diff --git a/pandora_agents/win32/Makefile.am b/pandora_agents/win32/Makefile.am index 4641081570..94e77312c4 100644 --- a/pandora_agents/win32/Makefile.am +++ b/pandora_agents/win32/Makefile.am @@ -1,9 +1,9 @@ bin_PROGRAMS = PandoraAgent if DEBUG -PandoraAgent_SOURCES = misc/cron.cc misc/pandora_file.cc modules/pandora_data.cc modules/pandora_module_factory.cc modules/pandora_module.cc modules/pandora_module_list.cc modules/pandora_module_plugin.cc modules/pandora_module_inventory.cc modules/pandora_module_freememory.cc modules/pandora_module_exec.cc modules/pandora_module_perfcounter.cc modules/pandora_module_proc.cc modules/pandora_module_tcpcheck.cc modules/pandora_module_freememory_percent.cc modules/pandora_module_freedisk.cc modules/pandora_module_freedisk_percent.cc modules/pandora_module_logevent.cc modules/pandora_module_service.cc modules/pandora_module_cpuusage.cc modules/pandora_module_wmiquery.cc modules/pandora_module_regexp.cc modules/pandora_module_ping.cc modules/pandora_module_snmpget.cc udp_server/udp_server.cc main.cc pandora_strutils.cc pandora.cc windows_service.cc pandora_agent_conf.cc windows/pandora_windows_info.cc windows/pandora_wmi.cc pandora_windows_service.cc misc/md5.c misc/sha256.cc windows/wmi/disphelper.c ssh/libssh2/channel.c ssh/libssh2/mac.c ssh/libssh2/session.c ssh/libssh2/comp.c ssh/libssh2/misc.c ssh/libssh2/sftp.c ssh/libssh2/crypt.c ssh/libssh2/packet.c ssh/libssh2/userauth.c ssh/libssh2/hostkey.c ssh/libssh2/publickey.c ssh/libssh2/kex.c ssh/libssh2/scp.c ssh/pandora_ssh_client.cc ssh/pandora_ssh_test.cc ftp/pandora_ftp_client.cc ftp/pandora_ftp_test.cc debug_new.cpp +PandoraAgent_SOURCES = misc/cron.cc misc/pandora_file.cc modules/pandora_data.cc modules/pandora_module_factory.cc modules/pandora_module.cc modules/pandora_module_list.cc modules/pandora_module_plugin.cc modules/pandora_module_inventory.cc modules/pandora_module_freememory.cc modules/pandora_module_exec.cc modules/pandora_module_exec_powershell.cc modules/pandora_module_perfcounter.cc modules/pandora_module_proc.cc modules/pandora_module_tcpcheck.cc modules/pandora_module_freememory_percent.cc modules/pandora_module_freedisk.cc modules/pandora_module_freedisk_percent.cc modules/pandora_module_logevent.cc modules/pandora_module_service.cc modules/pandora_module_cpuusage.cc modules/pandora_module_wmiquery.cc modules/pandora_module_regexp.cc modules/pandora_module_ping.cc modules/pandora_module_snmpget.cc udp_server/udp_server.cc main.cc pandora_strutils.cc pandora.cc windows_service.cc pandora_agent_conf.cc windows/pandora_windows_info.cc windows/pandora_wmi.cc pandora_windows_service.cc misc/md5.c misc/sha256.cc windows/wmi/disphelper.c ssh/libssh2/channel.c ssh/libssh2/mac.c ssh/libssh2/session.c ssh/libssh2/comp.c ssh/libssh2/misc.c ssh/libssh2/sftp.c ssh/libssh2/crypt.c ssh/libssh2/packet.c ssh/libssh2/userauth.c ssh/libssh2/hostkey.c ssh/libssh2/publickey.c ssh/libssh2/kex.c ssh/libssh2/scp.c ssh/pandora_ssh_client.cc ssh/pandora_ssh_test.cc ftp/pandora_ftp_client.cc ftp/pandora_ftp_test.cc debug_new.cpp PandoraAgent_CXXFLAGS=-g -O0 else -PandoraAgent_SOURCES = misc/cron.cc misc/pandora_file.cc modules/pandora_data.cc modules/pandora_module_factory.cc modules/pandora_module.cc modules/pandora_module_list.cc modules/pandora_module_plugin.cc modules/pandora_module_inventory.cc modules/pandora_module_freememory.cc modules/pandora_module_exec.cc modules/pandora_module_perfcounter.cc modules/pandora_module_proc.cc modules/pandora_module_tcpcheck.cc modules/pandora_module_freememory_percent.cc modules/pandora_module_freedisk.cc modules/pandora_module_freedisk_percent.cc modules/pandora_module_logevent.cc modules/pandora_module_logchannel.cc modules/pandora_module_service.cc modules/pandora_module_cpuusage.cc modules/pandora_module_wmiquery.cc modules/pandora_module_regexp.cc modules/pandora_module_ping.cc modules/pandora_module_snmpget.cc udp_server/udp_server.cc main.cc pandora_strutils.cc pandora.cc windows_service.cc pandora_agent_conf.cc windows/pandora_windows_info.cc windows/pandora_wmi.cc pandora_windows_service.cc misc/md5.c misc/sha256.cc windows/wmi/disphelper.c ssh/libssh2/channel.c ssh/libssh2/mac.c ssh/libssh2/session.c ssh/libssh2/comp.c ssh/libssh2/misc.c ssh/libssh2/sftp.c ssh/libssh2/crypt.c ssh/libssh2/packet.c ssh/libssh2/userauth.c ssh/libssh2/hostkey.c ssh/libssh2/publickey.c ssh/libssh2/kex.c ssh/libssh2/scp.c ssh/pandora_ssh_client.cc ssh/pandora_ssh_test.cc ftp/pandora_ftp_client.cc ftp/pandora_ftp_test.cc +PandoraAgent_SOURCES = misc/cron.cc misc/pandora_file.cc modules/pandora_data.cc modules/pandora_module_factory.cc modules/pandora_module.cc modules/pandora_module_list.cc modules/pandora_module_plugin.cc modules/pandora_module_inventory.cc modules/pandora_module_freememory.cc modules/pandora_module_exec.cc modules/pandora_module_exec_powershell.cc modules/pandora_module_perfcounter.cc modules/pandora_module_proc.cc modules/pandora_module_tcpcheck.cc modules/pandora_module_freememory_percent.cc modules/pandora_module_freedisk.cc modules/pandora_module_freedisk_percent.cc modules/pandora_module_logevent.cc modules/pandora_module_logchannel.cc modules/pandora_module_service.cc modules/pandora_module_cpuusage.cc modules/pandora_module_wmiquery.cc modules/pandora_module_regexp.cc modules/pandora_module_ping.cc modules/pandora_module_snmpget.cc udp_server/udp_server.cc main.cc pandora_strutils.cc pandora.cc windows_service.cc pandora_agent_conf.cc windows/pandora_windows_info.cc windows/pandora_wmi.cc pandora_windows_service.cc misc/md5.c misc/sha256.cc windows/wmi/disphelper.c ssh/libssh2/channel.c ssh/libssh2/mac.c ssh/libssh2/session.c ssh/libssh2/comp.c ssh/libssh2/misc.c ssh/libssh2/sftp.c ssh/libssh2/crypt.c ssh/libssh2/packet.c ssh/libssh2/userauth.c ssh/libssh2/hostkey.c ssh/libssh2/publickey.c ssh/libssh2/kex.c ssh/libssh2/scp.c ssh/pandora_ssh_client.cc ssh/pandora_ssh_test.cc ftp/pandora_ftp_client.cc ftp/pandora_ftp_test.cc PandoraAgent_CXXFLAGS=-O2 endif diff --git a/pandora_agents/win32/modules/pandora_module.cc b/pandora_agents/win32/modules/pandora_module.cc index 2df46ad9d5..69a801e96b 100644 --- a/pandora_agents/win32/modules/pandora_module.cc +++ b/pandora_agents/win32/modules/pandora_module.cc @@ -236,6 +236,8 @@ Module_Kind Pandora_Module::parseModuleKindFromString (string kind) { if (kind == module_exec_str) { return MODULE_EXEC; + } else if (kind == module_exec_powershell_str) { + return MODULE_EXEC_POWERSHELL; } else if (kind == module_proc_str) { return MODULE_PROC; } else if (kind == module_service_str) { diff --git a/pandora_agents/win32/modules/pandora_module.h b/pandora_agents/win32/modules/pandora_module.h index 111fc79c79..bb19b266b2 100644 --- a/pandora_agents/win32/modules/pandora_module.h +++ b/pandora_agents/win32/modules/pandora_module.h @@ -94,7 +94,8 @@ namespace Pandora_Modules { MODULE_REGEXP, /**< The module searches a file for matches of a regular expression */ MODULE_PLUGIN, /**< Plugin */ MODULE_PING, /**< Ping module */ - MODULE_SNMPGET /**< SNMP get module */ + MODULE_SNMPGET, /**< SNMP get module */ + MODULE_EXEC_POWERSHELL /**< The module run a custom powershell command */ } Module_Kind; /** @@ -109,24 +110,25 @@ namespace Pandora_Modules { regex_t regexp; } Condition; - const string module_exec_str = "module_exec"; - const string module_proc_str = "module_proc"; - const string module_service_str = "module_service"; - const string module_freedisk_str = "module_freedisk"; - const string module_freedisk_percent_str = "module_freedisk_percent"; - const string module_freememory_str = "module_freememory"; - const string module_freememory_percent_str = "module_freememory_percent"; - const string module_cpuusage_str = "module_cpuusage"; - const string module_inventory_str = "module_inventory"; - const string module_logevent_str = "module_logevent"; - const string module_logchannel_str = "module_logchannel"; - const string module_wmiquery_str = "module_wmiquery"; - const string module_perfcounter_str = "module_perfcounter"; - const string module_tcpcheck_str = "module_tcpcheck"; - const string module_regexp_str = "module_regexp"; - const string module_plugin_str = "module_plugin"; - const string module_ping_str = "module_ping"; - const string module_snmpget_str = "module_snmpget"; + const string module_exec_str = "module_exec"; + const string module_proc_str = "module_proc"; + const string module_service_str = "module_service"; + const string module_freedisk_str = "module_freedisk"; + const string module_freedisk_percent_str = "module_freedisk_percent"; + const string module_freememory_str = "module_freememory"; + const string module_freememory_percent_str = "module_freememory_percent"; + const string module_cpuusage_str = "module_cpuusage"; + const string module_inventory_str = "module_inventory"; + const string module_logevent_str = "module_logevent"; + const string module_logchannel_str = "module_logchannel"; + const string module_wmiquery_str = "module_wmiquery"; + const string module_perfcounter_str = "module_perfcounter"; + const string module_tcpcheck_str = "module_tcpcheck"; + const string module_regexp_str = "module_regexp"; + const string module_plugin_str = "module_plugin"; + const string module_ping_str = "module_ping"; + const string module_snmpget_str = "module_snmpget"; + const string module_exec_powershell_str = "module_exec_powershell"; /** * Pandora module super-class exception. diff --git a/pandora_agents/win32/modules/pandora_module_exec_powershell.cc b/pandora_agents/win32/modules/pandora_module_exec_powershell.cc new file mode 100644 index 0000000000..99d37b7822 --- /dev/null +++ b/pandora_agents/win32/modules/pandora_module_exec_powershell.cc @@ -0,0 +1,91 @@ +/* Pandora exec module. These modules exec a powershell command. + + Copyright (c) 2006-2023 Pandora FMS. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2, or (at your option) + any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, + Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +*/ + +#include "pandora_module_exec_powershell.h" +#include "../pandora_strutils.h" + +#include +#include +#include +#include +#include +#include + +#define EXEC_OK 0 +#define EXEC_ERR -1 +#define BUFSIZE 4096 + +using namespace Pandora; +using namespace Pandora_Strutils; +using namespace Pandora_Modules; + +/** + * Creates a Pandora_Module_Exec_Powershell object. + * + * @param name Module name + * @param exec Command to be executed. + */ +Pandora_Module_Exec_Powershell::Pandora_Module_Exec_Powershell(string name, string exec) + : Pandora_Module (name) { + + string escaped_exec; + + for (char c : exec) { + if (c == '"' || c == '\\') { + escaped_exec += '\\'; + } + escaped_exec += c; + } + + this->module_exec = "powershell -C \"" + escaped_exec + "\""; + + this->setKind (module_exec_powershell_str); +} + +void Pandora_Module_Exec_Powershell::run() { + string output_result; + + this->has_output = false; + + FILE* pipe = popen(this->module_exec.c_str(), "r"); + if (!pipe) { + pandoraLog ("Error while executing command.", GetLastError ()); + return; + } + + char buffer[BUFSIZE]; + while (fgets(buffer, BUFSIZE, pipe) != NULL) { + output_result += buffer; + } + + int result = pclose(pipe); + + if (result == EXEC_ERR) { + pandoraLog ("Error while closing command process.", GetLastError ()); + return; + } + + if (result != EXEC_OK) { + pandoraLog ("Error invalid powershell command.", GetLastError ()); + return; + } + + this->has_output = true; + this->setOutput (output_result); +} \ No newline at end of file diff --git a/pandora_agents/win32/modules/pandora_module_exec_powershell.h b/pandora_agents/win32/modules/pandora_module_exec_powershell.h new file mode 100644 index 0000000000..d3c9785c29 --- /dev/null +++ b/pandora_agents/win32/modules/pandora_module_exec_powershell.h @@ -0,0 +1,43 @@ +/* Pandora exec module. These modules exec a powershell command + + Copyright (c) 2006-2023 Pandora FMS. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2, or (at your option) + any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, + Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +*/ + +#ifndef __PANDORA_MODULE_EXEC_POWERWSHELL_H__ +#define __PANDORA_MODULE_EXEC_POWERWSHELL_H__ + +#include "pandora_module.h" + +namespace Pandora_Modules { + /** + * Module to execute a powershell command. + * + * Any custom order that want to be executed can be put in + * the util directory into the Pandora agent path. + */ + class Pandora_Module_Exec_Powershell : public Pandora_Module { + + private: + string module_exec; + + public: + Pandora_Module_Exec_Powershell (string name, string exec); + void run (); + }; +} + +#endif diff --git a/pandora_agents/win32/modules/pandora_module_factory.cc b/pandora_agents/win32/modules/pandora_module_factory.cc index de149293ff..dd71dc2dd8 100644 --- a/pandora_agents/win32/modules/pandora_module_factory.cc +++ b/pandora_agents/win32/modules/pandora_module_factory.cc @@ -22,6 +22,7 @@ #include "pandora_module_factory.h" #include "pandora_module.h" #include "pandora_module_exec.h" +#include "pandora_module_exec_powershell.h" #include "pandora_module_proc.h" #include "pandora_module_service.h" #include "pandora_module_freedisk.h" @@ -129,6 +130,7 @@ using namespace Pandora_Strutils; #define TOKEN_ALERT_TEMPLATE ("module_alert_template") #define TOKEN_USER_SESSION ("module_user_session ") #define TOKEN_WAIT_TIMEOUT ("module_wait_timeout ") +#define TOKEN_EXEC_POWERSHELL ("module_exec_powershell ") string parseLine (string line, string token) { @@ -158,7 +160,7 @@ Pandora_Module * Pandora_Module_Factory::getModuleFromDefinition (string definition) { list tokens; list::iterator iter; - string module_name, module_type, module_exec; + string module_name, module_type, module_exec, module_exec_powershell; string module_min, module_max, module_description; string module_interval, module_absoluteinterval; string module_proc, module_service; @@ -268,6 +270,7 @@ Pandora_Module_Factory::getModuleFromDefinition (string definition) { module_user_session = ""; macro = ""; module_wait_timeout = ""; + module_exec_powershell = ""; stringtok (tokens, definition, "\n"); @@ -302,6 +305,9 @@ Pandora_Module_Factory::getModuleFromDefinition (string definition) { if (module_exec == "") { module_exec = parseLine (line, TOKEN_EXEC); } + if (module_exec_powershell == "") { + module_exec_powershell = parseLine (line, TOKEN_EXEC_POWERSHELL); + } if (module_wait_timeout == "") { module_wait_timeout = parseLine (line, TOKEN_WAIT_TIMEOUT); } @@ -626,6 +632,13 @@ Pandora_Module_Factory::getModuleFromDefinition (string definition) { } } + if (module_exec_powershell != "") { + pos_macro = module_exec_powershell.find(macro_name); + if (pos_macro != string::npos){ + module_exec_powershell.replace(pos_macro, macro_name.size(), macro_value); + } + } + if (module_proc != "") { pos_macro = module_proc.find(macro_name); if (pos_macro != string::npos){ @@ -1155,6 +1168,9 @@ Pandora_Module_Factory::getModuleFromDefinition (string definition) { module->setWaitTimeout (atoi (module_wait_timeout.c_str ())); } + } else if (module_exec_powershell != "") { + module = new Pandora_Module_Exec_Powershell (module_name, module_exec_powershell); + } else if (module_proc != "") { module = new Pandora_Module_Proc (module_name, module_proc); diff --git a/pandora_agents/win32/modules/pandora_module_list.cc b/pandora_agents/win32/modules/pandora_module_list.cc index be5cc32d45..b0612902a3 100644 --- a/pandora_agents/win32/modules/pandora_module_list.cc +++ b/pandora_agents/win32/modules/pandora_module_list.cc @@ -21,6 +21,7 @@ #include "pandora_module_factory.h" #include "pandora_module_list.h" #include "pandora_module_exec.h" +#include "pandora_module_exec_powershell.h" #include "pandora_module_proc.h" #include "pandora_module_service.h" #include "pandora_module_freedisk.h" @@ -235,6 +236,7 @@ Pandora_Modules::Pandora_Module_List::parseModuleDefinition (string definition) Pandora_Module_Plugin *module_plugin; Pandora_Module_Ping *module_ping; Pandora_Module_SNMPGet *module_snmpget; + Pandora_Module_Exec_Powershell *module_exec_powershell; module = Pandora_Module_Factory::getModuleFromDefinition (definition); @@ -244,6 +246,11 @@ Pandora_Modules::Pandora_Module_List::parseModuleDefinition (string definition) module_exec = (Pandora_Module_Exec *) module; modules->push_back (module_exec); + break; + case MODULE_EXEC_POWERSHELL: + module_exec_powershell = (Pandora_Module_Exec_Powershell *) module; + modules->push_back (module_exec_powershell); + break; case MODULE_PROC: module_proc = (Pandora_Module_Proc *) module;