external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-03-09 15:40:18 +00:00
Code Issues Releases Wiki Activity

Added Intel AMT serial-over-lan terminal in meshcmd.

Browse source
This commit is contained in:
Ylian Saint-Hilaire 2022-08-02 16:24:40 -07:00
parent 356f2f5680
commit 9b05b27e06
5 changed files with 95 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

BIN
agents/MeshCmd-signed.exe
View file

Binary file not shown.

BIN
agents/MeshCmd64-signed.exe
View file

Binary file not shown.

54
agents/meshcmd.js
View file

@ -213,6 +213,7 @@ function run(argv) {
console.log(' AmtWake - Intel AMT Wake Alarms.');
console.log(' AmtRPE - Intel AMT Remote Platform Erase.');
console.log(' AmtDDNS - Intel AMT DDNS settings.');
console.log(' AmtTerm - Intel AMT Serial-over-LAN terminal.');
console.log('\r\nHelp on a specific action using:\r\n');
console.log(' meshcmd help [action]');
exit(0); return;
@ -441,6 +442,13 @@ function run(argv) {
console.log(' --set [disabled/dhcp/enabled] Set the dynamic DNS mode.');
console.log(' --interval [minutes] Set update interval in minutes, default is 1440, minimum is 20.');
console.log(' --ttl [seconds] Set time to live, default is 900.');
} else if (action == 'amtterm') {
console.log('AmtTerm is used to connect to the Serial-over-LAN port. Example usage:\r\n\r\n meshcmd amtterm --host 1.2.3.4 --user admin --pass mypassword');
console.log('\r\nRequired arguments:\r\n');
console.log(' --host [hostname] The IP address or DNS name of Intel AMT, 127.0.0.1 is default.');
console.log(' --pass [password] The Intel AMT login password.');
console.log('\r\nOptional arguments:\r\n');
console.log(' --tls Specifies that TLS must be used.');
} else {
actions.shift();
console.log('Invalid action, usage:\r\n\r\n meshcmd help [action]\r\n\r\nValid actions are: ' + actions.join(', ') + '.');
@ -829,6 +837,11 @@ function run(argv) {
if ((settings.password == null) || (typeof settings.password != 'string') || (settings.password == '')) { console.log('No or invalid \"password\" specified, use --password [password].'); exit(1); return; }
if ((settings.username == null) || (typeof settings.username != 'string') || (settings.username == '')) { settings.username = 'admin'; }
performAmtFeatureConfig(args);
} else if (settings.action == 'amtterm') {
if (settings.hostname == null) { settings.hostname = '127.0.0.1'; }
if ((settings.password == null) || (typeof settings.password != 'string') || (settings.password == '')) { console.log('No or invalid \"password\" specified, use --password [password].'); exit(1); return; }
if ((settings.username == null) || (typeof settings.username != 'string') || (settings.username == '')) { settings.username = 'admin'; }
performAmtTerm(args);
} else if (settings.action == 'amtpower') { // Perform remote Intel AMT power operation
if ((settings.hostname == null) || (typeof settings.hostname != 'string') || (settings.hostname == '')) { console.log('No or invalid \"hostname\" specified, use --hostname [host].'); exit(1); return; }
if ((settings.password == null) || (typeof settings.password != 'string') || (settings.password == '')) { console.log('No or invalid \"password\" specified, use --password [password].'); exit(1); return; }
@ -2406,8 +2419,8 @@ function OnMulticastMessage(msg, rinfo) {
// IDER
//
ider = null;
iderIdleTimer = null;
var ider = null;
var iderIdleTimer = null;
// Perform IDER
function performIder() {
@ -2981,6 +2994,43 @@ function makeUefiBootParam(type, data, len) {
function IntToStrX(v) { return String.fromCharCode(v & 0xFF, (v >> 8) & 0xFF, (v >> 16) & 0xFF, (v >> 24) & 0xFF); }
function ShortToStrX(v) { return String.fromCharCode(v & 0xFF, (v >> 8) & 0xFF); }
//
// Intel AMT Serial-over-LAN
//
var sol = null;
var solTimer = null;
// Called to start serial-over-lan terminal
function performAmtTerm(args) {
try {
sol = require('amt-redir-duk')(require('amt-sol')());
sol.onStateChanged = onSolStateChange;
sol.m.onData = onSolData;
sol.m.debug = (settings.debuglevel > 0);
sol.Start(settings.hostname, (settings.tls == true) ? 16995 : 16994, settings.username ? 'admin' : settings.username, settings.password, settings.tls);
} catch (ex) { console.log(ex); }
}
// Called when the serial-over-lan connection state changes
function onSolStateChange(stack, state) {
console.log(["Disconnected", "Connecting...", "Connected...", "Started Serial-over-LAN..."][state]);
if (state == 0) { exit(0); }
if (state == 3) {
// TODO: Serial-over-LAN is connected, we need to send stdin keys using sol.m.Send('abc');
// For now, we setup thie timer to send 'abc' at one second interval into serial-over-lan channel.
if (solTimer == null) { solTimer = setInterval(function () { sol.m.Send('abc'); }, 1000); }
} else {
// Serial-over-LAN is not active, stop any stdin key capture
if (solTimer != null) { clearInterval(solTimer); solTimer = null; }
}
}
// This is called when serial-over-lan data come in from Intel AMT
function onSolData(stack, data) { console.log(data); }
//
// Intel AMT feature configuration action
//

47
agents/modules_meshcmd/amt-redir-duk.js
View file

@ -21,10 +21,10 @@ module.exports = function CreateAmtRedirect(module) {
obj.protocol = module.protocol; // 1 = SOL, 2 = KVM, 3 = IDER
obj.xtlsoptions = null;
obj.amtaccumulator = null;
obj.amtaccumulator = Buffer.alloc(0);
obj.amtsequence = 1;
obj.amtkeepalivetimer = null;
obj.authuri = "/RedirectionService";
obj.authuri = '/RedirectionService';
obj.digestRealmMatch = null;
obj.onStateChanged = null;
@ -80,7 +80,7 @@ module.exports = function CreateAmtRedirect(module) {
}
*/
if (urlvars && urlvars['redirtrace']) { console.log("REDIR-CONNECTED"); }
if (urlvars && urlvars['redirtrace']) { console.log('REDIR-CONNECTED'); }
//obj.Debug("Socket Connected");
obj.xxStateChange(2);
if (obj.protocol == 1) obj.xxSend(obj.RedirectStartSol); // TODO: Put these strings in higher level module to tighten code
@ -89,14 +89,14 @@ module.exports = function CreateAmtRedirect(module) {
}
obj.xxOnSocketData = function (data) {
//console.log('xxOnSocketData: ' + data.toString('hex'), data.length);
if (!data || obj.connectstate == -1) return;
if (urlvars && urlvars['redirtrace']) { console.log("REDIR-RECV(" + data.length + "): " + data.toString('hex')); }
if (urlvars && urlvars['redirtrace']) { console.log('REDIR-RECV(' + data.length + '): ' + data.toString('hex')); }
//obj.Debug("Recv(" + data.length + "): " + rstr2hex(data));
if ((obj.protocol == 2 || obj.protocol == 3) && obj.connectstate == 1) { return obj.m.ProcessData(data); } // KVM or IDER traffic, forward it directly.
if (obj.amtaccumulator == null) { obj.amtaccumulator = data; } else { obj.amtaccumulator = Buffer.concat(obj.amtaccumulator, data); }
//obj.Debug("Recv(" + obj.amtaccumulator.length + "): " + rstr2hex(obj.amtaccumulator));
while (obj.amtaccumulator != null) {
obj.amtaccumulator = Buffer.concat([obj.amtaccumulator, data]);
//obj.Debug("Recv(" + obj.amtaccumulator.length + "): " + obj.amtaccumulator.toString('hex'));
while (obj.amtaccumulator.length > 0) {
var cmdsize = 0;
//console.log('CMD: ' + obj.amtaccumulator[0]);
switch (obj.amtaccumulator[0]) {
@ -170,9 +170,9 @@ module.exports = function CreateAmtRedirect(module) {
qoplen = authDataBuf[curptr];
qop = authDataBuf.slice(curptr + 1, curptr + 1 + qoplen).toString();
curptr += (qoplen + 1);
extra = snc + ":" + cnonce + ":" + qop + ":";
extra = snc + ':' + cnonce + ':' + qop + ':';
}
var digest = hex_md5(hex_md5(obj.user + ":" + realm + ":" + obj.pass) + ":" + nonce + ":" + extra + hex_md5("POST:" + obj.authuri));
var digest = hex_md5(hex_md5(obj.user + ':' + realm + ':' + obj.pass) + ':' + nonce + ':' + extra + hex_md5('POST:' + obj.authuri));
var totallen = obj.user.length + realm.length + nonce.length + obj.authuri.length + cnonce.length + snc.length + digest.length + 7;
if (authType == 4) totallen += (qop.length + 1);
var buf = Buffer.concat([new Buffer([0x13, 0x00, 0x00, 0x00, authType]), new Buffer([totallen & 0xFF, (totallen >> 8) & 0xFF, 0x00, 0x00]), new Buffer([obj.user.length]), new Buffer(obj.user), new Buffer([realm.length]), new Buffer(realm), new Buffer([nonce.length]), new Buffer(nonce), new Buffer([obj.authuri.length]), new Buffer(obj.authuri), new Buffer([cnonce.length]), new Buffer(cnonce), new Buffer([snc.length]), new Buffer(snc), new Buffer([digest.length]), new Buffer(digest)]);
@ -181,7 +181,6 @@ module.exports = function CreateAmtRedirect(module) {
}
else if (status == 0) { // Success
if (obj.protocol == 1) {
/*
// Serial-over-LAN: Send Intel AMT serial settings...
var MaxTxBuffer = 10000;
var TxTimeout = 100;
@ -190,7 +189,6 @@ module.exports = function CreateAmtRedirect(module) {
var RxFlushTimeout = 100;
var Heartbeat = 0;//5000;
obj.xxSend(String.fromCharCode(0x20, 0x00, 0x00, 0x00) + ToIntStr(obj.amtsequence++) + ToShortStr(MaxTxBuffer) + ToShortStr(TxTimeout) + ToShortStr(TxOverflowTimeout) + ToShortStr(RxTimeout) + ToShortStr(RxFlushTimeout) + ToShortStr(Heartbeat) + ToIntStr(0));
*/
}
if (obj.protocol == 2) {
// Remote Desktop: Send traffic directly...
@ -219,7 +217,7 @@ module.exports = function CreateAmtRedirect(module) {
if (obj.amtaccumulator.length < 10) break;
var cs = (10 + ((obj.amtaccumulator[9] & 0xFF) << 8) + (obj.amtaccumulator[8] & 0xFF));
if (obj.amtaccumulator.length < cs) break;
obj.m.ProcessData(obj.amtaccumulator.substring(10, cs));
obj.m.ProcessData(obj.amtaccumulator.slice(10, cs));
cmdsize = cs;
break;
case 0x2B: // Keep alive message (43)
@ -235,21 +233,22 @@ module.exports = function CreateAmtRedirect(module) {
cmdsize = obj.amtaccumulator.length;
break;
default:
console.log("Unknown Intel AMT command: " + obj.amtaccumulator[0] + " acclen=" + obj.amtaccumulator.length);
console.log('Unknown Intel AMT command: ' + obj.amtaccumulator[0] + ' acclen=' + obj.amtaccumulator.length);
obj.Stop();
return;
}
if (cmdsize == 0) return;
if (cmdsize == obj.amtaccumulator.length) { obj.amtaccumulator = null; } else { obj.amtaccumulator = obj.amtaccumulator.slice(cmdsize); }
obj.amtaccumulator = obj.amtaccumulator.slice(cmdsize);
}
}
obj.xxSend = function (x) {
if (urlvars && urlvars['redirtrace']) { console.log("REDIR-SEND(" + x.length + "): " + rstr2hex(x)); }
//obj.Debug("Send(" + x.length + "): " + Buffer.from(x, "binary").toString('hex'));
if (typeof x == 'string') { obj.socket.write(Buffer.from(x, "binary")); } else { obj.socket.write(x); }
if (urlvars && urlvars['redirtrace']) { console.log('REDIR-SEND(' + x.length + '): ' + rstr2hex(x)); }
//obj.Debug('Send(' + x.length + '): ' + Buffer.from(x, 'binary').toString('hex'));
if (typeof x == 'string') { obj.socket.write(Buffer.from(x, 'binary')); } else { obj.socket.write(x); }
}
// Send Serial-over-LAN ASCII characters
obj.Send = function (x) {
if (obj.socket == null || obj.connectstate != 1) return;
if (obj.protocol == 1) { obj.xxSend(String.fromCharCode(0x28, 0x00, 0x00, 0x00) + ToIntStr(obj.amtsequence++) + ToShortStr(x.length) + x); } else { obj.xxSend(x); }
@ -263,14 +262,14 @@ module.exports = function CreateAmtRedirect(module) {
// Uses OpenSSL random to generate a hex string
obj.xxRandomValueHex = function (len) {
var t = [], l = Math.floor(len / 2);
for (var i = 0; i < l; i++) { t.push(obj.tls.generateRandomInteger("0", "255")); }
for (var i = 0; i < l; i++) { t.push(obj.tls.generateRandomInteger('0', '255')); }
return new Buffer(t).toString('hex');
}
obj.xxOnSocketClosed = function () {
obj.socket = null;
if (urlvars && urlvars['redirtrace']) { console.log("REDIR-CLOSED"); }
//obj.Debug("Socket Closed");
if (urlvars && urlvars['redirtrace']) { console.log('REDIR-CLOSED'); }
//obj.Debug('Socket Closed');
obj.Stop();
}
@ -282,11 +281,11 @@ module.exports = function CreateAmtRedirect(module) {
}
obj.Stop = function () {
if (urlvars && urlvars['redirtrace']) { console.log("REDIR-CLOSED"); }
//obj.Debug("Socket Stopped");
if (urlvars && urlvars['redirtrace']) { console.log('REDIR-CLOSED'); }
//obj.Debug('Socket Stopped');
obj.xxStateChange(0);
obj.connectstate = -1;
obj.amtaccumulator = "";
obj.amtaccumulator = Buffer.alloc(0);
if (obj.socket != null) { obj.socket.destroy(); obj.socket = null; }
if (obj.amtkeepalivetimer != null) { clearInterval(obj.amtkeepalivetimer); obj.amtkeepalivetimer = null; }
}

20
agents/modules_meshcmd/amt-sol.js Normal file
View file

@ -0,0 +1,20 @@
/**
* @description Serial-over-LAN Handling Module
* @author Ylian Saint-Hilaire
*/
// meshservice meshcmd.js amtterm --host 192.168.2.186 --pass P@ssw0rd
// Construct a Intel AMT Serial-over-LAN object
module.exports = function CreateAmtRemoteSol() {
var obj = {};
obj.protocol = 1; // Serial-over-LAN
obj.debug = false;
obj.onData = null;
obj.xxStateChange = function (newstate) { if (obj.debug) console.log('SOL-StateChange', newstate); if (newstate == 0) { obj.Stop(); } if (newstate == 3) { obj.Start(); } }
obj.Start = function () { if (obj.debug) { console.log('SOL-Start'); } }
obj.Stop = function () { if (obj.debug) { console.log('SOL-Stop'); } }
obj.ProcessData = function (data) { if (obj.debug) { console.log('SOL-ProcessData', data); } if (obj.onData) { obj.onData(obj, data); } }
obj.Send = function(text) { if (obj.debug) { console.log('SOL-Send', text); } obj.parent.Send(text); }
return obj;
}