#!../expect --
#Fpass - by Digital Ebola <digi@legions.org>
#Based on passmass by Don Libes.


exp_version -exit 5.0

if $argc==0 {
    send_user "usage: $argv0 host1 host2 host3 . . .\n"
    exit
}

expect_before -i $user_spawn_id \003 exit
set outfile [open report.$argv w]
proc badhost {line emsg} {
    global badhosts outfile
    puts $outfile "password not changed on $line - $emsg"	   
    send_user "\r\n\007password not changed on $line - $emsg\n"
    if {0==[llength $badhosts]} {
	set badhosts $line
    } else {
	set badhosts [concat $badhosts $line]
    }
}

# set defaults
set prompt ">"
set fileid [open $argv r]
set timeout -1
stty -echo

    send_user "Login Password: "
    expect_user -re "(.*)\n"
    send_user "\n"
    set password(login) $expect_out(1,string)
    send_user "Enable Password: "
    expect_user -re "(.*)\n"
    send_user "\n"
    set password(old) $expect_out(1,string)
    send_user "New Enable Password: "
    expect_user -re "(.*)\n"
    send_user "\n"
    set password(new) $expect_out(1,string)
    send_user "Retype New Enable Password: "
    expect_user -re "(.*)\n"
    set password(newcheck) $expect_out(1,string)
    send_user "\n"
    send_user "New Telnet Password: "
    expect_user -re "(.*)\n"
    set password(telnet) $expect_out(1,string)
    send_user "\n"
    send_user "Retype New Telnet Password: "
    expect_user -re "(.*)\n"
    set password(telnet2) $expect_out(1,string)
    send_user "\n"


stty echo
trap exit SIGINT

if ![string match $password(new) $password(newcheck)] {
    send_user "mismatch enable - passwords unchanged\n"
    exit
}
if ![string match $password(telnet) $password(telnet2)] {
    send_user "mismatch telnet - passwords unchanged\n"
    exit
}
set timeout 2
set badhosts {}

  while {[gets $fileid line] >= 0} {
			
		set pid [spawn telnet $line]
	



	expect -re "Password:"  {
	    send "$password(login)\r"
	    	expect -re "Password:" {
	    		badhost $line "Passwords BAD!"
            		exec kill $pid
            		expect eof
            		continue 
           		}
	} eof {
	    badhost $line "spawn failed"
	    continue
	} timeout {
	    badhost $line "could not log in (or unrecognized prompt)"
	    exec kill $pid
	    expect eof
	    continue

	} 

	
	expect "$prompt"
	send "enable\r"
	expect "*Password:"
	send "$password(old)\r"
	expect "# "
	send "conf t\r"
	expect "*#"
	send "enable secret $password(new)\r"
	expect "*#"
	send "line vty 0 4\r"
	send_user "Password change confirmed on $line\n"
	puts $outfile "Password change confirmed on $line\n"
	expect "*#"
	send "password $password(telnet)\r"
	expect "*#"
	send "write mem\r"
	expect "*#"
	send "exit\r" 
	send "\r"
	send_user "\nDone with $line\n"
	

	
}


if {[llength $badhosts]} {
    send_user "failed to set password on $badhosts\n"
}
close $fileid
close $outfile