapf = sniff(count=1, timeout=70, filter="dst host 192.168.0.3 and port 5060")
if len(pcapf) == 0:
exit()
frame = pcapf[0]
macaddr = frame.src
print macaddr[:8]
if macaddr[:8] != '80:5e:c0':
exit()
ipaddr = frame[0][IP].src
return macaddr, ipaddr
def conn_mysql(query,fquery,macaddr,qwery2):
connect = mysql.connector.connect(host='192.168.0.3', database='voip', user='voip_wr', password='***')
cursor = connect.cursor()
cursor.execute(fquery)
state = cursor.fetchall()
state = bool(state[0][0])
if state == True:
cursor.execute(qwery2)
connect.commit()
connect.close()
else:
cursor.execute(query)
connect.commit()
connect.close()
def check_account(current_account):
connect = mysql.connector.connect(host='192.168.0.3', database='asterisk', user='voip_wr', password='***')
cursor = connect.cursor()
qwery = 'select data from sip where id=' + current_account + ' and keyword="secret";'
cursor.execute(qwery)
password = cursor.fetchall()
if password == ' ':
exit()
else:
return password
if __name__ == '__main__':
macaddr, ipaddr = sniff_frame()
current_account = get_phone_inform(ipaddr)
current_account_password = check_account(current_account)
macaddr = macaddr.replace(':', '')
ipaddr = ipaddr.decode('utf-8')
adname = conn_ldap(getpass.getuser())
query = 'INSERT INTO station (mac, ip, name, number) VALUES (' + '"' + macaddr + '",' + '"' + ipaddr + '",' + '"' + adname + '",' + '"' + get_phone_inform(ipaddr) + '"' + ')'
qwery2 = 'UPDATE station SET ip=' + '"' + ipaddr + '"' + ', name=' + '"' + adname + '"' + ', number=' + '"' + get_phone_inform(ipaddr) + '"' + ' WHERE mac=' + '"' + macaddr + '"'
fquery = 'SELECT EXISTS(SELECT mac FROM voip.station WHERE mac=' + '"' + macaddr + '")'
query = query.encode('utf-8')
fquery = fquery.encode('utf-8')
config = macaddr + '.cfg'
place = os.path.expanduser("~") + "" + "AppDataLocal" + config
conn_mysql(query,fquery,macaddr,qwery2)
tftp_file_change(config,place,adname,current_account,current_account_password)
requests.get('http://admin:admin@'+ipaddr+'/cgi-bin/ConfigManApp.com?key=AutoP')
requests.get('http://admin:admin@'+ipaddr+'/cgi-bin/ConfigManApp.com?key=Reboot')Pulogalamuyi imagwira ntchito pamakompyuta a wogwiritsa ntchito ndipo imagwira ntchito pokhapokha kompyutayo ilumikizidwa ndi netiweki kudzera pa foni, popeza Yealink T19 sangagwire ntchito ngati chipata.
Choyamba, tiyenera kumvetsa ngati izo zikugwirizana? ndi zomwe mac ndi ip foni yathu ili nayo.
def sniff_frame():
pcapf = sniff(count=1, timeout=70, filter="dst host 192.168.0.3 and port 5060")
if len(pcapf) == 0:
exit()
frame = pcapf[0]
macaddr = frame.src
print macaddr[:8]
if macaddr[:8] != '80:5e:c0':
exit()
ipaddr = frame[0][IP].src
return macaddr, ipaddr
Apa timagwiritsa ntchito fungo la sniff kuchokera ku scapy framework, ndi chithandizo chake timalandira paketi ya udp yokonzedweratu, dikirani masekondi 70 ndipo ngati sitigwira kalikonse, timatuluka.
count=1, timeout=70, filter="dst host 192.168.0.3 and port 5060"Kenako, timaonetsetsa kuti chipangizocho ndi Yealink ndikubwezera zofunikira (ip ndi mac).
Pogwiritsa ntchito pempho lapadera, timapeza akaunti yamakono pafoni. Kuti muchite izi, kasinthidwe kameneka kamatsitsidwa kuchokera pa foni ndikusinthidwa.
def get_phone_inform(ipaddr):
fileconf = requests.get('http://admin:admin@'+ipaddr+'/servlet?phonecfg=get[&accounts=1]')
conf = fileconf.text.split('|')
current_account = conf[2]
return current_accountDziwani mawu achinsinsi a akauntiyi. Kuti tichite izi, timatembenukira ku tebulo la asterisk.sip ndi gawo la deta momwemo.
def check_account(current_account):
connect = mysql.connector.connect(host='192.168.0.3', database='asterisk', user='voip_wr', password='***')
cursor = connect.cursor()
qwery = 'select data from sip where id=' + current_account + ' and keyword="secret";'
cursor.execute(qwery)
password = cursor.fetchall()
if password == ' ':
exit()
else:
return passwordChabwino, pagawo lomaliza timalumikizana ndi ldap AD ndikugwiritsa ntchito sAMAccountName yopezeka kudzera mu ntchitoyi getpass.getuser() tengani cn ya wogwiritsa ntchito pano (yomwe nthawi zambiri imakhala ndi dzina lathunthu la wogwiritsa ntchito).
def conn_ldap(login):
ad = ldap.initialize('ldap://***.local')
ad.simple_bind_s('voip@***.local', 'password')
basedn = 'OU=***,DC=***,DC=LOCAL'
basedn_user = 'OU=***,OU=***,DC=***,DC=LOCAL'
scope = ldap.SCOPE_SUBTREE
filterexp = "(&(sAMAccountName=" + login + ")(ObjectClass=person))"
filterexp2 = "(&(ObjectClass=organizationUnit))"
attrlist = ['cn']
attrlist2 = ['OU']
search = ad.search_s(basedn, scope, filterexp, attrlist)
adname = search[0][1]['cn'][0].decode('utf-8')
if adname == ' ':
search = ad.search_s(basedn_user, scope, filterexp2, attrlist2)
for i in range(1, len(search)+1):
group = search[i][1]['ou'][0]
basedn_user2 = 'OU='+group+','+basedn_user
search = ad.search_s(basedn_user2, scope, filterexp, attrlist)
adname = search[0][1]['cn'][0].decode('utf-8')
if adname != ' ':
return adname
adname = search[0][1]['cn'][0].decode('utf-8')
ad.unbind_s()
return adnameTimalumikizana ndi tebulo lomwe linapangidwa kale m'dawunilodi (ndinapanga pamenepo) ndikulowetsa zonse zomwe taphunzira, zomwe ndi: ip, mac, username.
def conn_mysql(query,fquery,macaddr,qwery2):
connect = mysql.connector.connect(host='192.168.0.3', database='voip', user='voip_wr', password='***')
cursor = connect.cursor()
cursor.execute(fquery)
state = cursor.fetchall()
state = bool(state[0][0])
if state == True:
cursor.execute(qwery2)
connect.commit()
connect.close()
else:
cursor.execute(query)
connect.commit()
connect.close()Titha kuyima apa, chifukwa tapanga kale bukhu lamaadiresi lamphamvu, mutha kufunsa, koma ndidapita patsogolo ndikuwonjezera zopangira zida pano.
Kuti tichite izi, makonzedwe a template amatsitsidwa kuchokera pa seva yokonzedweratu ya tftp, momwe timasinthira ndikusunga ngati mac.cfg. Ndiko kuti, kwa Yealink pali mitundu iwiri ya kasinthidwe, imodzi ndi yapadziko lonse, ndipo yachiwiri imagwira ntchito pa foni inayake ndipo iyenera kukhala ya mawonekedwe mac_phone.cfg.
Pambuyo posintha zonse mufayilo ndikuyisunganso ku seva ya tftp, timapereka lamulo ku foni kuti ipereke ndikuyambitsanso chipangizocho.
def tftp_file_change(config,place,adname,current_account,current_account_password):
client = tftpy.TftpClient("192.168.0.3", 69)
client.download('template.cfg', place)
fileread = open(place, 'r')
line = fileread.readlines()
fileread.close()
line[5] = (('account.1.label = ').encode('utf-8') + adname.encode('utf-8') + 'n')
line[2] = (('account.1.auth_name = ').encode('utf-8') + current_account.encode('utf-8') + 'n')
line[3] = (('account.1.display_name = ').encode('utf-8') + current_account.encode('utf-8') + 'n')
line[6] = (('account.1.password = ').encode('utf-8') + current_account_password[0][0] + 'n')
filewrite = open(place, 'w')
for i in line:
filewrite.write(i)
filewrite.close()
print place
print config
client.upload(config,place)requests.get('http://admin:admin@'+ipaddr+'/cgi-bin/ConfigManApp.com?key=AutoP')
requests.get('http://admin:admin@'+ipaddr+'/cgi-bin/ConfigManApp.com?key=Reboot')Pambuyo poyambitsanso chipangizochi, timapeza dzina lathu lonse pazenera la foni + bukhu la adilesi lodzaza bwino nthawi zonse ngati nkhokwe, ndiye chomwe chatsala ndikuwonjezera XML ndi PHP yaying'ono kuti iwonetse zomwe zilimo. Pali zitsanzo zambiri, ngakhale YEALINK mwiniyo ali nazo.
PS: Kuti scalability kwambiri, mukhoza kusuntha zoikamo waukulu (zosinthika) mu wapamwamba wapamwamba.
Source: www.habr.com