summaryrefslogtreecommitdiffstats
path: root/filebitch
diff options
context:
space:
mode:
authorroot <root@filebitch>2011-08-28 18:28:51 +0200
committerroot <root@filebitch>2011-08-28 18:28:51 +0200
commit1364c58cb6c97f24f4ade9d984ac71a846f5ef19 (patch)
tree8dc7fdffe8a239531d917b331c22885f7fc963c2 /filebitch
parent8678f7ce47ed62c9db5446021955b89abbe3ab60 (diff)
parent7a97f9d4baff89bbcfa4bef93ab4d4246b2b82e6 (diff)
Merge branch 'master' of https://github.com/krebscode/painload
Diffstat (limited to 'filebitch')
-rw-r--r--filebitch/README8
-rwxr-xr-xfilebitch/connect_narf.pl2
-rwxr-xr-xfilebitch/disconnect_narf.pl15
3 files changed, 14 insertions, 11 deletions
diff --git a/filebitch/README b/filebitch/README
index 177bb374..5ae3a666 100644
--- a/filebitch/README
+++ b/filebitch/README
@@ -1,12 +1,14 @@
-The connec_sh script morses the IP + "connected" when a user connects to filebitchs proftpd server.
+The connect_narf.pl script morses the IP + "connected" when a user connects to filebitchs proftpd server.
+The disconnect_narf.pl scritp will do the obvious opposite.
It will hopefully drive someone crazy.
To make it run you need to add some lines to your proftpd config.
I decided not to let Krebs do this as I didn't want to break your FTP Server (I know FTP is broken by default).
The 5 necessary lines are:
-ExtendedLog /var/log/proftpd/ftp_auth.log AUTH auth
+
<IfModule mod_exec.c>
ExecEngine on
- ExecOnConnect "/krebs/filebitch/connect_narf.pl"
+ ExecOnConnect "/krebs/filebitch/connect_narf.pl %a"
+ ExecOnExit "/krebs/filebitch/disconnect_narf.pl %a"
</IfModule>
diff --git a/filebitch/connect_narf.pl b/filebitch/connect_narf.pl
index 97cc7750..8e984150 100755
--- a/filebitch/connect_narf.pl
+++ b/filebitch/connect_narf.pl
@@ -14,5 +14,5 @@ $ip =~ s/\b(25[0-5]|2[0-4][0-9]|[1]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[1]?[0-9]
system("morse -l 42 -f 2000 $ip");
system("morse -l 42 -f 3000 \"connected\"");
-# my $ip = "USER";
+# Uncomment the beep below to play the enterprise connect sound
# system("beep -l 42 -f 2000 -D 42 -n -l 42 -f 3337");
diff --git a/filebitch/disconnect_narf.pl b/filebitch/disconnect_narf.pl
index af7bea6c..77fbf743 100755
--- a/filebitch/disconnect_narf.pl
+++ b/filebitch/disconnect_narf.pl
@@ -1,15 +1,16 @@
#!/usr/bin/perl
#Please add the following to your proftpd config file
-#ExtendedLog /var/log/proftpd/ftp_auth.log AUTH auth
-#and
#<IfModule mod_exec.c>
# ExecEngine on
-# ExecOnExit "/krebs/filebitch/disconnect_narf.pl"
+# ExecOnExit "/krebs/filebitch/connect_narf.pli %a"
#</IfModule>
-#$ip = system("tail -n 1 /var/log/proftpd/ftp_auth.log");
+$ip = $ARGV[0];
#I'm very sorry for this regex, but i only wanted it to get _real_ IPv4 Adresses of the log file, not any kind of timestamp bullshit
-#$ip =~ s/\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b//g;
+$ip =~ s/\b(25[0-5]|2[0-4][0-9]|[1]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[1]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[1]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[1]?[0-9][0-9]?)\b//g;
#getting some guys sitting next to the Server pissed :)
-my $ip = "USER";
-system("beep -l 42 -f 2000 -D 42 -n -l 42 -f 1000");
+system("morse -l 42 -f 2000 $ip");
+system("morse -l 42 -f 3000 \"disconnected\"");
+
+# Uncomment the beep below to play the enterprise connect sound
+# system("beep -l 42 -f 2000 -D 42 -n -l 42 -f 3337");