Ina ua ou sau e faigaluega mo lenei kamupani, ua uma ona ou maua ni faʻamaumauga o masini IP, tele sapalai ma asterisk ma se patch i foliga o le FreeBPX. E le gata i lea, o se analogue PBX Samsung IDCS500 na galue tutusa ma, i se tulaga lautele, o le telefoni feaveaʻi i totonu o le kamupani na galue mo le matagaluega faʻatau; Ma o mea uma o le a faʻaauau pea ona kuka e pei o lenei, ae i se tasi aso lelei na tuʻuina atu ai se faʻatonuga e faʻafeiloaʻi tagata uma i le telefoni IP, na malilie i ai taimi faʻatapulaʻa, faʻatau meafaigaluega ma amata ona faʻatinoina le fuafuaga e faʻafeiloaʻi le atinaʻe i le 21st seneturi.
O le mea muamua e amata ona popole i se tulaga faapena o le televave o le faʻatupulaia o numera o seti telefoni e manaʻomia ona pulea i se isi itu, o le mea lona lua na matua popole lava o le tusi telefoni. Afai e mafai e le Endpoint Manager ona fesoasoani ia i matou i le mea muamua (lea, i le ala, na vavae ese mai lomiga fou o FreePBX), ona tulaʻi mai lea o nisi o fesili i le tusi:
- Muamua, faʻafefea ona faʻamautinoa lona saʻo pe a suia pea le nofoaga / faʻaogaina o tagata faʻaoga?
- Lona lua, faʻafefea ona faʻamalo atoatoa telefoni. Ma e le faʻatumu le igoa faʻafesoʻotaʻi i taimi uma?
Sa manaia le faafitauli, e lei umi se taimi ae taunuu le fofo. O lea la o le a ou tuuina atu le lisi atoa, ona tatou vaavaai lea i le faasologa.
from scapy.all import sniff
from scapy.layers.inet import IP
import mysql.connector
import ldap
import getpass
import tftpy
import requests
import os
import time
from string import replace
def conn_ldap(login):
ad = ldap.initialize('ldap://***.local')
ad.simple_bind_s('voip@***.local', 'password')
basedn = 'OU=IT,DC=***,DC=LOCAL'
basedn_user = 'OU=***,OU=***,DC=***,DC=LOCAL'
scope = ldap.SCOPE_SUBTREE
filterexp = "(&(sAMAccountName=" + login + ")(ObjectClass=person))"
filterexp2 = "(&(ObjectClass=organizationUnit))"
attrlist = ['cn']
attrlist2 = ['OU']
search = ad.search_s(basedn, scope, filterexp, attrlist)
adname = search[0][1]['cn'][0].decode('utf-8')
if adname == ' ':
search = ad.search_s(basedn_user, scope, filterexp2, attrlist2)
for i in range(1, len(search)+1):
group = search[i][1]['ou'][0]
basedn_user2 = 'OU='+group+','+basedn_user
search = ad.search_s(basedn_user2, scope, filterexp, attrlist)
adname = search[0][1]['cn'][0].decode('utf-8')
if adname != ' ':
return adname
adname = search[0][1]['cn'][0].decode('utf-8')
ad.unbind_s()
return adname
def tftp_file_change(config,place,adname,current_account,current_account_password):
client = tftpy.TftpClient("192.168.0.3", 69)
client.download('template.cfg', place)
fileread = open(place, 'r')
line = fileread.readlines()
fileread.close()
line[5] = (('account.1.label = ').encode('utf-8') + adname.encode('utf-8') + 'n')
line[2] = (('account.1.auth_name = ').encode('utf-8') + current_account.encode('utf-8') + 'n')
line[3] = (('account.1.display_name = ').encode('utf-8') + current_account.encode('utf-8') + 'n')
line[6] = (('account.1.password = ').encode('utf-8') + current_account_password[0][0] + 'n')
filewrite = open(place, 'w')
for i in line:
filewrite.write(i)
filewrite.close()
print place
print config
client.upload(config,place)
def get_phone_inform(ipaddr):
fileconf = requests.get('http://admin:admin@'+ipaddr+'/servlet?phonecfg=get[&accounts=1]')
conf = fileconf.text.split('|')
current_account = conf[2]
return current_account
def sniff_frame():
pcapf = sniff(count=1, timeout=70, filter="dst host 192.168.0.3 and port 5060")
if len(pcapf) == 0:
exit()
frame = pcapf[0]
macaddr = frame.src
print macaddr[:8]
if macaddr[:8] != '80:5e:c0':
exit()
ipaddr = frame[0][IP].src
return macaddr, ipaddr
def conn_mysql(query,fquery,macaddr,qwery2):
connect = mysql.connector.connect(host='192.168.0.3', database='voip', user='voip_wr', password='***')
cursor = connect.cursor()
cursor.execute(fquery)
state = cursor.fetchall()
state = bool(state[0][0])
if state == True:
cursor.execute(qwery2)
connect.commit()
connect.close()
else:
cursor.execute(query)
connect.commit()
connect.close()
def check_account(current_account):
connect = mysql.connector.connect(host='192.168.0.3', database='asterisk', user='voip_wr', password='***')
cursor = connect.cursor()
qwery = 'select data from sip where id=' + current_account + ' and keyword="secret";'
cursor.execute(qwery)
password = cursor.fetchall()
if password == ' ':
exit()
else:
return password
if __name__ == '__main__':
macaddr, ipaddr = sniff_frame()
current_account = get_phone_inform(ipaddr)
current_account_password = check_account(current_account)
macaddr = macaddr.replace(':', '')
ipaddr = ipaddr.decode('utf-8')
adname = conn_ldap(getpass.getuser())
query = 'INSERT INTO station (mac, ip, name, number) VALUES (' + '"' + macaddr + '",' + '"' + ipaddr + '",' + '"' + adname + '",' + '"' + get_phone_inform(ipaddr) + '"' + ')'
qwery2 = 'UPDATE station SET ip=' + '"' + ipaddr + '"' + ', name=' + '"' + adname + '"' + ', number=' + '"' + get_phone_inform(ipaddr) + '"' + ' WHERE mac=' + '"' + macaddr + '"'
fquery = 'SELECT EXISTS(SELECT mac FROM voip.station WHERE mac=' + '"' + macaddr + '")'
query = query.encode('utf-8')
fquery = fquery.encode('utf-8')
config = macaddr + '.cfg'
place = os.path.expanduser("~") + "" + "AppDataLocal" + config
conn_mysql(query,fquery,macaddr,qwery2)
tftp_file_change(config,place,adname,current_account,current_account_password)
requests.get('http://admin:admin@'+ipaddr+'/cgi-bin/ConfigManApp.com?key=AutoP')
requests.get('http://admin:admin@'+ipaddr+'/cgi-bin/ConfigManApp.com?key=Reboot')O le polokalame e alu i luga o le komepiuta a le tagata faʻaoga ma galue pe a faʻapea e fesoʻotaʻi le komepiuta i le fesoʻotaʻiga e ala i se telefoni, talu ai e le mafai e Yealink T19 ona galue o se faitotoa.
Muamua, e tatau ona tatou malamalama pe fesootai? ma o le a le mac ma ip o loʻo i ai i le matou telefoni.
def sniff_frame():
pcapf = sniff(count=1, timeout=70, filter="dst host 192.168.0.3 and port 5060")
if len(pcapf) == 0:
exit()
frame = pcapf[0]
macaddr = frame.src
print macaddr[:8]
if macaddr[:8] != '80:5e:c0':
exit()
ipaddr = frame[0][IP].src
return macaddr, ipaddr
O iinei tatou te faʻaogaina ai le sniff function mai le scapy framework, faatasi ai ma lana fesoasoani tatou te maua ai se pusa udp na muaʻi fuafuaina, faʻatali 70 sekone ma afai tatou te le maua se mea, tatou te o ese.
count=1, timeout=70, filter="dst host 192.168.0.3 and port 5060"Ma le isi, matou te faʻamautinoa o le masini e moni lava Yealink ma toe faʻafoʻi mea taua (ip ma mac).
I le faʻaaogaina o se talosaga faʻapitoa, matou te suʻeina le tala o loʻo i ai nei i luga o le telefoni. Ina ia faia lenei mea, o le faatulagaga o loʻo iai nei e sii mai i luga o le telefoni ma faʻasalalau.
def get_phone_inform(ipaddr):
fileconf = requests.get('http://admin:admin@'+ipaddr+'/servlet?phonecfg=get[&accounts=1]')
conf = fileconf.text.split('|')
current_account = conf[2]
return current_accountSu'e le upu faataga mo lenei tala. Ina ia faia lenei mea, matou te liliu atu i le asterisk.sip laulau ma le fanua faʻamatalaga i totonu.
def check_account(current_account):
connect = mysql.connector.connect(host='192.168.0.3', database='asterisk', user='voip_wr', password='***')
cursor = connect.cursor()
qwery = 'select data from sip where id=' + current_account + ' and keyword="secret";'
cursor.execute(qwery)
password = cursor.fetchall()
if password == ' ':
exit()
else:
return passwordIa, mo le vaega mulimuli matou te faʻafesoʻotaʻi i ldap AD ma faʻaaoga sAMAccountName maua mai i le galuega getpass.getuser() ave le cn o le tagata faʻaoga o loʻo iai nei (lea e masani ona iai le igoa atoa o le tagata faʻaoga).
def conn_ldap(login):
ad = ldap.initialize('ldap://***.local')
ad.simple_bind_s('voip@***.local', 'password')
basedn = 'OU=***,DC=***,DC=LOCAL'
basedn_user = 'OU=***,OU=***,DC=***,DC=LOCAL'
scope = ldap.SCOPE_SUBTREE
filterexp = "(&(sAMAccountName=" + login + ")(ObjectClass=person))"
filterexp2 = "(&(ObjectClass=organizationUnit))"
attrlist = ['cn']
attrlist2 = ['OU']
search = ad.search_s(basedn, scope, filterexp, attrlist)
adname = search[0][1]['cn'][0].decode('utf-8')
if adname == ' ':
search = ad.search_s(basedn_user, scope, filterexp2, attrlist2)
for i in range(1, len(search)+1):
group = search[i][1]['ou'][0]
basedn_user2 = 'OU='+group+','+basedn_user
search = ad.search_s(basedn_user2, scope, filterexp, attrlist)
adname = search[0][1]['cn'][0].decode('utf-8')
if adname != ' ':
return adname
adname = search[0][1]['cn'][0].decode('utf-8')
ad.unbind_s()
return adnameMatou te faʻafesoʻotaʻi i se laulau na faia muamua i totonu o faʻamaumauga (na ou faia iina) ma faʻapipiʻi mea uma na matou aʻoaʻoina, e pei o: ip, mac, username.
def conn_mysql(query,fquery,macaddr,qwery2):
connect = mysql.connector.connect(host='192.168.0.3', database='voip', user='voip_wr', password='***')
cursor = connect.cursor()
cursor.execute(fquery)
state = cursor.fetchall()
state = bool(state[0][0])
if state == True:
cursor.execute(qwery2)
connect.commit()
connect.close()
else:
cursor.execute(query)
connect.commit()
connect.close()E mafai ona matou taofi iinei, aua ua uma ona matou fatuina se tusi faʻamatalaga malosi, atonu e te fesili, ae na ou alu atili ma faʻaopoopo le tuʻuina atu o masini iinei.
Mo lenei mea, faʻaaoga se tftp ua uma ona faʻatulagaina sapalai E sii maia se fa'atulagaga o le template, lea tatou te faia ai a tatou suiga ma sefe ai o le mac.cfg. O lona uiga o le Yealink e lua ituaiga o fa'atulagaga: o le tasi e fa'alelalolagi, ma le isi e fa'aoga i se telefoni fa'apitoa ma e tatau ona i ai i le fa'atulagaga mac_phone.cfg.
A maeʻa suiga uma i le faila ma faʻasaoina i tua i le tftp server, matou te tuʻuina atu le poloaiga i le telefoni e tuʻuina atu ma toe faʻafouina le masini.
def tftp_file_change(config,place,adname,current_account,current_account_password):
client = tftpy.TftpClient("192.168.0.3", 69)
client.download('template.cfg', place)
fileread = open(place, 'r')
line = fileread.readlines()
fileread.close()
line[5] = (('account.1.label = ').encode('utf-8') + adname.encode('utf-8') + 'n')
line[2] = (('account.1.auth_name = ').encode('utf-8') + current_account.encode('utf-8') + 'n')
line[3] = (('account.1.display_name = ').encode('utf-8') + current_account.encode('utf-8') + 'n')
line[6] = (('account.1.password = ').encode('utf-8') + current_account_password[0][0] + 'n')
filewrite = open(place, 'w')
for i in line:
filewrite.write(i)
filewrite.close()
print place
print config
client.upload(config,place)requests.get('http://admin:admin@'+ipaddr+'/cgi-bin/ConfigManApp.com?key=AutoP')
requests.get('http://admin:admin@'+ipaddr+'/cgi-bin/ConfigManApp.com?key=Reboot')A maeʻa ona toe faʻafouina le masini, matou te maua o matou igoa atoa i luga o le telefoni feaveaʻi + o se tusi faʻatumu saʻo i le tulaga o se faʻamaumauga, ona pau lea o le faʻaopoopoina o le XML ma sina PHP e faʻaalia ai le anotusi. E tele na fa'ata'ita'iga, e o'o i le YEALINK lava ia e iai.
PS: Mo le faʻalauteleina o le faʻaogaina, e mafai ona e faʻanofoina tulaga autu (suiga) i se faila ese.
puna: www.habr.com
