Kamis, 04 September 2008

phone Home Anti Robber Mac Security Script ( part 3)

The next section is rather tricky. It involves taking a picture with your iSight camera. As a result you have to do a couple of extra steps due to security steps taken by Apple.

First open up your Apple Script Editor in Applications > AppleScript > Script Editor and then type the following:

do shell script "/path/to/isightcapture /hidden/path/to/folder/isightimage.jpg"

Go to File > Save As. Set the File Format to Application Bundle. Save this File. Then, in Finder, right click on this file and Show Package Contents. Open Info.plist in Content. Open TextEdit or similar and add the following under . Then save the file out.

NSUIElement
1

You have to do this because Apple has disallowed a setting somewhere so you can’t run the iSightcaputre script from Terminal or cron. You can type the command in fine but you can’t do it through an automated script. A work around this is to run the command in AppleScript. This will save our image as normal. We can then use that image later. The added key in the plist file will stop the thief from seeing the bouncing Applescript icon. The only thing you will see is the small light from your iSight briefly flashing on.

Back to our shell script we should be at this line:

open $path"isightscripts.app"

This will open up the AppleScript file we have just created.

sleep 5

To stop the script from moving on before the image has been take we let it rest for 5 seconds. If you iSight camera take a lot longer to take a picture, change this value.

mv $path"isightimage.jpg" "$path$thedate.jpg"

This will rename the isight image take with Applescript into the syntax which we are using. This syntax includes the date. Note the “isightimage.jpg” portion should match up to the name in the Applescript.

screencapture -t jpg -x "$path"desktop"$thedate.jpg"

it is a criminal offense to modify files and folders without your permission. Since you don’t give the thief permission, they commit the offense. As a result this line will take a picture of your desktop and add it to the list. You can then show the jury that the thief was messing with your files and folders and as a result you can claim damages and compensation. The -x option in the file name makes sure the command doesn’t make a noise, it normally would.

zip -D "$path$thedate.zip" "$path$thedate.txt" "$path$thedate.jpg" "$path"desktop"$thedate.jpg"

This final section will zip up the three files. I spent ages trying to get more than one attachment to be sent with mailx (Terminal Mail), as well as a message body. It wouldn’t work. The simpliest method was to simply zip them up and email them as one .zip attachment. This also means that the files are also stored on your computer, compared to being in variables.

uuencode "$path$thedate.zip" "$path$thedate.zip" | mailx -s "Robber Logged on $thedate at $extip" email@example.com

This final command encodes the zip file into a binary file that can be sent along the Internet. I’m not 100% sure why you should do this, but all the posts on the Internet mention this method. In this line you need to change the email address to something that you would not normally use and the login passwords are not stored on your computer. The email that will actually be send will contain a subject which includes the time and IP address and then a blank message body with an attachment. For some reason mailx does not allow you to send an attachment and a message body. I have checked this and gmail accepts the email. The email will not come from a normal address, an amalgamation of your computers name and IP address. You will understand what I mean when you test the script out.

echo Test Done At $thedate, Fail >> $path"Checks".txt
exit 0
fi

The final lines simply log the information to a log file and exits. It also includes the end to the the if statement.

Hopefully you have understood everything in the script and modified the script to suit your computer and location. The final steps are to add it to cron and make it executable.

Tidak ada komentar: