Code Monkey home page Code Monkey logo

watchblob's Issues

Help installing

Hi,

Please help.
I've no idea how to use go but I've run through the following steps with no luck...

$ sudo apt -y install golang
$ go get github.com/tazjin/watchblob/...

And nothing happens.

So ive dl'd the repo manually but only have the files...
.gitignore
README.md
main.go fix
main_test.go
urls.go

What do I do with them?

Sorry for what I'm sure is a stupid question.

Ta

A rough version allowing to skip cert verification and allows username and password to be input as arguments

Hi and thanks for this project!

I needed it to work with an expired cert and I wanted to be able to set the user and password as arguments so here is my very quick and dirty modification. I've never touched Go before so this is pretty much trial and error but works.

I figured i´d add it as an issue so that others can find the modification.

package main

import (
	"bufio"
	"encoding/xml"
	"fmt"
	"golang.org/x/crypto/ssh/terminal"
	"net/http"
	"os"
	"strings"
	"syscall"
	"crypto/tls"
)

// The XML response returned by the WatchGuard server
type Resp struct {
	Action      string `xml:"action"`
	LogonStatus int    `xml:"logon_status"`
	LogonId     int    `xml:"logon_id"`
	Error       string `xml:"errStr"`
	Challenge   string `xml:"chaStr"`
}

func main() {
	args := os.Args[1:]

	if len(args) < 1 {
		fmt.Fprintln(os.Stderr, "Usage: watchblob <vpn-host>")
		os.Exit(1)
	}

	host := args[0]
	//username, password, err := readCredentials()
	username := args[1]
	password := args[2]
	//if err != nil {
	//	fmt.Fprintf(os.Stderr, "Could not read credentials: %v\n", err)
	//}

	fmt.Printf("Requesting challenge from %s as user %s\n", host, username)
	challenge, err := triggerChallengeResponse(&host, &username, &password)

	if err != nil || challenge.LogonStatus != 4 {
		fmt.Fprintln(os.Stderr, "Did not receive challenge from server")
		fmt.Fprintf(os.Stderr, "Response: %v\nError: %v\n", challenge, err)
		os.Exit(1)
	}

	token := getToken(&challenge)
	err = logon(&host, &challenge, &token)

	if err != nil {
		fmt.Fprintf(os.Stderr, "Logon failed: %v\n", err)
		os.Exit(1)
	}

	fmt.Printf("Login succeeded, you may now (quickly) authenticate OpenVPN with %s as your password\n", token)
}

func readCredentials() (string, string, error) {
	fmt.Printf("Username: ")
	reader := bufio.NewReader(os.Stdin)
	username, err := reader.ReadString('\n')


	fmt.Printf("Password: ")
	password, err := terminal.ReadPassword(syscall.Stdin)
	fmt.Println()

	// If an error occured, I don't care about which one it is.
	return strings.TrimSpace(username), strings.TrimSpace(string(password)), err
}

func triggerChallengeResponse(host *string, username *string, password *string) (r Resp, err error) {
	return request(templateUrl(host, templateChallengeTriggerUri(username, password)))
}

func getToken(challenge *Resp) string {
	fmt.Println(challenge.Challenge)

	reader := bufio.NewReader(os.Stdin)
	token, _ := reader.ReadString('\n')

	return strings.TrimSpace(token)
}

func logon(host *string, challenge *Resp, token *string) (err error) {
	resp, err := request(templateUrl(host, templateResponseUri(challenge.LogonId, token)))
	if err != nil {
		return
	}

	if resp.LogonStatus != 1 {
		err = fmt.Errorf("Challenge/response authentication failed: %v", resp)
	}

	return
}

func request(url string) (r Resp, err error) {
	http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
	resp, err := http.Get(url)
	if err != nil {
		return
	}

	defer resp.Body.Close()
	decoder := xml.NewDecoder(resp.Body)

	err = decoder.Decode(&r)
	return
}

doesn't contain any IP SANs

Hi,

I'm getting the following error when trying to connect...

(A: Names have been changed to protect the innocent.)

:~/go/bin$ ./watchblob 1.1.1.1
Username: admin
Password:
Requesting challenge from 1.1.1.1 as user admin
Did not receive challenge from server
Response: { 0 0 }
Error: Get https://1.1.1.1/?action=sslvpn_logon&fw_domain=Firebox-DB&fw_logon_type=logon&fw_password=piswud_username=admin&style=fw_logon_progress.xsl: x509: cannot validate certificate for 1.1.1.1 because it doesn't contain any IP SANs

Any idea what might be the problem?

Ta

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.