Command runner - is it possible to enter privilaged escalation without secondary password?

Command runner - is it possible to enter privilaged escalation without secondary password?
0

Imperva device requires entering privilaged mode to run certain commands so we tried using the new command runner version with the --shell-config tag pointing to a YAML file.

The thing is that the YAML template seems to require a secondary password for this mode, when we tried to run it without the secondary password promote we got a command runner error.

Is it possible to enter privilaged mode without a secondary password? If so, what will be the right yaml and cli syntax?

This is the command used:

~command-runner full-command --ssh ‘indeni,Indenirocks123!,Indenirocks123!’ --shell-config /Users/michaelimas/Documents/Indeni/Scripts/get-cpu/imperva-securesphere-shell-configuration1.yaml --inject-tags ‘“ssh”=>“true” “vendor”=>“imperva” “os.name”=>“CentOS”’ --basic-authentication indeni,Indenirocks123! /Users/michaelimas/Documents/Indeni/Scripts/get-cpu/get_cpu_status.ind 10.11.80.21

This is the yaml file content:
name: imperva-securesphere-shell-configuration
type: device-shell-config
requires:
_ ssh: “true”_
_ vendor: “imperva”_
_ os.name: “CentOS”_
privileged-mode:
_ command: “admin”_
_ prompt-regex: “.#"_
_ access-request-regex: “Password:”_
_ access-deny-regex: "% Bad password.
”_

This is the privileged mode switch as done on the device (the command is admin, no need for password):
[Imperva] indeni@IMP-MX-01: admin
[root@IMP-MX-01 ~]#

This is the error:

Hi Michael,

Good question. A few for you:

  • In the yaml file you pasted in your message, I see a lot of ‘’ – those don’t look right to me – the examples I’ve seen don’t have '’ like that. Is that really what you have? Do you know something I don’t about the format of this file?
  • I notice that ‘prompt-regex’ is ‘.#’. That won’t match ‘[root@IMP-MX-01 ~]#’. I think you want “.*#”
  • Have you tried to just leave ‘access-request-regex’ and ‘access-deny-regex’ blank? Or maybe empty quotes.

    Like:

    name: imperva-securesphere-shell-configuration
    type: device-shell-config
    requires:
    ssh: “true”
    vendor: “imperva”
    os.name: “CentOS”
    privileged-mode:
    command: “admin”
    prompt-regex: “.*#”
    access-request-regex: “”
    access-deny-regex: “”

    Ugh, looks like the forum isn’t respecting my indentation, but hopefully this makes sense.

Hi Michael,
The IP looks incorrect… 10.11.80.21…should it be 10.11.89.21?

1 Like

In case someone else has issues with this, here is the answer:

name: imperva-securesphere-shell-configuration
type: device-shell-config
requires:
  vendor: "Imperva"
  ssh: "true"
privileged-mode:
  command: "admin"
  prompt-regex: ".*#"
  access-request-regex: "\0"
  access-deny-regex: "\0"