03-16-2009 03:10 AM
Hi,
Anyone who has experiences with ACE using TCL script language for configuring probes that has to start a SSH sessions to the real servers. Within this SSH sessions commands, started from the real servers has to pass return codes to the script.
I can't find any suitable example, nor TCL commands in the ACE TCL guide.
Thanks.
Kind regards, Wim
03-17-2009 05:33 AM
Wim,
you will probably need to use binary send command.
Sniff a request, extract the bytes in hexadecimal and configure the script to resend those exact same bytes.
For the response, this is basically the same.
You will get binary data and you can analyse them to extract the code you need.
Look at the ldap scriot as an example.
Here is an extract of the code :
# send a standard anonymous bind request
ace_debug "sending ldap bind request"
puts -nonewline $sock [ binary format "H*" 300c020101600702010304008000 ]
flush $sock
# read string back from server
ace_debug "receiving ldap bind result"
set line [read $sock 14]
binary scan $line H* res
binary scan $line @7H6 code
ace_debug "recived $res with code $code"
Gilles.
Gilles.
04-29-2009 05:57 AM
Giles,
in this related topic,
I'm trying to modify the (is it hex) send data from
"H*" 300c020101600702010304008000
to a new one as below
excluding angle bracket.
Is their a way to convert this string?
SS
04-29-2009 07:05 AM
I've converted the send string
I'm trying to convert an expected string
< cn="monitor">>
and apply that some where in the following, i guess.
# read string back from server
ace_debug "receiving ldap bind result"
set line [read $sock 14]
binary scan $line H* res
binary scan $line @7H6 code
ace_debug "recived $res with code $code"
Some explanation of what and how is this paragraph programmed is appriciated.
SS
04-30-2009 01:25 AM
Hi,
The code excerpt basically reads in 14 bytes of the bit stream from the socket, converts it into a hexadecimal string and finds the 6 hexadecimal characters from the eigthth byte (offset 7 - starting at 0). The string that is being scanned should look something like:
300c01010161070a010004000400
which when decoded is a BindResponse (0x61) to the BindRequest (matching Message ID) and is a return code of 0. Success.
If you are intent on writing your own probe or modifying an existing probe for LDAP then you will need some fluency in Tcl and an understanding of ASN.1 encoding.
As Gilles said earlier, the easiest way of finding the appropriate strings is to do a packet capture of a system making the request and decode it (Wireshark).
HTH
Cathy
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide