Integration with Arbor Servers

Dears, 

I am integrating SPP with a machine that has the ArbOS operating system (A proprietary operating system created by Netscout). However, after contacting support, I knew that the initial shell that open when someone tries to login to the server is AED shell. To change to bash, the user has to type: / shell 

Is there a way to add this "/ shell" command before the commands Safeguard runs when it tests the connection?

Parents
  • This would require a custom platform to change the way the commands are sent from SPP:

    https://support.oneidentity.com/kb/4209805/how-to-use-custom-platforms-in-safeguard

    For assistance with creating a custom platform, We recommend consulting with One Identity Professional Services.

    Thanks!

  • Thank you, Mr. Tawfiq, for the reply.

    I tried cloning the GenericLinux custom script from the SafeguardCustomPlatform Repo on GitHub, and placed the commnd at the start of the SetupEnvironment function, as in this:

    ...
    "SetUpEnvironment": {
        "Do": [
          { "Send": { "ConnectionObjectName": "ConnectSsh", "Buffer": "/ shell; unset TERM; stty -echo; LANG=C; LC_ALL=C; SUDO_PROMPT='SUDO password for %p:'; export LANG LC_ALL SUDO_PROMPT; echo \"INIT_CHECK=$?\"" } },
          { "Receive": { "ConnectionObjectName": "ConnectSsh", "BufferName": "FlushBuffer" } },
          { "Return": { "Value": true } }
        ]
      },
    ...

    However, I receive this error:

    2024-07-21T14:14:34+03:00 Debug RECV buf(("Last login: Mon Jul  8 15:46:10 2024 from 10.9.106.173
    
    
    Arbor Edge Defense v7.0.1.0
    Copyright (c) 2000-2023 Arbor Networks, Inc.  All Rights Reserved.
    
    Welcome to ArbOS
    
    PAM-SVC-l@HQ-AED-01:/# "))
    2024-07-21T14:14:34+03:00 Debug Send : / shell; unset TERM; stty -echo; LANG=C; LC_ALL=C; SUDO_PROMPT='SUDO password for %p:'; export LANG LC_ALL SUDO_PROMPT; echo "INIT_CHECK=$?"
    2024-07-21T14:14:34+03:00 Debug RECV buf(("/ shell; unset TERM; stty -echo; LANG=C; LC_ALL=C; SUDO_P ROMPT='SUDO password for %p:'; export LANG LC_ALL SUDO_PROMPT; echo \"INIT_CHECK= $
    PAM-SVC-l@HQ-AED-01:/# / shell; unset TERM; stty -echo; LANG=C; LC_ALL=C; SUDO_P 
    ROMPT='SUDO password for %p:'; export LANG LC_ALL SUDO_PROMPT; echo \"INIT_CHECK= 
    $?\"
    120: Invalid command
    PAM-SVC-l@HQ-AED-01:/# "))
    2024-07-21T14:14:34+03:00 Debug Send : sudo egrep -q '^(PAM-SVC-l):' /etc/shadow; echo "CHECKSYS=$?"
    2024-07-21T14:14:35+03:00 Debug RECV buf(("**secret**"))

    Can you recognize the issue?

  • It seems there is an issue with sent Buffer as the target is returning it as an invalid command.

    You may need to modify the information sent by the custom platform so that its compatible with the target system.

    For assistance with creating a custom platform, We recommend consulting with One Identity Professional Services.

    Thanks!

  • The first command sent in the buffer is `/ shell;` which is working fine when I am accessing the asset manually. However, it shows this error when I try to run it through this custom script.

  • Does sending the full command work if you ran it directly on the asset manually? like below:

    PAM-SVC-l@HQ-AED-01:/# / shell; unset TERM; stty -echo; LANG=C; LC_ALL=C; SUDO_P
    ROMPT='SUDO password for %p:'; export LANG LC_ALL SUDO_PROMPT; echo \"INIT_CHECK=
    $?\"
    120: Invalid command

Reply Children
No Data