mainframed/add_racf_user.py

## add_racf_user.py
#!/usr/bin/python

# To use this program:
# ./add_racf_user.py users.txt
# users.txt has either a username (max 7 chars, must start with a letter)
#           or a name (two words seperated by a space)

from ftplib import FTP #For FTP stuff
import time #needed for sleep
import os #to manipulate people... uh I mean files
import string #to generate file names
import random #samesies
from random import randrange #random file name
import sys #to sleep
import socket #to talk to bind/reverse shell
from select import select #what what?
import signal
import argparse

ip = "10.1.1.2"
# FTP USERNAME
username = "lololololololo"
# FTP PASSWORD
password = "l0l0l0l0l0l0"

def generate_jcl(userid,name,group,uid,su=False):
 unix_id = userid.lower()
 userid = userid.upper()
 group = group.upper()
 #print "Adding user with the following variables:"
 print "userid:",userid,"name:",name,"group:",group,"unix_id:",unix_id,"uid:",uid,"su:",su

 JCL = '''//CREATED JOB (WHATEVER),'Add Users',CLASS=A,MSGCLASS=0,
//             MSGLEVEL=(1,1),NOTIFY=&SYSUID
//* JCL to use a PROCLIB to add users with OMVS and TSO
//* using http://ktomiak.biz/ORG/STUFF/tips/RACF103.html
//* For future reference: You need to replace:
//*
//* ADD RACF USERID WITH TSO AND OMVS SEGMENTS
//*
//TSORACF EXEC PGM=IKJEFT01,DYNAMNBR=75,TIME=100,REGION=6M
//SYSTSPRT DD  SYSOUT=*
//SYSUADS  DD  DISP=SHR,DSN=SYS1.UADS
//SYSLBC   DD  DISP=SHR,DSN=SYS1.BRODCAST
//SYSTSIN  DD  *
 AU '''+userid+''' NAME('''+"'"+name+"'"+''') DFLTGRP('''+group+''')       +
    PASSWORD('''+userid+''') OWNER('''+group+''') UACC(NONE)                +
    TSO(ACCTNUM(ACCT#) PROC(ISPFPROC) JOBCLASS(A) MSGCLASS(X) +
      UNIT(SYSALLDA)                                          +
      HOLDCLASS(X) SYSOUTCLASS(X) SIZE(4048) MAXSIZE(0))      +
    OMVS(HOME('/u/'''+unix_id+'''') PROGRAM('/bin/sh') UID('''+uid+'''))
 AD '''+"'"+userid+'''.*' OWNER('''+userid+''') UACC(NONE) GENERIC
 PERMIT ACCT#    CLASS(ACCTNUM) ACCESS(READ) ID('''+userid+''')
 PERMIT ISPFPROC CLASS(TSOPROC) ACCESS(READ) ID('''+userid+''')
 PERMIT DBSPROC  CLASS(TSOPROC) ACCESS(READ) ID('''+userid+''')
 SETROPTS REFRESH RACLIST(TSOPROC)\n'''

 #if su is True:
 # JCL +=''' PERMIT BPX.SUPERUSER CLASS(FACILITY) ACCESS(READ) ID('''+userid+''')
 #SETROPTS REFRESH RACLIST(FACILITY)\n'''

 JCL += ''' PERMIT JCL      CLASS(TSOAUTH)              ID('''+userid+''')
 LU '''+userid+''' TSO OMVS
 LD DA('''+"'"+userid+'''.*') ALL
/*
//* CREATE ALIAS
//*
//ALIAS   EXEC PGM=IDCAMS
//SYSPRINT DD  SYSOUT=*
//SYSIN    DD  *
 DEFINE ALIAS (NAME('''+userid+''') RELATE(USERCAT.TSOUSER))
/*
//* DO UNIX WORK FROM TSO
//*
//MOUNT   EXEC PGM=IKJEFT01,DYNAMNBR=75,TIME=100,REGION=6M
//SYSPROC  DD  DISP=SHR,DSN=SYS1.SBPXEXEC
//SYSTSPRT DD  SYSOUT=*
//SYSPRINT DD  SYSOUT=*
//SYSTSIN  DD  *
 oshell mkdir /u/'''+unix_id+'''
 oshell ls /u/'''+unix_id+'''
 oshell chmod 755 /u/'''+unix_id+'''
 oshell chown '''+unix_id+''':'''+group+''' /u/'''+unix_id+'''
/*
//'''

 return JCL

userid = "jade"
name = "Jade Murphy"
group = "infosec"
uid = "31338"


try:
	MTP = FTP()
	MTP.connect(ip, "21")
	MTP.login(username, password)
	print "{!} - Connected to:", ip,":21"
        MTP.voidcmd( "site file=JES" )
except Exception, e:
	print e
	sys.exit(0)

#print code

###
# Begin while loop to add users
###
users = []
names = []

with open(sys.argv[1]) as fp:
    for line in fp:
        if ' ' in line: names.append(line.rstrip())
        elif len(line.rstrip()) <= 7: users.append(line.rstrip())

print len(names)
print len(users)

for f in users:
    user = f
    name = names[random.randrange(0,len(names))]
    group = "infosec"
    uid = str(random.randrange(1337,31336))
    if user[2].lower() in ["a","e","i","o","u"]: su = True
    else: su = False
    print "Adding User:",user, "Named:", name,"su:",su,"uid:",uid
#    continue
    code = generate_jcl(user,name,group,uid)
    #### create temp files to upload
    TEMP_JCL_FILE = '/tmp/rand.jcl'
    TEMP_JCL = open(TEMP_JCL_FILE,'w')
    TEMP_JCL.write(code)
    TEMP_JCL.close()
    #print code


    try:
        print "uploading file"
        jcl_upload = MTP.storlines( 'STOR %s' % username.upper(), open(TEMP_JCL_FILE,'rb')) # upload temp file to JES queue
        print "jcl_upload:", jcl_upload
        os.remove(TEMP_JCL_FILE) # delete the  tmp file
    except Exception, e:
        os.remove(TEMP_JCL_FILE) #remove the tmp file
        print "[ERR] could not upload JCL file"
        print e
        sys.exit(0)

print "done"
	#!/usr/bin/python

	# To use this program:
	# ./add_racf_user.py users.txt
	# users.txt has either a username (max 7 chars, must start with a letter)
	# or a name (two words seperated by a space)

	from ftplib import FTP #For FTP stuff
	import time #needed for sleep
	import os #to manipulate people... uh I mean files
	import string #to generate file names
	import random #samesies
	from random import randrange #random file name
	import sys #to sleep
	import socket #to talk to bind/reverse shell
	from select import select #what what?
	import signal
	import argparse

	ip = "10.1.1.2"
	# FTP USERNAME
	username = "lololololololo"
	# FTP PASSWORD
	password = "l0l0l0l0l0l0"

	def generate_jcl(userid,name,group,uid,su=False):
	unix_id = userid.lower()
	userid = userid.upper()
	group = group.upper()
	#print "Adding user with the following variables:"
	print "userid:",userid,"name:",name,"group:",group,"unix_id:",unix_id,"uid:",uid,"su:",su

	JCL = '''//CREATED JOB (WHATEVER),'Add Users',CLASS=A,MSGCLASS=0,
	// MSGLEVEL=(1,1),NOTIFY=&SYSUID
	//* JCL to use a PROCLIB to add users with OMVS and TSO
	//* using http://ktomiak.biz/ORG/STUFF/tips/RACF103.html
	//* For future reference: You need to replace:
	//*
	//* ADD RACF USERID WITH TSO AND OMVS SEGMENTS
	//*
	//TSORACF EXEC PGM=IKJEFT01,DYNAMNBR=75,TIME=100,REGION=6M
	//SYSTSPRT DD SYSOUT=*
	//SYSUADS DD DISP=SHR,DSN=SYS1.UADS
	//SYSLBC DD DISP=SHR,DSN=SYS1.BRODCAST
	//SYSTSIN DD *
	AU '''+userid+''' NAME('''+"'"+name+"'"+''') DFLTGRP('''+group+''') +
	PASSWORD('''+userid+''') OWNER('''+group+''') UACC(NONE) +
	TSO(ACCTNUM(ACCT#) PROC(ISPFPROC) JOBCLASS(A) MSGCLASS(X) +
	UNIT(SYSALLDA) +
	HOLDCLASS(X) SYSOUTCLASS(X) SIZE(4048) MAXSIZE(0)) +
	OMVS(HOME('/u/'''+unix_id+'''') PROGRAM('/bin/sh') UID('''+uid+'''))
	AD '''+"'"+userid+'''.*' OWNER('''+userid+''') UACC(NONE) GENERIC
	PERMIT ACCT# CLASS(ACCTNUM) ACCESS(READ) ID('''+userid+''')
	PERMIT ISPFPROC CLASS(TSOPROC) ACCESS(READ) ID('''+userid+''')
	PERMIT DBSPROC CLASS(TSOPROC) ACCESS(READ) ID('''+userid+''')
	SETROPTS REFRESH RACLIST(TSOPROC)\n'''

	#if su is True:
	# JCL +=''' PERMIT BPX.SUPERUSER CLASS(FACILITY) ACCESS(READ) ID('''+userid+''')
	#SETROPTS REFRESH RACLIST(FACILITY)\n'''

	JCL += ''' PERMIT JCL CLASS(TSOAUTH) ID('''+userid+''')
	LU '''+userid+''' TSO OMVS
	LD DA('''+"'"+userid+'''.*') ALL
	/*
	//* CREATE ALIAS
	//*
	//ALIAS EXEC PGM=IDCAMS
	//SYSPRINT DD SYSOUT=*
	//SYSIN DD *
	DEFINE ALIAS (NAME('''+userid+''') RELATE(USERCAT.TSOUSER))
	/*
	//* DO UNIX WORK FROM TSO
	//*
	//MOUNT EXEC PGM=IKJEFT01,DYNAMNBR=75,TIME=100,REGION=6M
	//SYSPROC DD DISP=SHR,DSN=SYS1.SBPXEXEC
	//SYSTSPRT DD SYSOUT=*
	//SYSPRINT DD SYSOUT=*
	//SYSTSIN DD *
	oshell mkdir /u/'''+unix_id+'''
	oshell ls /u/'''+unix_id+'''
	oshell chmod 755 /u/'''+unix_id+'''
	oshell chown '''+unix_id+''':'''+group+''' /u/'''+unix_id+'''
	/*
	//'''

	return JCL

	userid = "jade"
	name = "Jade Murphy"
	group = "infosec"
	uid = "31338"


	try:
	MTP = FTP()
	MTP.connect(ip, "21")
	MTP.login(username, password)
	print "{!} - Connected to:", ip,":21"
	MTP.voidcmd( "site file=JES" )
	except Exception, e:
	print e
	sys.exit(0)

	#print code

	###
	# Begin while loop to add users
	###
	users = []
	names = []

	with open(sys.argv[1]) as fp:
	for line in fp:
	if ' ' in line: names.append(line.rstrip())
	elif len(line.rstrip()) <= 7: users.append(line.rstrip())

	print len(names)
	print len(users)

	for f in users:
	user = f
	name = names[random.randrange(0,len(names))]
	group = "infosec"
	uid = str(random.randrange(1337,31336))
	if user[2].lower() in ["a","e","i","o","u"]: su = True
	else: su = False
	print "Adding User:",user, "Named:", name,"su:",su,"uid:",uid
	# continue
	code = generate_jcl(user,name,group,uid)
	#### create temp files to upload
	TEMP_JCL_FILE = '/tmp/rand.jcl'
	TEMP_JCL = open(TEMP_JCL_FILE,'w')
	TEMP_JCL.write(code)
	TEMP_JCL.close()
	#print code


	try:
	print "uploading file"
	jcl_upload = MTP.storlines( 'STOR %s' % username.upper(), open(TEMP_JCL_FILE,'rb')) # upload temp file to JES queue
	print "jcl_upload:", jcl_upload
	os.remove(TEMP_JCL_FILE) # delete the tmp file
	except Exception, e:
	os.remove(TEMP_JCL_FILE) #remove the tmp file
	print "[ERR] could not upload JCL file"
	print e
	sys.exit(0)

	print "done"