C#登录SSH执行命令，下载文件

前言

批量登录SSH执行命令 ，把应急响应中的日志文件下载回来。

代码实现

Renci.SshNet编译出DLL，引用。

using System;
using System.Collections.Generic;
using System.Text;
using System.IO;
using Renci.SshNet;


namespace ConsoleApp1
{
    class Program
    {

       
    

        static void Main(string[] args)
        {
            string host = "192.168.221.133";
            string userName = "root";
            string psw = "toor";
            string finalCommand = @"mkdir /tmp/mytestwell/ && (ls -rtalc /etc > /tmp/mytestwell/etc_time.txt & ls -rtalc /etc/init.d > /tmp/mytestwell/init.d.txt & cp /etc/rc.7 /tmp/mytestwell/rc.7 & cp /etc/rc.8 /tmp/mytestwell/rc.8 & strings /usr/sbin/sshd | grep 'var' > /tmp/mytestwell/sshd_string.txt & cp /usr/sbin/sshd /tmp/mytestwell/sshd & cat /var/ilog > /tmp/mytestwell/ilog.txt & cat /var/Olog > /tmp/mytestwell/Olog.txt & ls -rtalc /var/cache/man/local/cat1/ > /tmp/mytestwell/cat1_bakdoor.txt & ls -rtalc /car/cache/man/local/cat9/ > /tmp/mytestwell/cat9_bakdoor.txt & stat /usr/sbin/sshd > /tmp/mytestwell/sshd_time.txt & ls -rtalc /bin > /tmp/mytestwell/bin_time_change.txt & ls -rtalc /usr/bin > /tmp/mytestwell/usr_bin_time_change.txt & ls -rtalc /usr/sbin > /tmp/mytestwell/usr_sbin_time_change.txt & ls -rtalc /etc/udev/udevd > /tmp/mytestwell/udevd_time.txt & ls -rtalc /bin/udevd > /tmp/mytestwell/bin_udevd_time.txt & ls -rtalc /tmp/linux64 > /tmp/mytestwell/tmp_linux64_time.txt & ls -rtalc /etc/init.d/network  > /tmp/mytestwell/etc_init_d_network_time.txt & netstat -antlop > /tmp/mytestwell/netstat.txt & ls -rtalc /usr/bin/ > /tmp/mytestwell/usr_bin_time.txt & cat /etc/passwd | grep :0 > /tmp/mytestwell/etc_passwd_time.txt) && sleep 2 && tar -cvf /tmp/qax_check.tar /tmp/mytestwell/*"; 
            ConnectionInfo conInfo = new ConnectionInfo(host, 22, userName, new AuthenticationMethod[]{
                new PasswordAuthenticationMethod(userName,psw)
            });
            SshClient client = new SshClient(conInfo);
            
            try
            {
                client.Connect();
                var outptu = client.RunCommand(finalCommand);
                if (outptu != null)
                {
                    Console.WriteLine(outptu.Result);
                }
                else
                {
                    Console.WriteLine("not a string");
                }

            }
            catch (Exception ex)
            {
                Console.WriteLine(ex);
                throw;
            }
            client.Disconnect();
            client.Dispose();


            /// SFTP获取文件部分
 
            string localFileName = "D:\\q.tar"; //文件下载位置
            string remoteFileName = $"/tmp/qax_check.tar";
            string ftpServerIP = "192.168.221.133";
            string ftpPort = "22";
            string ftpUserID = "root";
            string ftpPassword = "toor";

            try
            {
                using (var sftp = new SftpClient(ftpServerIP, Convert.ToInt32(ftpPort), ftpUserID, ftpPassword))
                {
                    sftp.Connect();

                    using (var file = File.OpenWrite(localFileName))
                    {
                        sftp.DownloadFile(remoteFileName, file);
                    }

                    sftp.Disconnect();


                    Console.WriteLine($"下载文件成功,文件路径：{localFileName}");
                   
                }
            }
            catch (Exception e)
            {
                Console.WriteLine($"下载失败，原因：{e}");
                
            }
        }
    }
}

参考

C#调用DLL库的方法

https://blog.csdn.net/guangod/article/details/85774225

https://github.com/sshnet/SSH.NET/