Kamis, 04 September 2008

Phone Home Anti Robber Mac Security Script ( part 2 )

The Business End

This section is where the magic happens. It will format a variety of information and send it in a file. The system information includes the external IP address, Internal IP address, Mac Address as well as your Serial Number. Please note that you need to put the full path to wget (usually /usr/local/bin/wget) for it to work. I didn’t realise this, as a result it was not included in the scipt.

extip=`wget www.whatismyip.com/automation/n09230945.asp -O - -o /dev/null`

Another variable (the number is used many times in the script. It gets your IP address from a file provided by the site. It will then send this file (because it uses wget) and prints it to nowhere. The important factor is that it stores this IP value in memory for later use.

echo 'A robber has been logged at the computer here are the details:' $thedate >> $path$thedate.txt

The start of the text file containing the details. It does a simple message thats includes the date and will store it in a new file. You don’t have to create this file the double arrows will do that for you.

echo External IP Address: $extip >> $path$thedate.txt

his will print the external IP address of the computer to the next line on the file. This assumes that the computer is connected to the Internet (more on this little aspect later).

echo Hostname: `host $extip | awk '{print $5}'` >> $path$thedate.txt

This section will get the host name of your computer by using the host command. This simply lets you know the ISP of the user using your computer, making the IP address easier to track down. The command accesses the host command with the IP taken from whatismyip. It will then print the piece of information that we need by cutting it out of the output. It will then put this piece of information at the end of the file we are creating containing out thief’s information.

echo Mac Address: `/sbin/ifconfig en0 | awk '/ether/ { gsub(":", ""); print $2 }'` >> $path$thedate.txt

This takes the Mac address of your computer and prints it to the file. The awk section is a simple command that searches the ifconfig command for the piece of information we need. It will then change the syntax slightly and print it to our file.

echo Internal Address en0: `(/sbin/ifconfig en0 | awk '/inet / {print $2 }')` >> $path$thedate.txt

This will take the internal IP address of Ethernet card en0. It will print it to your file.

echo Interal Address en1: `(/sbin/ifconfig en1 | awk '/inet / {print $2 }')` >> $path$thedate.txt

This does exactly the same as the previous command but it will get the IP address of the wi-fi card. If you have more than one network card repeat that command changing en0 and en1 as you see fit.

echo Mac Serial Number: `ioreg -l | grep "IOPlatformSerialNumber"| awk '{print $4}'` >> $path$thedate.txt

This final command will get your Macs serial number from a long list of serial numbers that are stored on your computer and print it to your file. When you get round to running the command you will end up with something that looks like this.

A robber has been logged at the computer here are the details: Wed 3 Sep 2008 12:23:14 BST
External IP Address: 123.123.123.123
Hostname: hostname.example.com
Mac Address: 123456789098
Internal Address en0: 192.123.123.123
Internal Address en1: 192.123.123.124
Mac Serial Number: "12345678909"


Tidak ada komentar: