diff options
| author | luisgulo <luisgulo@gmail.com> | 2025-10-24 18:01:10 +0200 |
|---|---|---|
| committer | luisgulo <luisgulo@gmail.com> | 2025-10-24 18:01:10 +0200 |
| commit | 533e79ba959143f0459431a486bfb85c56c72ddc (patch) | |
| tree | 91974de1bbbdc4c51c76ed591fc5c6e02a3342b6 /community_modules | |
| parent | 45019c81cfd0fc1d18dce18cdfd5f127c6d61073 (diff) | |
Releasing code version 1.8.0
Diffstat (limited to 'community_modules')
21 files changed, 616 insertions, 0 deletions
diff --git a/community_modules/ldap/ldap_ad.sh b/community_modules/ldap/ldap_ad.sh new file mode 100644 index 0000000..361b7fb --- /dev/null +++ b/community_modules/ldap/ldap_ad.sh @@ -0,0 +1,71 @@ +#!/bin/bash +# Module: ldap_ad +# Description: Realiza búsquedas filtradas en servidores Active Directory usando ldapsearch +# License: GPLv3 +# Author: Luis GuLo +# Version: 1.1.0 +# Dependencies: ldapsearch + +ldap_ad_task() { + local host="$1" + shift + + check_dependencies_ldap_ad || return 1 + + local state="" server="" port="389" base_dn="" filter="" attributes="" bind_dn="" password="" + for arg in "$@"; do + case "$arg" in + state=*) state="${arg#state=}" ;; + server=*) server="${arg#server=}" ;; + port=*) port="${arg#port=}" ;; + base_dn=*) base_dn="${arg#base_dn=}" ;; + filter=*) filter="${arg#filter=}" ;; + attributes=*) attributes="${arg#attributes=}" ;; + bind_dn=*) bind_dn="${arg#bind_dn=}" ;; + password=*) password="${arg#password=}" ;; + esac + done + + # 🌐 Cargar traducciones + local lang="${shflow_vars[language]:-es}" + local trfile="$(dirname "${BASH_SOURCE[0]}")/ldap_ad.tr.${lang}" + declare -A tr + if [[ -f "$trfile" ]]; then while IFS='=' read -r k v; do tr["$k"]="$v"; done < "$trfile"; fi + + if [[ "$state" != "search" ]]; then + echo "$(render_msg "${tr[unsupported_state]}" "state=$state")" + return 1 + fi + + if [[ -z "$server" || -z "$base_dn" || -z "$filter" ]]; then + echo "${tr[missing_args]:-❌ [ldap_ad] Faltan argumentos obligatorios: server, base_dn, filter}" + return 1 + fi + + echo "$(render_msg "${tr[connecting]}" "server=$server" "port=$port")" + local cmd=(ldapsearch -LLL -H "$server" -p "$port" -b "$base_dn" "$filter") + [[ -n "$bind_dn" && -n "$password" ]] && cmd=(-D "$bind_dn" -w "$password" "${cmd[@]}") + [[ -n "$attributes" ]] && IFS=',' read -ra attr_list <<< "$attributes" && cmd+=("${attr_list[@]}") + + if "${cmd[@]}" 2>/tmp/ldap_ad_error.log | grep -E '^(dn:|cn:|mail:|sAMAccountName:)' ; then + echo "${tr[success]:-✅ [ldap_ad] Búsqueda completada con éxito}" + else + echo "${tr[no_results]:-⚠️ [ldap_ad] No se encontraron resultados o hubo un error}" + cat /tmp/ldap_ad_error.log + return 1 + fi +} + +check_dependencies_ldap_ad() { + local lang="${shflow_vars[language]:-es}" + local trfile="$(dirname "${BASH_SOURCE[0]}")/ldap_ad.tr.${lang}" + declare -A tr + if [[ -f "$trfile" ]]; then while IFS='=' read -r k v; do tr["$k"]="$v"; done < "$trfile"; fi + + if ! command -v ldapsearch &>/dev/null; then + echo "${tr[missing_dep]:-❌ [ldap_ad] El comando 'ldapsearch' no está disponible}" + return 1 + fi + echo "${tr[deps_ok]:-✅ [ldap_ad] Dependencias OK}" + return 0 +} diff --git a/community_modules/ldap/ldap_ad.tr.en b/community_modules/ldap/ldap_ad.tr.en new file mode 100644 index 0000000..55214ae --- /dev/null +++ b/community_modules/ldap/ldap_ad.tr.en @@ -0,0 +1,7 @@ +unsupported_state=❌ [ldap_ad] Unsupported state: '{state}'. Only 'search' is allowed +missing_args=❌ [ldap_ad] Missing required arguments: server, base_dn, filter +connecting=🔍 [ldap_ad] Connecting to {server}:{port}... +success=✅ [ldap_ad] Search completed successfully +no_results=⚠️ [ldap_ad] No results found or an error occurred +missing_dep=❌ [ldap_ad] 'ldapsearch' command is not available +deps_ok=✅ [ldap_ad] Dependencies OK diff --git a/community_modules/ldap/ldap_ad.tr.es b/community_modules/ldap/ldap_ad.tr.es new file mode 100644 index 0000000..93dca53 --- /dev/null +++ b/community_modules/ldap/ldap_ad.tr.es @@ -0,0 +1,7 @@ +unsupported_state=❌ [ldap_ad] Estado no soportado: '{state}'. Solo se permite 'search' +missing_args=❌ [ldap_ad] Faltan argumentos obligatorios: server, base_dn, filter +connecting=🔍 [ldap_ad] Conectando a {server}:{port}... +success=✅ [ldap_ad] Búsqueda completada con éxito +no_results=⚠️ [ldap_ad] No se encontraron resultados o hubo un error +missing_dep=❌ [ldap_ad] El comando 'ldapsearch' no está disponible +deps_ok=✅ [ldap_ad] Dependencias OK diff --git a/community_modules/ldap/ldap_openldap.sh b/community_modules/ldap/ldap_openldap.sh new file mode 100644 index 0000000..bfe8a85 --- /dev/null +++ b/community_modules/ldap/ldap_openldap.sh @@ -0,0 +1,72 @@ +#!/bin/bash +# Module: ldap_openldap +# Description: Realiza búsquedas filtradas en servidores OpenLDAP usando ldapsearch +# License: GPLv3 +# Author: Luis GuLo +# Version: 1.1.0 +# Dependencies: ldapsearch + +ldap_openldap_task() { + local host="$1" + shift + + check_dependencies_ldap_openldap || return 1 + + local state="" server="" port="389" base_dn="" filter="" attributes="" bind_dn="" password="" + for arg in "$@"; do + case "$arg" in + state=*) state="${arg#state=}" ;; + server=*) server="${arg#server=}" ;; + port=*) port="${arg#port=}" ;; + base_dn=*) base_dn="${arg#base_dn=}" ;; + filter=*) filter="${arg#filter=}" ;; + attributes=*) attributes="${arg#attributes=}" ;; + bind_dn=*) bind_dn="${arg#bind_dn=}" ;; + password=*) password="${arg#password=}" ;; + esac + done + + # 🌐 Cargar traducciones + local lang="${shflow_vars[language]:-es}" + local trfile="$(dirname "${BASH_SOURCE[0]}")/ldap_openldap.tr.${lang}" + declare -A tr + if [[ -f "$trfile" ]]; then while IFS='=' read -r k v; do tr["$k"]="$v"; done < "$trfile"; fi + + if [[ "$state" != "search" ]]; then + echo "$(render_msg "${tr[unsupported_state]}" "state=$state")" + return 1 + fi + + if [[ -z "$server" || -z "$base_dn" || -z "$filter" ]]; then + echo "${tr[missing_args]:-❌ [ldap_openldap] Faltan argumentos obligatorios: server, base_dn, filter}" + return 1 + fi + + echo "$(render_msg "${tr[connecting]}" "server=$server" "port=$port")" + local cmd=(ldapsearch -x -H "$server:$port") + [[ -n "$bind_dn" && -n "$password" ]] && cmd+=(-D "$bind_dn" -w "$password") + cmd+=(-b "$base_dn" "$filter") + [[ -n "$attributes" ]] && IFS=',' read -ra attr_list <<< "$attributes" && cmd+=("${attr_list[@]}") + + if "${cmd[@]}" 2>/tmp/ldap_error.log | grep -E '^(dn:|cn:|mail:|uid:)' ; then + echo "${tr[success]:-✅ [ldap_openldap] Búsqueda completada con éxito}" + else + echo "${tr[no_results]:-⚠️ [ldap_openldap] No se encontraron resultados o hubo un error}" + cat /tmp/ldap_error.log + return 1 + fi +} + +check_dependencies_ldap_openldap() { + local lang="${shflow_vars[language]:-es}" + local trfile="$(dirname "${BASH_SOURCE[0]}")/ldap_openldap.tr.${lang}" + declare -A tr + if [[ -f "$trfile" ]]; then while IFS='=' read -r k v; do tr["$k"]="$v"; done < "$trfile"; fi + + if ! command -v ldapsearch &>/dev/null; then + echo "${tr[missing_dep]:-❌ [ldap_openldap] El comando 'ldapsearch' no está disponible}" + return 1 + fi + echo "${tr[deps_ok]:-✅ [ldap_openldap] Dependencias OK}" + return 0 +} diff --git a/community_modules/ldap/ldap_openldap.tr.en b/community_modules/ldap/ldap_openldap.tr.en new file mode 100644 index 0000000..9868fb5 --- /dev/null +++ b/community_modules/ldap/ldap_openldap.tr.en @@ -0,0 +1,7 @@ +unsupported_state=❌ [ldap_openldap] Unsupported state: '{state}'. Only 'search' is allowed +missing_args=❌ [ldap_openldap] Missing required arguments: server, base_dn, filter +connecting=🔍 [ldap_openldap] Connecting to {server}:{port}... +success=✅ [ldap_openldap] Search completed successfully +no_results=⚠️ [ldap_openldap] No results found or an error occurred +missing_dep=❌ [ldap_openldap] 'ldapsearch' command is not available +deps_ok=✅ [ldap_openldap] Dependencies OK diff --git a/community_modules/ldap/ldap_openldap.tr.es b/community_modules/ldap/ldap_openldap.tr.es new file mode 100644 index 0000000..62a649b --- /dev/null +++ b/community_modules/ldap/ldap_openldap.tr.es @@ -0,0 +1,7 @@ +unsupported_state=❌ [ldap_openldap] Estado no soportado: '{state}'. Solo se permite 'search' +missing_args=❌ [ldap_openldap] Faltan argumentos obligatorios: server, base_dn, filter +connecting=🔍 [ldap_openldap] Conectando a {server}:{port}... +success=✅ [ldap_openldap] Búsqueda completada con éxito +no_results=⚠️ [ldap_openldap] No se encontraron resultados o hubo un error +missing_dep=❌ [ldap_openldap] El comando 'ldapsearch' no está disponible +deps_ok=✅ [ldap_openldap] Dependencias OK diff --git a/community_modules/security/euvd_check.sh b/community_modules/security/euvd_check.sh new file mode 100644 index 0000000..2205a42 --- /dev/null +++ b/community_modules/security/euvd_check.sh @@ -0,0 +1,101 @@ +#!/bin/bash +# Module: euvd_check +# Description: Verifica si un host remoto está afectado por una vulnerabilidad EUVD consultando la base europea ENISA +# License: GPLv3 +# Author: Luis GuLo +# Version: 0.6.0 +# Dependencies: curl, jq, ssh, dpkg o rpm + +euvd_check_task() { + local host="$1"; shift + declare -A args + for arg in "$@"; do key="${arg%%=*}"; value="${arg#*=}"; args["$key"]="$value"; done + + local enisa_id="${args[enisa_id]}" + local package="${args[package]}" + local become="${args[become]}" + local prefix="" + [ "$become" = "true" ] && prefix="sudo" + + # 🌐 Cargar traducciones + local lang="${shflow_vars[language]:-es}" + local trfile="$(dirname "${BASH_SOURCE[0]}")/euvd_check.tr.${lang}" + declare -A tr + if [[ -f "$trfile" ]]; then while IFS='=' read -r k v; do tr["$k"]="$v"; done < "$trfile"; fi + + if [[ -z "$enisa_id" || -z "$package" ]]; then + echo "${tr[missing_args]:-❌ [euvd_check] Faltan argumentos: enisa_id y package son obligatorios.}" + return 1 + fi + + echolog 1 "$(render_msg "${tr[start]}" "id=$enisa_id" "package=$package" "host=$host")" + + local pkg_cmd="" + if ssh "$host" "command -v dpkg" &>/dev/null; then + pkg_cmd="dpkg -s" + echolog 1 "${tr[detected_dpkg]:-🔧 Gestor de paquetes detectado: dpkg}" + elif ssh "$host" "command -v rpm" &>/dev/null; then + pkg_cmd="rpm -q" + echolog 1 "${tr[detected_rpm]:-🔧 Gestor de paquetes detectado: rpm}" + else + echo "${tr[no_pkg]:-❌ [euvd_check] No se detectó gestor de paquetes compatible en el host}" + return 1 + fi + + local version_cmd="$pkg_cmd $package" + [[ "$become" = "true" ]] && version_cmd="sudo $version_cmd" + + local version + version=$(ssh "$host" "$version_cmd" 2>/dev/null | grep -E 'Version|version|^'"$package" | head -n1 | awk '{print $2}') + + if [[ -z "$version" ]]; then + echolog 1 "$(render_msg "${tr[version_fail]}" "package=$package" "host=$host")" + return 1 + fi + + echolog 1 "$(render_msg "${tr[version_ok]}" "version=$version")" + + local enisa_url="https://euvdservices.enisa.europa.eu/api/enisaid?id=$enisa_id" + echolog 1 "$(render_msg "${tr[query_enisa]}" "id=$enisa_id")" + local response + response=$(curl -s -X GET "$enisa_url") + + if ! echo "$response" | jq -e .description &>/dev/null; then + echolog 1 "$(render_msg "${tr[invalid_response]}" "id=$enisa_id")" + echolog 1 "$(render_msg "${tr[response_trunc]}" "snippet=$(echo "$response" | head -c 120 | tr '\n' ' ')")" + return 1 + fi + + local score desc aliases + score=$(echo "$response" | jq -r '.baseScore // empty') + desc=$(echo "$response" | jq -r '.description // empty') + aliases=$(echo "$response" | jq -r '.aliases[]?') + + [[ -n "$score" ]] && echolog 1 "$(render_msg "${tr[score]}" "score=$score")" + echolog 2 "$(render_msg "${tr[desc]}" "desc=$desc")" + [[ -n "$aliases" ]] && echolog 1 "$(render_msg "${tr[aliases]}" "aliases=$aliases")" + + if echo "$desc" | grep -iq "$package" && echo "$desc" | grep -q "$version"; then + echo "$(render_msg "${tr[vulnerable]}" "host=$host" "id=$enisa_id")" + return 1 + else + echo "$(render_msg "${tr[safe]}" "host=$host" "id=$enisa_id")" + return 0 + fi +} + +check_dependencies_euvd_check() { + local lang="${shflow_vars[language]:-es}" + local trfile="$(dirname "${BASH_SOURCE[0]}")/euvd_check.tr.${lang}" + declare -A tr + if [[ -f "$trfile" ]]; then while IFS='=' read -r k v; do tr["$k"]="$v"; done < "$trfile"; fi + + for cmd in ssh curl jq; do + if ! command -v "$cmd" &> /dev/null; then + echo "$(render_msg "${tr[missing_dep]}" "cmd=$cmd")" + return 1 + fi + done + echo "${tr[deps_ok]:-✅ [euvd_check] ssh, curl y jq disponibles.}" + return 0 +} diff --git a/community_modules/security/euvd_check.tr.en b/community_modules/security/euvd_check.tr.en new file mode 100644 index 0000000..ae95dd0 --- /dev/null +++ b/community_modules/security/euvd_check.tr.en @@ -0,0 +1,17 @@ +missing_args=❌ [euvd_check] Missing arguments: enisa_id and package are required. +start=🧬 [euvd_check] Checking {id} in package '{package}' on {host}... +detected_dpkg=🔧 Package manager detected: dpkg +detected_rpm=🔧 Package manager detected: rpm +no_pkg=❌ [euvd_check] No compatible package manager detected on host +version_fail=⚠️ [euvd_check] Could not detect installed version of '{package}' on {host}. +version_ok=🔍 Installed version: {version} +query_enisa=🌐 Querying ENISA for {id}... +invalid_response=⚠️ [euvd_check] ENISA response does not contain valid data for {id}. +response_trunc=🔍 Response (truncated): {snippet} +score=📊 CVSS Score: {score} +desc=📝 Description: {desc} +aliases=🔗 Aliases: {aliases} +vulnerable=❌ [euvd_check] Host {host} is vulnerable to {id} +safe=✅ [euvd_check] Host {host} does not appear affected by {id} +missing_dep=❌ [euvd_check] Command '{cmd}' is not available +deps_ok=✅ [euvd_check] ssh, curl and jq are available. diff --git a/community_modules/security/euvd_check.tr.es b/community_modules/security/euvd_check.tr.es new file mode 100644 index 0000000..85e0315 --- /dev/null +++ b/community_modules/security/euvd_check.tr.es @@ -0,0 +1,17 @@ +missing_args=❌ [euvd_check] Faltan argumentos: enisa_id y package son obligatorios. +start=🧬 [euvd_check] Verificando {id} en paquete '{package}' en {host}... +detected_dpkg=🔧 Gestor de paquetes detectado: dpkg +detected_rpm=🔧 Gestor de paquetes detectado: rpm +no_pkg=❌ [euvd_check] No se detectó gestor de paquetes compatible en el host +version_fail=⚠️ [euvd_check] No se pudo detectar la versión instalada de '{package}' en {host}. +version_ok=🔍 Versión instalada: {version} +query_enisa=🌐 Consultando ENISA para {id}... +invalid_response=⚠️ [euvd_check] La respuesta de ENISA no contiene datos válidos para {id}. +response_trunc=🔍 Respuesta (truncada): {snippet} +score=📊 Puntuación CVSS: {score} +desc=📝 Descripción: {desc} +aliases=🔗 Alias: {aliases} +vulnerable=❌ [euvd_check] Host {host} está vulnerable a {id} +safe=✅ [euvd_check] Host {host} no parece afectado por {id} +missing_dep=❌ [euvd_check] El comando '{cmd}' no está disponible +deps_ok=✅ [euvd_check] ssh, curl y jq disponibles. diff --git a/community_modules/winremote/winremote_check.sh b/community_modules/winremote/winremote_check.sh new file mode 100644 index 0000000..4f0d608 --- /dev/null +++ b/community_modules/winremote/winremote_check.sh @@ -0,0 +1,55 @@ +#!/bin/bash +# Module: winremote_check +# Description: Verifica conectividad y ejecución remota básica en equipos Windows mediante SSH y PowerShell +# License: GPLv3 +# Author: Luis GuLo +# Version: 1.2.0 +# Dependencies: ssh, powershell (en el host remoto) + +winremote_check_task() { + local host="$1"; shift + declare -A args + for arg in "$@"; do key="${arg%%=*}"; value="${arg#*=}"; args["$key"]="$value"; done + + local winuser="${args[winuser]}" + local winpassword="${args[winpassword]}" + local port="${args[port]:-22}" + local command="Write-Output 'Conexión establecida desde ShFlow'" + + # 🌐 Cargar traducciones + local lang="${shflow_vars[language]:-es}" + local trfile="$(dirname "${BASH_SOURCE[0]}")/winremote_check.tr.${lang}" + declare -A tr + if [[ -f "$trfile" ]]; then while IFS='=' read -r k v; do tr["$k"]="$v"; done < "$trfile"; fi + + if [[ -z "$host" || -z "$winuser" || -z "$winpassword" ]]; then + echo "${tr[missing_args]:-❌ [winremote_check] Parámetros incompletos. Se requiere host, winuser y winpassword.}" + return 1 + fi + + [[ "$host" == *@* ]] && host=$(echo "$host" | awk -F '@' '{print $2}') + + echo "$(render_msg "${tr[start]}" "host=$host")" + + if sshpass -p "$winpassword" ssh -o PreferredAuthentications=password -o StrictHostKeyChecking=no -p "$port" "$winuser@$host" powershell -Command "\"$command\"" &>/dev/null; then + echo "$(render_msg "${tr[success]}" "host=$host")" + return 0 + else + echo "$(render_msg "${tr[fail]}" "host=$host")" + return 1 + fi +} + +check_dependencies_winremote_check() { + local lang="${shflow_vars[language]:-es}" + local trfile="$(dirname "${BASH_SOURCE[0]}")/winremote_check.tr.${lang}" + declare -A tr + if [[ -f "$trfile" ]]; then while IFS='=' read -r k v; do tr["$k"]="$v"; done < "$trfile"; fi + + if ! command -v ssh &> /dev/null; then + echo "${tr[missing_ssh]:-❌ [winremote_check] ssh no está disponible.}" + return 1 + fi + echo "${tr[ssh_ok]:-✅ [winremote_check] ssh disponible.}" + return 0 +} diff --git a/community_modules/winremote/winremote_check.tr.en b/community_modules/winremote/winremote_check.tr.en new file mode 100644 index 0000000..3af94a8 --- /dev/null +++ b/community_modules/winremote/winremote_check.tr.en @@ -0,0 +1,6 @@ +missing_args=❌ [winremote_check] Missing parameters. host, winuser and winpassword are required. +start=🖥️ [winremote_check] Checking remote access to {host}... +success=✅ [winremote_check] Remote connection and execution OK on {host} +fail=❌ [winremote_check] Connection or execution failed on {host} +missing_ssh=❌ [winremote_check] ssh is not available. +ssh_ok=✅ [winremote_check] ssh is available. diff --git a/community_modules/winremote/winremote_check.tr.es b/community_modules/winremote/winremote_check.tr.es new file mode 100644 index 0000000..b80f33b --- /dev/null +++ b/community_modules/winremote/winremote_check.tr.es @@ -0,0 +1,6 @@ +missing_args=❌ [winremote_check] Parámetros incompletos. Se requiere host, winuser y winpassword. +start=🖥️ [winremote_check] Verificando acceso remoto a {host}... +success=✅ [winremote_check] Conexión y ejecución remota OK en {host} +fail=❌ [winremote_check] Fallo de conexión o ejecución en {host} +missing_ssh=❌ [winremote_check] ssh no está disponible. +ssh_ok=✅ [winremote_check] ssh disponible. diff --git a/community_modules/winremote/winremote_detect.sh b/community_modules/winremote/winremote_detect.sh new file mode 100644 index 0000000..4477acd --- /dev/null +++ b/community_modules/winremote/winremote_detect.sh @@ -0,0 +1,65 @@ +#!/bin/bash +# Module: winremote_detect +# Description: Detecta si un host Windows tiene habilitado SSH, WinRM, ambos o ninguno +# License: GPLv3 +# Author: Luis GuLo +# Version: 1.2.0 +# Dependencies: nc, curl, pwsh (opcional) + +winremote_detect_task() { + local host="$1"; shift + declare -A args + for arg in "$@"; do key="${arg%%=*}"; value="${arg#*=}"; args["$key"]="$value"; done + + local ssh_port="${args[ssh_port]:-22}" + local winrm_port="${args[winrm_port]:-5985}" + + # 🌐 Cargar traducciones + local lang="${shflow_vars[language]:-es}" + local trfile="$(dirname "${BASH_SOURCE[0]}")/winremote_detect.tr.${lang}" + declare -A tr + if [[ -f "$trfile" ]]; then while IFS='=' read -r k v; do tr["$k"]="$v"; done < "$trfile"; fi + + [[ "$host" == *@* ]] && host=$(echo "$host" | awk -F '@' '{print $2}') + + echo "$(render_msg "${tr[start]}" "host=$host")" + + local ssh_status="${tr[ssh_off]:-❌ SSH no disponible}" + local winrm_status="${tr[winrm_off]:-❌ WinRM no disponible}" + + if nc -z -w2 "$host" "$ssh_port" &>/dev/null; then + ssh_status="$(render_msg "${tr[ssh_on]}" "port=$ssh_port")" + fi + + if curl -s -o /dev/null -w "%{http_code}" --connect-timeout 2 "http://$host:$winrm_port/wsman" | grep -q "405"; then + winrm_status="$(render_msg "${tr[winrm_on]}" "port=$winrm_port")" + fi + + echo " $ssh_status" + echo " $winrm_status" + + if [[ "$ssh_status" == *✅* && "$winrm_status" == *✅* ]]; then + echo "$(render_msg "${tr[both]}" "host=$host")" + return 0 + elif [[ "$ssh_status" == *✅* || "$winrm_status" == *✅* ]]; then + echo "${tr[one]:-🟡 Uno de los protocolos está disponible}" + return 0 + else + echo "$(render_msg "${tr[none]}" "host=$host")" + return 1 + fi +} + +check_dependencies_winremote_detect() { + local lang="${shflow_vars[language]:-es}" + local trfile="$(dirname "${BASH_SOURCE[0]}")/winremote_detect.tr.${lang}" + declare -A tr + if [[ -f "$trfile" ]]; then while IFS='=' read -r k v; do tr["$k"]="$v"; done < "$trfile"; fi + + if ! command -v nc &> /dev/null || ! command -v curl &> /dev/null; then + echo "${tr[missing_deps]:-❌ [winremote_detect] nc o curl no están disponibles.}" + return 1 + fi + echo "${tr[deps_ok]:-✅ [winremote_detect] nc y curl disponibles.}" + return 0 +} diff --git a/community_modules/winremote/winremote_detect.tr.en b/community_modules/winremote/winremote_detect.tr.en new file mode 100644 index 0000000..986e44f --- /dev/null +++ b/community_modules/winremote/winremote_detect.tr.en @@ -0,0 +1,10 @@ +start=🔍 [winremote_detect] Checking connectivity with {host}... +ssh_on=✅ SSH enabled (port {port}) +ssh_off=❌ SSH not available +winrm_on=✅ WinRM enabled (port {port}) +winrm_off=❌ WinRM not available +both=🟢 Both protocols available on {host} +one=🟡 One protocol is available +none=🔴 No remote protocol detected on {host} +missing_deps=❌ [winremote_detect] nc or curl are not available. +deps_ok=✅ [winremote_detect] nc and curl are available. diff --git a/community_modules/winremote/winremote_detect.tr.es b/community_modules/winremote/winremote_detect.tr.es new file mode 100644 index 0000000..530a034 --- /dev/null +++ b/community_modules/winremote/winremote_detect.tr.es @@ -0,0 +1,10 @@ +start=🔍 [winremote_detect] Analizando conectividad con {host}... +ssh_on=✅ SSH habilitado (puerto {port}) +ssh_off=❌ SSH no disponible +winrm_on=✅ WinRM habilitado (puerto {port}) +winrm_off=❌ WinRM no disponible +both=🟢 Ambos protocolos disponibles en {host} +one=🟡 Uno de los protocolos está disponible +none=🔴 Ningún protocolo remoto detectado en {host} +missing_deps=❌ [winremote_detect] nc o curl no están disponibles. +deps_ok=✅ [winremote_detect] nc y curl disponibles. diff --git a/community_modules/winremote/winremote_exec.sh b/community_modules/winremote/winremote_exec.sh new file mode 100644 index 0000000..79bf413 --- /dev/null +++ b/community_modules/winremote/winremote_exec.sh @@ -0,0 +1,60 @@ +#!/bin/bash +# Module: winremote_exec +# Description: Ejecuta comandos PowerShell en un host Windows remoto vía SSH +# License: GPLv3 +# Author: Luis GuLo +# Version: 1.2.0 +# Dependencies: sshpass, ssh + +winremote_exec_task() { + local host="$1"; shift + declare -A args + for arg in "$@"; do key="${arg%%=*}"; value="${arg#*=}"; args["$key"]="$value"; done + + local winuser="${args[winuser]}" + local winpassword="${args[winpassword]}" + local port="${args[port]:-22}" + local command="${args[command]}" + + # 🌐 Cargar traducciones + local lang="${shflow_vars[language]:-es}" + local trfile="$(dirname "${BASH_SOURCE[0]}")/winremote_exec.tr.${lang}" + declare -A tr + if [[ -f "$trfile" ]]; then while IFS='=' read -r k v; do tr["$k"]="$v"; done < "$trfile"; fi + + if [[ -z "$host" || -z "$winuser" || -z "$winpassword" || -z "$command" ]]; then + echo "${tr[missing_args]:-❌ [winremote_exec] Parámetros incompletos. Se requiere host, winuser, winpassword y command.}" + return 1 + fi + + [[ "$host" == *@* ]] && host=$(echo "$host" | awk -F '@' '{print $2}') + local safe_command=$(printf "%q" "$command") + + echo "$(render_msg "${tr[start]}" "host=$host" "port=$port" "user=$winuser")" + + sshpass -p "$winpassword" ssh -o PreferredAuthentications=password -o StrictHostKeyChecking=no -p "$port" "$winuser@$host" \ + "powershell -Command \"$safe_command\"" + + local exit_code=$? + if [[ $exit_code -eq 0 ]]; then + echo "${tr[success]:-✅ [winremote_exec] Comando ejecutado correctamente.}" + return 0 + else + echo "$(render_msg "${tr[fail]}" "code=$exit_code")" + return $exit_code + fi +} + +check_dependencies_winremote_exec() { + local lang="${shflow_vars[language]:-es}" + local trfile="$(dirname "${BASH_SOURCE[0]}")/winremote_exec.tr.${lang}" + declare -A tr + if [[ -f "$trfile" ]]; then while IFS='=' read -r k v; do tr["$k"]="$v"; done < "$trfile"; fi + + if ! command -v sshpass &> /dev/null || ! command -v ssh &> /dev/null; then + echo "${tr[missing_deps]:-❌ [winremote_exec] sshpass o ssh no están disponibles.}" + return 1 + fi + echo "${tr[deps_ok]:-✅ [winremote_exec] sshpass y ssh disponibles.}" + return 0 +} diff --git a/community_modules/winremote/winremote_exec.tr.en b/community_modules/winremote/winremote_exec.tr.en new file mode 100644 index 0000000..e1fa189 --- /dev/null +++ b/community_modules/winremote/winremote_exec.tr.en @@ -0,0 +1,6 @@ +missing_args=❌ [winremote_exec] Missing parameters. host, winuser, winpassword and command are required. +start=🔧 [winremote_exec] Executing remote command on {host}:{port} as {user}... +success=✅ [winremote_exec] Command executed successfully. +fail=❌ [winremote_exec] Error executing command (code {code}). +missing_deps=❌ [winremote_exec] sshpass or ssh are not available. +deps_ok=✅ [winremote_exec] sshpass and ssh are available. diff --git a/community_modules/winremote/winremote_exec.tr.es b/community_modules/winremote/winremote_exec.tr.es new file mode 100644 index 0000000..1a52f10 --- /dev/null +++ b/community_modules/winremote/winremote_exec.tr.es @@ -0,0 +1,6 @@ +missing_args=❌ [winremote_exec] Parámetros incompletos. Se requiere host, winuser, winpassword y command. +start=🔧 [winremote_exec] Ejecutando comando remoto en {host}:{port} como {user}... +success=✅ [winremote_exec] Comando ejecutado correctamente. +fail=❌ [winremote_exec] Error al ejecutar el comando (código {code}). +missing_deps=❌ [winremote_exec] sshpass o ssh no están disponibles. +deps_ok=✅ [winremote_exec] sshpass y ssh disponibles. diff --git a/community_modules/winremote/winremote_exec_winrm.sh b/community_modules/winremote/winremote_exec_winrm.sh new file mode 100644 index 0000000..8d4e1bd --- /dev/null +++ b/community_modules/winremote/winremote_exec_winrm.sh @@ -0,0 +1,74 @@ +#!/bin/bash +# Module: winremote_exec_winrm +# Description: Ejecuta comandos en un host Windows remoto vía WSMan (WinRM) desde Linux +# License: GPLv3 +# Author: Luis GuLo +# Version: 1.3.0 +# Dependencies: wsman + +winremote_exec_winrm_task() { + local host="$1"; shift + declare -A args + for arg in "$@"; do key="${arg%%=*}"; value="${arg#*=}"; args["$key"]="$value"; done + + local winuser="${args[winuser]}" + local winpassword="${args[winpassword]}" + local port="${args[port]:-5985}" + local command="${args[command]}" + + # 🌐 Cargar traducciones + local lang="${shflow_vars[language]:-es}" + local trfile="$(dirname "${BASH_SOURCE[0]}")/winremote_exec_winrm.tr.${lang}" + declare -A tr + if [[ -f "$trfile" ]]; then while IFS='=' read -r k v; do tr["$k"]="$v"; done < "$trfile"; fi + + if [[ -z "$host" || -z "$winuser" || -z "$winpassword" || -z "$command" ]]; then + echo "${tr[missing_args]:-❌ [winremote_exec_winrm] Parámetros incompletos. Se requiere host, winuser, winpassword y command.}" + return 1 + fi + + [[ "$host" == *@* ]] && host=$(echo "$host" | awk -F '@' '{print $2}') + + local xml_file=$(mktemp --suffix=.xml) + trap '[[ -n "$xml_file" && -f "$xml_file" ]] && rm -f "$xml_file"' EXIT + + cat > "$xml_file" <<EOF +<p:Create_INPUT xmlns:p="http://schemas.microsoft.com/wbem/wsman/1/wmi/root/cimv2/Win32_Process"> + <p:CommandLine>${command}</p:CommandLine> +</p:Create_INPUT> +EOF + + echo "$(render_msg "${tr[start]}" "host=$host" "port=$port" "user=$winuser")" + + wsman invoke http://schemas.microsoft.com/wbem/wsman/1/wmi/root/cimv2/Win32_Process \ + -a Create \ + -h "$host" \ + -P "$port" \ + -u "$winuser" \ + -p "$winpassword" \ + -y basic \ + -J "$xml_file" + + local exit_code=$? + if [[ $exit_code -eq 0 ]]; then + echo "${tr[success]:-✅ [winremote_exec_winrm] Comando ejecutado correctamente vía WSMan.}" + return 0 + else + echo "$(render_msg "${tr[fail]}" "code=$exit_code")" + return $exit_code + fi +} + +check_dependencies_winremote_exec_winrm() { + local lang="${shflow_vars[language]:-es}" + local trfile="$(dirname "${BASH_SOURCE[0]}")/winremote_exec_winrm.tr.${lang}" + declare -A tr + if [[ -f "$trfile" ]]; then while IFS='=' read -r k v; do tr["$k"]="$v"; done < "$trfile"; fi + + if ! command -v wsman &> /dev/null; then + echo "${tr[missing_wsman]:-❌ [winremote_exec_winrm] El cliente 'wsman' no está disponible.}" + return 1 + fi + echo "${tr[wsman_ok]:-✅ [winremote_exec_winrm] Cliente 'wsman' disponible.}" + return 0 +} diff --git a/community_modules/winremote/winremote_exec_winrm.tr.en b/community_modules/winremote/winremote_exec_winrm.tr.en new file mode 100644 index 0000000..ddb3ebe --- /dev/null +++ b/community_modules/winremote/winremote_exec_winrm.tr.en @@ -0,0 +1,6 @@ +missing_args=❌ [winremote_exec_winrm] Missing parameters. host, winuser, winpassword and command are required. +start=🔧 [winremote_exec_winrm] Executing remote command on {host}:{port} as {user}... +success=✅ [winremote_exec_winrm] Command executed successfully via WSMan. +fail=❌ [winremote_exec_winrm] Error executing command (code {code}). +missing_wsman=❌ [winremote_exec_winrm] 'wsman' client is not available. +wsman_ok=✅ [winremote_exec_winrm] 'wsman' client is available. diff --git a/community_modules/winremote/winremote_exec_winrm.tr.es b/community_modules/winremote/winremote_exec_winrm.tr.es new file mode 100644 index 0000000..51fe754 --- /dev/null +++ b/community_modules/winremote/winremote_exec_winrm.tr.es @@ -0,0 +1,6 @@ +missing_args=❌ [winremote_exec_winrm] Parámetros incompletos. Se requiere host, winuser, winpassword y command. +start=🔧 [winremote_exec_winrm] Ejecutando comando remoto en {host}:{port} como {user}... +success=✅ [winremote_exec_winrm] Comando ejecutado correctamente vía WSMan. +fail=❌ [winremote_exec_winrm] Error al ejecutar el comando (código {code}). +missing_wsman=❌ [winremote_exec_winrm] El cliente 'wsman' no está disponible. +wsman_ok=✅ [winremote_exec_winrm] Cliente 'wsman' disponible. |