NCPA 3.01 Issue with Special Characters in Plugin Arguments

[PaulKessler]

It seems that I am unable to escape special characters in the Plugin Arguments.

Example Arguments: -s localhost DB queryUser FytEOeWL+3FD9xFLUZM64A==

Results in the + sign being removed: -s localhost DB queryUser FytEOeWL 3FD9xFLUZM64A==

Attempting to escape the character or string with a backslash does not seem to work: Using: -s localhost DB queryUser FytEOeWL+3FD9xFLUZM64A==

Results in: -s localhost DB queryUser FytEOeWL\ 3FD9xFLUZM64A==

I can get around the issue by creating a separate bat file as a wrapper to contain the arguments and call that as the plugin. I have tried several other methods and nothing seems to work. If this is a duplicate please point me at the original defect. Or let me know if there is an alternate method to escape the special characters.

[ccztux]

Can you please post the complete call of check_ncpa.py?

[PaulKessler]

Example Service check: /usr/local/nagios/libexec/check_ncpa.py -H 192.168.85.129 -t 'password' -M 'plugins/transCheck.exe' -q 'args=-s 192.168.85.129 tc infodba Jnuew+iDEKG4eIGuZ/JJYw== asynchronous TERMINAL'

Example: API response in the browser You can see below that the + symbol gets removed. {

"returncode": 3762504530,

"stdout": "Unhandled Exception: System.FormatException: Invalid length for a Base-64 char array or string.\n   at System.Convert.FromBase64_Decode(Char* startInputPtr, Int32 inputLength, Byte* startDestPtr, Int32 destLength)\n   at System.Convert.FromBase64CharPtr(Char* inputPtr, Int32 inputLength)\n   at System.Convert.FromBase64String(String s)\n   at TransStatus.AesOperation.DecryptString(String key, String cipherText)\n   at TransStatus.Program.Main(String[] args)",

"cmd": "cmd /c C:\\Program Files\\Nagios\\NCPA\\plugins\\transCheck.exe -s 192.168.85.129 tc infodba Jnuew iDEKG4eIGuZ/JJYw== asynchronous TERMINAL"

}

As a temporary work around I wrap the plugin with a bat script instead to execute the plugin with the arguments and that works fine for now.

[ccztux]

Thanks!

This was fixed in the past https://github.com/NagiosEnterprises/ncpa/issues/937 in version 1.2.5 of check_ncpa.py which is located in the maint branch.

Try the version from the maint branch.

Example based on your call:

/usr/local/nagios/libexec/check_ncpa.py -H 192.168.85.129 -t 'password' -M 'plugins/transCheck.exe' -r '-s 192.168.85.129 tc infodba Jnuew+iDEKG4eIGuZ/JJYw== asynchronous TERMINAL'

@sawolf Can you please check if the version from the maint branch can be merged into master?

[PaulKessler]

I am seeing the issue on the NCPA client side as well, if I connect to the API via web browser and pass the arguments and click reload the plugin will throw an error because NCPA is passing the argument with the space creating an invalid parameter. So it seems this issue is on both ends.

[image: unnamed.png]

On Thu, Feb 15, 2024 at 1:27 PM Christian Zettel @.***> wrote:

Thanks!

This was fixed in the past #937 https://github.com/NagiosEnterprises/ncpa/issues/937 in version 1.2.5 of check_ncpa.py which is located in the maint branch.

Try the version from the maint branch. https://github.com/NagiosEnterprises/ncpa/blob/maint/client/check_ncpa.py

Example based on your call:

/usr/local/nagios/libexec/check_ncpa.py -H 192.168.85.129 -t 'password' -M 'plugins/transCheck.exe' -r '-s 192.168.85.129 tc infodba Jnuew+iDEKG4eIGuZ/JJYw== asynchronous TERMINAL'

@sawolf https://github.com/sawolf Can you please check if the version from the maint branch can be merged into master?

— Reply to this email directly, view it on GitHub https://github.com/NagiosEnterprises/ncpa/issues/1100#issuecomment-1947069456, or unsubscribe https://github.com/notifications/unsubscribe-auth/ADCEJFKWR7RUTYK2VZZ2SHDYTZORJAVCNFSM6AAAAABCTL45NOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSNBXGA3DSNBVGY . You are receiving this because you authored the thread.Message ID: @.***>