From 05dfcb577a562be97b868e65ff502ea8e61cd893 Mon Sep 17 00:00:00 2001
From: lixin <lixinb@uniontech.com>
Date: Mon, 11 Mar 2024 17:10:52 +0800
Subject: [PATCH] CVE-2024-24892

---
 ut-Migration-tools/index.py | 49 +++++++++++++++++++++++--------------
 1 file changed, 31 insertions(+), 18 deletions(-)

diff --git a/ut-Migration-tools/index.py b/ut-Migration-tools/index.py
index 635c5ac..fa9e3fb 100644
--- a/ut-Migration-tools/index.py
+++ b/ut-Migration-tools/index.py
@@ -3,6 +3,7 @@
 import os
 import sys
 import json
+import paramiko
 from func import share
 from views import migration
 
@@ -218,29 +219,41 @@ def MT_export_migration_reports():
     :return:
     """
     mod = check_methods()
-    f = open("/usr/lib/migration-tools-server/.passwd.txt","r")
-    password = f.read()
-    f.close()
     if mod:
         data = request.get_data()
         json_data = json.loads(data)
-        mkdir_log_pwd = "/var/uos-migration/"
-        isExists=os.path.exists(mkdir_log_pwd)
-        if not isExists:
-            try:
-                os.makedirs(mkdir_log_pwd)
-                print(mkdir_log_pwd)
-            except:
-                print("export report mkdir error:%s" % mkdir_log_pwd)
-
+        user = json_data.get('info').split("|")[0]
         info = mod.split(',')
-        scp_log = "sshpass -p '%s'" % password + " scp -r %s" % json_data.get('info').split("|")[0] + "@%s" % info[1] \
-                  + ":/var/tmp/uos-migration/UOS*.tar.gz /var/uos-migration/"
+        ip = info[1].strip('"')
+        port = 22
+        with open("/usr/lib/migration-tools-server/.passwd.txt", "r") as f:
+            password = f.read()
+
+        remote_dir = local_dir = "/var/tmp/uos-migration"
+        if not os.path.exists(local_dir):
+            os.makedirs(local_dir)
+
+        client = paramiko.SSHClient()
+        client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
         try:
-            os.system(scp_log)
-            print(scp_log)
-        except:
-            print('export report scp error:%s' % scp_log)
+            client.connect(ip, port, user, password)
+            sftp = client.open_sftp()
+
+            remote_files = sftp.listdir(remote_dir)
+            # 遍历远程文件列表
+            for filename in remote_files:
+                if filename.endswith('.tar.gz'):
+                    remote_file_path = os.path.join(remote_dir, filename)
+                    local_file_path = os.path.join(local_dir, filename)
+                    sftp.get(remote_file_path, local_file_path)
+
+        except Exception as e:
+            print(f"Error: {e}")
+
+        finally:
+            # 关闭连接
+            if client:
+                client.close()
         return Response(mod, content_type='application/json')
 
 
-- 
2.33.0