Pastebin and hastebin posting subsystem for scripting the posting

of stripped confidential information to pastebin/hastebin.
9 years ago · 2b52626cf0
4 changed files with 172 additions and 2 deletions
--- a/lgsm/functions/command_details.sh
+++ b/lgsm/functions/command_details.sh
@ -580,6 +580,8 @@ fn_details_ark(){


 # Run checks and gathers details to display.
+
+fn_display_details() {
 check.sh
 info_config.sh
 info_distro.sh
@ -642,4 +644,10 @@ else
 fi

 fn_details_statusbottom
-core_exit.sh
+}
+
+if [ -z ${POSTDETAILS} ] ;
+then 
+  fn_display_details
+  core_exit.sh
+fi
--- a/lgsm/functions/command_postdetails.sh
+++ b/lgsm/functions/command_postdetails.sh
@ -0,0 +1,136 @@
+#!/bin/bash -x
+# LGSM command_postdetails.sh function
+# Author: CedarLUG
+# Contributor: CedarLUG
+# Website: https://gameservermanagers.com
+# Description: Strips sensitive information out of Details output
+
+local commandname="POSTDETAILS"
+local commandaction="Postdetails"
+local function_selfname="$(basename $(readlink -f "${BASH_SOURCE[0]}"))"
+
+# POSTDETAILS variable affects the output of command_details.sh.  Setting
+# it here silences the output from sourcing command_details.sh.
+POSTDETAILS=yes
+
+# Set POSTTARGET to the appropriately-defined post destination.  The present
+# option is only pastebin, but hastebin is on the todo list (and should be
+# a lot easier than pastebin.
+#
+# Another reason for an alternative here is that pastebin limits guest
+# posts to 10 per day, which might be a tight limit for some debugging situations.
+ 
+POSTTARGET="http://pastebin.com"
+POSTEXPIRE="1W" # use 1 week as the default, other options are '24h' for a day, etc.
+
+# This file sources the command_details.sh file to leverage all
+# of the already-defined functions.  To keep the command_details.sh
+# from actually producing output, the main executable statements have
+# been wrapped in the equivalent of an ifdef clause, that looks
+# for the variable "postdetails" to be defined. -CedarLUG
+
+# source all of the functions defined in the details command
+. ${functionsdir}/command_details.sh
+
+fn_bad_tmpfile() {
+	echo "There was a problem creating a temporary file ${tmpfile}."
+	core_exit.sh
+}
+
+fn_gen_rand() {
+	# This is just a simple random generator to generate a random
+ 	# name for storing the output.  Named pipes would (possibly) be
+	# better. -CedarLUG
+	#
+	# len holds the number of digits in our random string
+	local len=$1
+	# If not specified, default to 10.
+       	: {len:=10}
+	# Quick generator for a random filename, pulled from /dev/urandom
+      	tr -dc A-Za-z0-9_ < /dev/urandom | head -c ${len} | xargs
+}
+
+# Rather than a one-pass sed parser, default to using a temporary directory
+filedir="${lgsmdir}/tmp"
+
+# Not all game servers possess a tmp directory.  So create it if
+# it doesn't already exist
+mkdir -p ${filedir} 2>&1 >/dev/null
+
+tmpfile=${filedir}/$(fn_gen_rand 10).tmp
+
+touch ${tmpfile} || fn_bad_tmpfile
+
+# fn_display_details is found in the command_details.sh file (which 
+# was sourced above.  The output is parsed for passwords and other
+# confidential information. -CedarLUG
+
+# The numerous sed lines could certainly be condensed quite a bit,
+# but they are separated out to provide examples for how to add
+# additional criteria in a straight-forward manner.
+# (This was originally a sed one-liner.) -CedarLUG
+
+fn_display_details | sed -e 's/password="[^"]*/password="--stripped--/' |
+                sed -e 's/password "[^"]*/password "--stripped--/' |
+                sed -e 's/password: .*/password: --stripped--/' |
+                sed -e 's/gslt="[^"]*/gslt="--stripped--/' |
+                sed -e 's/gslt "[^"]*/gslt "--stripped--/' |
+                sed -e 's/pushbullettoken="[^"]*/pushbullettoken="--stripped--/' |
+                sed -e 's/pushbullettoken "[^"]*/pushbullettoken "--stripped--/' |
+                sed -e 's/authkey="[^"]*/authkey="--stripped--/' |
+                sed -e 's/authkey "[^"]*/authkey "--stripped--/' |
+                sed -e 's/authkey [A-Za-z0-9]\+/authkey --stripped--/' |
+                sed -e 's/rcts_strAdminPassword="[^"]*/rcts_strAdminPassword="--stripped--/' |
+                sed -e 's/rcts_strAdminPassword "[^"]*/rcts_strAdminPassword "--stripped--/' |
+                sed -e 's/sv_setsteamaccount [A-Za-z0-9]\+/sv_setsteamaccount --stripped--/' |
+                sed -e 's/sv_password="[^"]*/sv_password="--stripped--/' |
+                sed -e 's/sv_password "[^"]*/sv_password "--stripped--/' |
+                sed -e 's/zmq_stats_password="[^"]*/zmq_stats_password="--stripped--/' |
+                sed -e 's/zmq_stats_password "[^"]*/zmq_stats_password "--stripped--/' |
+                sed -e 's/zmq_rcon_password="[^"]*/zmq_rcon_password="--stripped--/' |
+                sed -e 's/zmq_rcon_password "[^"]*/zmq_rcon_password "--stripped--/' |
+                sed -e 's/pass="[^"]*/pass="--stripped--/' |
+                sed -e 's/pass "[^"]*/pass "--stripped--/' |
+                sed -e 's/rconServerPassword="[^"]*/rconServerPassword="--stripped--/' |
+                sed -e 's/rconServerPassword "[^"]*/rconServerPassword "--stripped--/' > ${tmpfile}
+
+# strip off all console escape codes (colorization)
+sed -i -r "s/[\x1B,\x0B]\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g" ${tmpfile}
+
+# If the gameserver uses anonymous steam credentials, leave them displayed
+# in the output.  Otherwise, strip these out as well.
+if ! grep -q "^steampass[= ]\"\"" ${tmpfile} ; then
+	sed -i -e 's/steampass[= ]"[^"]*/steampass "--stripped--/' ${tmpfile}
+fi
+if ! grep -q "^steamuser[= ]\"anonymous\"" ${tmpfile} ; then
+	sed -i -e 's/steamuser[= ]"[^"]*/steamuser "--stripped--/' ${tmpfile}
+fi
+
+if [ "$POSTTARGET" == "http://pastebin.com" ] ; then 
+   # grab the return from 'value' from an initial visit to pastebin.
+   TOKEN=$(curl -s $POSTTARGET |
+           sed -n 's/^.*input type="hidden" name="csrf_token_post" value="\(.*\)".*$/\1/p')
+   # 
+   # Use the TOKEN to then post the content.
+   #
+   link=$(curl -s "$POSTTARGET/post.php" -D - -F "submit_hidden=submit_hidden" \
+	       -F "post_key=$TOKEN" -F "paste_expire_date=${POSTEXPIRE}" \
+	       -F "paste_name=${gamename} Debug Info" \
+               -F "paste_format=8" -F "paste_private=0" \
+               -F "paste_type=bash" -F "paste_code=<${tmpfile}" |
+	       awk '/^location: / { print $2 }' | sed "s/\n//g")
+
+   # Output the resulting link.
+   fn_print_warn_nl "You now need to visit (and verify) the content posted at ${POSTTARGET}${link}"
+elif [ "$POSTTARGET" == "http://hastebin.com" ] ; then
+   # hastebin is a bit simpler.  If successful, the returned result
+   # should look like: {"something":"key"}, putting the reference that
+   # we need in "key".  TODO - error handling. -CedarLUG
+   link=$(curl -s -d "$(<${tmpfile}) | cut -d\" -f4)
+   fn_print_warn_nl "You now need to visit (and verify) the content posted at ${POSTTARGET}${link}"
+fi
+
+# cleanup
+rm ${tmpfile} || /bin/true
+
+core_exit.sh
--- a/lgsm/functions/core_functions.sh
+++ b/lgsm/functions/core_functions.sh
@ -120,6 +120,18 @@ functionfile="${FUNCNAME}"
 fn_fetch_function
 }

+command_postdetails.sh(){
+    functionfile="${FUNCNAME}"
+    tempffname=$functionfile
+    # First, grab the command_postdetails.sh file
+    fn_fetch_function
+    # But then next, command_details.sh needs to also be pulled
+    # because command_postdetails.sh sources its functions -CedarLUG
+    functionfile="command_details.sh"
+    fn_fetch_function
+    functionfile=$tempffname
+}
+
 command_postdetails.sh(){
 functionfile="${FUNCNAME}"
 tempffname=$functionfile
--- a/lgsm/functions/core_getopt.sh
+++ b/lgsm/functions/core_getopt.sh
@ -29,6 +29,8 @@ case "${getopt}" in
 		command_test_alert.sh;;
 	dt|details)
 		command_details.sh;;
+	pd|postdetails)
+		command_postdetails.sh;;
 	b|backup)
 		command_backup.sh;;
 	c|console)
@ -68,6 +70,7 @@ case "${getopt}" in
 		echo -e "${blue}monitor\t${default}m  |Checks that the server is running."
 		echo -e "${blue}test-alert\t${default}ta |Sends test alert."
 		echo -e "${blue}details\t${default}dt |Displays useful information about the server."
+		echo -e "${blue}postdetails\t${default}pd | Post stripped details to pastebin (for support)"
 		echo -e "${blue}backup\t${default}b  |Create archive of the server."
 		echo -e "${blue}console\t${default}c  |Console allows you to access the live view of a server."
 		echo -e "${blue}debug\t${default}d  |See the output of the server directly to your terminal."
@ -95,6 +98,8 @@ case "${getopt}" in
 		command_test_alert.sh;;
 	dt|details)
 		command_details.sh;;
+	pd|postdetails)
+		command_postdetails.sh;;
 	b|backup)
 		command_backup.sh;;
 	pw|change-password)
@ -130,6 +135,7 @@ case "${getopt}" in
 		echo -e "${blue}monitor\t${default}m  |Checks that the server is running."
 		echo -e "${blue}test-alert\t${default}ta |Sends test alert."
 		echo -e "${blue}details\t${default}dt |Displays useful information about the server."
+		echo -e "${blue}postdetails\t${default}pd | Post stripped details to pastebin (for support)"
 		echo -e "${blue}change-password\t${default}pw |Changes TS3 serveradmin password."
 		echo -e "${blue}backup\t${default}b  |Create archive of the server."
 		echo -e "${blue}install\t${default}i  |Install the server."
@ -156,6 +162,8 @@ case "${getopt}" in
 		command_test_alert.sh;;
 	dt|details)
 		command_details.sh;;
+	pd|postdetails)
+		command_postdetails.sh;;
 	b|backup)
 		command_backup.sh;;
 	c|console)
@ -193,6 +201,7 @@ case "${getopt}" in
 		echo -e "${blue}monitor\t${default}m  |Checks that the server is running."
 		echo -e "${blue}test-alert\t${default}ta |Sends test alert."
 		echo -e "${blue}details\t${default}dt |Displays useful infomation about the server."
+		echo -e "${blue}postdetails\t${default}pd | Post stripped details to pastebin (for support)"
 		echo -e "${blue}backup\t${default}b  |Create archive of the server."
 		echo -e "${blue}console\t${default}c  |Console allows you to access the live view of a server."
 		echo -e "${blue}debug\t${default}d  |See the output of the server directly to your terminal."
@ -220,6 +229,8 @@ case "${getopt}" in
 		command_test_alert.sh;;
 	dt|details)
 		command_details.sh;;
+	pd|postdetails)
+		command_postdetails.sh;;
 	b|backup)
 		command_backup.sh;;
 	dev|dev-debug)
@ -251,6 +262,7 @@ case "${getopt}" in
 		echo -e "${blue}monitor\t${default}m  |Checks that the server is running."
 		echo -e "${blue}test-alert\t${default}ta |Sends test alert."
 		echo -e "${blue}details\t${default}dt |Displays useful information about the server."
+		echo -e "${blue}postdetails\t${default}pd | Post stripped details to pastebin (for support)"
 		echo -e "${blue}backup\t${default}b  |Create archive of the server."
 		echo -e "${blue}install\t${default}i  |Install the server."
 	} | column -s $'\t' -t
@ -280,6 +292,8 @@ case "${getopt}" in
 		command_test_alert.sh;;
 	dt|details)
 		command_details.sh;;
+	pd|postdetails)
+		command_postdetails.sh;;
 	b|backup)
 		command_backup.sh;;
 	c|console)
@ -557,4 +571,4 @@ elif [ "${engine}" == "unreal" ]; then
 else
 	fn_getopt_generic
 fi
-core_exit.sh
+core_exit.sh