Expect Example Uses

slide 2 slide 1 gaius gaius Expect Expect example uses

as system administrators we may have need for aprogram to control interactive applications automating interactive activities it maybe possible to control interactive testing remote access works (telnet, ftp) applications from other scripting languages as down loading ftp ﬁles well changing password python, perl running security checks expect programming is very easy compared to perl! we could build a script which test that our server is crackers use expect to try and gain access to safe machines via ssh, ftp, telnet from guest accounts ask AJC Blyth no telnet access is allowed no ssh from lab machines is allowed butssh from privileged machines is working

slide 3 slide 4 gaius gaius Expect and examples Password Trial

automatically creating passwords advice ﬁrst run the program that you want to connect can be done via C to expect by hand takes a lot of time to write such programs note the output and build expect around it will it work with NIS, shadowpasswords or so let us change a password for bob Kerboros?

passwd bob with expect we run the user program passwd and Enter new UNIX password: Retype new UNIX password: send keyboard input passwd: password updated successfully passwords were entered, but obviously the passwd program did not echo back our input! slide 5 slide 6 gaius gaius Trial results Trial results

we note that the program prompted us for a password #!/usr/bin/expect twice spawn passwd [lindex $argv 0] both times it ended its sentence with set password [lindex $argv 1] expect "password:" password: send "$password\r" as we are lazy we can wait until we see expect "password:" send "$password\r" password: and ignore anything that was expect eof before whyisthis good practice? what must we watch out for?

slide 7 slide 8 gaius gaius Testing the example Script explanation

./exp1.exp bob 123 #!/usr/bin/expect spawn passwd bob Enter new UNIX password: spawn passwd [lindex $argv 0] Retype new UNIX password: set password [lindex $argv 1] passwd: password updated successfully expect "password:" send "$password\r" expect "password:" send "$password\r" here we change user bob password to 123 expect eof slide 9 slide 10 gaius gaius Script explanation Script explanation

#!/usr/bin/expect script is interpreted via set password [lindex $argv 1] expect located in directory /usr/bin deﬁnes a variable password and sets it to 123 spawn passwd [lindex $argv 0] expect "password:" run the program passwd bob and connect waits for the program passwd to issue expect to this program password: before continuing note that [lindex $argv 0] resolves to bob send "$password\r" actually argument one (hmm..) sends the users password to passwd followed by a carriage return

note the script repeats the last twocommands, why?

ﬁnally expect eof wait for passwd to ﬁnish

slide 11 slide 12 gaius gaius Anchoring Patternaction pairs

you might want to match text at the beginning or end #!/usr/bin/expect of a line, this is via set timeout 15 ˆ for the beginning of a line expect "hi" {send "You said hi\n" } \ $ for the end of a line "hello" { send "Hello to you\n" } \ "bye" { send "Goodbye\n" } \ timeout { send "I’m fed up\nbye\n" } also note that * means anynumber of characters if we run the script as shown belowand type nothing we get:

I’m fed up bye slide 13 slide 14 gaius gaius Patternaction pairs Autoftp and expect

note that different actions can be associated with so far we have built the front end to autoftp different input scans the input ﬁle for URLs note also that the default timeout time is set at 10 handles arguments seconds to disable the timeout facility set timeout -1 we will use expect to control ftp, we will build this up this utility

ﬁrstly we will ftp manually

slide 15 slide 16 gaius gaius Ftp session Ftp session

fred@merlin:$ ftp guenevere ftp> dir Connected to guenevere. 200 PORT command successful. 220 guenevere FTP server (Version wu-2.6.0(1)) 150 Opening ASCII mode data connection for /bin/ls. Name (guenevere:fred): anonymous total 20 331 Guest login ok, send your complete e-mail d--x--x--x 2 004096 Aug 10 2000 bin 331 address as password. d--x--x--x 2 004096 Aug 10 2000 etc Password:[email protected] d--x--x--x 2 004096 Aug 10 2000 lib dr-xr-xr-x 4 004096 Sep 28 22:17 pub 230-Welcome, archive user anonymous@merlin ! -rw-r--r-- 1 00 346 Aug 10 2000 welcome.msg 230- 226 Transfer complete. 230-The local time is: Mon Feb 12 15:18:14 2001 ftp> quit 230- 221-You have transferred 0 bytes in 0 files. 230 Guest login ok, access restrictions apply. 221-Total traffic for this session was 1182 Remote system type is UNIX. 221-bytes in 1 transfers. Using binary mode to transfer files. 221-Thank you for using the FTP service on 221-guenevere. Goodbye. slide 17 slide 18 gaius gaius Simple semi automated ftp script Expect control constructs

this script will log us into a site and then interact with expect uses extends the Tcl language the user expect provides: if then else, while, set, #!/usr/bin/expect interact, expect, for, switch, incr, return, proc set site [lindex $argv 0] spawn ftp $site expect "Name" send "anonymous\r" if {$count < 0} { expect "Password:" set total 1 send "[email protected]\r" } interact note the interact statement connects the keyboard to the ftp program most ftp servers do not check for a valid email address!

slide 19 slide 20 gaius gaius Expect control constructs Morecomplex if

if {$count < 5} { if {$count < 0} { puts "count is less than five" puts "count is less than zero" }else { }elseif {$count > 0 { puts "count is not less than five" puts "count is greater than zero" } }else { puts "count is equal to zero" } you must place the statement begin brace on the same line as the if or else if in doubt followthe templates in these notes slide 21 slide 22 gaius gaius While statement forcommand

#!/usr/bin/expect has the syntax for start expression next { set count 10 while {$count > 0} { puts "the value of count is $count" set count [expr $count-1] } }

#!/usr/bin/expect note the effect of the braces in {$count > 0} for {set count 10} {$count > 0} {incr count -1} { theydefer evaluation of $count puts "the value of count is $count" if you remove the braces then $count > 0 is } internally replaced via: 10 > 0

slide 23 slide 24 gaius gaius Expressions Expressions

0isfalse, 1 is true so in the example

boolean operators || (or), && (and), ! (not) set count [expr $count-1] comparison operators <=, ==, != etc the [expr $count-1] is evaluated before the set! the brackets [ ] give this expression a higher precedence slide 25 slide 26 gaius gaius proc and return Autoftp Tutorial

#!/usr/bin/expect #!/usr/bin/expect #this program is called exp7.exp proc mycompare {a b} { proc connect {} { if {$a < $b} { expect { puts "$a is less than $b" "Name*:" { return -1 send "anonymous\r" }elseif {$a > $b} { expect { puts "$a is greater than $b" "Password:" { return 1 send "[email protected]\r" }else { expect "login ok*ftp>" puts "$a is equal to $b" return 0 return 0 } } } } } } set value [mycompare 1 4] #timed out puts "comparison returned $value" return 1 }

./exp6.exp 1isless than 4 comparison returned -1

slide 27 slide 28 gaius gaius Autoftp Tutorial Laboratory session

set site [lindex $argv 0] work on your assignment spawn ftp $site while {[connect]} { send "quit\r" expect eof try out the following expect example spawn ftp $site you will need to add your password at the } send "binary\r" position yourpassword send "cd [lindex $argv 1]\r" send "get [lindex $argv 2]\r" send "quit\r" expect eof slide 29 gaius Laboratory session

#!/usr/bin/expect log_user 0 spawn pwd expect -re "(ˆ.*/.*)$" set localdir $expect_out(1,string) expect eof log_user 0 spawn ssh moppsy.comp.glam.ac.uk expect "assword: " send "yourpassword\r" expect "\\$" send "cd $localdir" interact