summaryrefslogtreecommitdiffstats
path: root/god/census
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2013-01-14 14:46:22 +0100
committermakefu <github@syntax-fehler.de>2013-01-14 14:46:22 +0100
commitdbe2d838ba6834788265029162b2dd7d82473335 (patch)
treea4eb38f7fc91d91269b6f83453de62242c6ddc23 /god/census
parent5a782f6c8f7923f9f415afd504ce6e71acbc7fef (diff)
parentabf9916bc1add17888308877fa4eb9da330297ef (diff)
Merge branch 'master' of github.com:krebscode/painload
Conflicts: god/temper/Makefile god/temper/collectd-temper.sh
Diffstat (limited to 'god/census')
-rw-r--r--god/census/Makefile5
-rw-r--r--god/census/README.md23
-rw-r--r--god/census/TODO.md3
-rw-r--r--god/census/VERSION1
-rwxr-xr-xgod/census/arping.py34
-rwxr-xr-xgod/census/arping_users.py92
-rw-r--r--god/census/mac_names.lst14
-rwxr-xr-xgod/census/sched-arping8
-rw-r--r--god/census/title.lst11
9 files changed, 191 insertions, 0 deletions
diff --git a/god/census/Makefile b/god/census/Makefile
new file mode 100644
index 00000000..9993bf2a
--- /dev/null
+++ b/god/census/Makefile
@@ -0,0 +1,5 @@
+.phony: all
+
+all: arping.py arping_users.py
+install:
+ ./sched-arping
diff --git a/god/census/README.md b/god/census/README.md
new file mode 100644
index 00000000..2842368d
--- /dev/null
+++ b/god/census/README.md
@@ -0,0 +1,23 @@
+Census (formerly known as ARPING Users)
+==========
+
+This is a simplified python script which checks the available subnet for computers online and returns a list of users which are online based on their mac-address
+
+The initial idea was to find known users in the given network, now it finds and stores everyone in the given network and might try to resolve these addresses into names. This is why the name `census` is coined for the project.
+
+Return Data
+----------
+after trying to reach all hosts in the selected subnets the script spits out th e following data:
+<pre>
+ { "timestamp" : 12345678, "data" : { "ip1" : ["mac1","mac2","macn"] }
+</pre>
+
+Census is meant to be put into a cronjob or some kind of wrapper scripts as it is currently really really (2-3 minutes) slow.
+
+SNMPWALK Command
+===============
+
+For historic reasons, this is the snmpwalk command to pull the currently registered mac-addresses on the firewall:
+<pre>
+snmpwalk -c shammunity 10.42.0.1 1.3.6.1.2.1.3.1.1.2
+</pre>
diff --git a/god/census/TODO.md b/god/census/TODO.md
new file mode 100644
index 00000000..daacfd58
--- /dev/null
+++ b/god/census/TODO.md
@@ -0,0 +1,3 @@
+BUGS
+=====
+
diff --git a/god/census/VERSION b/god/census/VERSION
new file mode 100644
index 00000000..6c50e659
--- /dev/null
+++ b/god/census/VERSION
@@ -0,0 +1 @@
++++++++[>+++++++>+++++++<<-]>.>---.<-.
diff --git a/god/census/arping.py b/god/census/arping.py
new file mode 100755
index 00000000..ed257441
--- /dev/null
+++ b/god/census/arping.py
@@ -0,0 +1,34 @@
+#!/usr/bin/python
+
+import logging
+log = logging.getLogger('arpingy')
+logging.disable(logging.WARNING)
+
+import os,sys
+try:
+ if (os.geteuid() != 0):
+ raise Exception('no root permissions')
+ from scapy.all import * #might throws "no such module"
+
+ def arpingy(iprange="10.42.1.0/24",iface='eth0'):
+ """Arping function takes IP Address or Network, returns nested mac/ip list"""
+ try:
+ conf.verb=0
+ ans,unans=arping(iprange,iface=iface,timeout=3,retry=1)
+
+ collection = []
+ for snd, rcv in ans:
+ result = rcv.sprintf(r"%ARP.psrc% %Ether.src%").split()
+ log.debug(result)
+ return result # take just the first arp reply
+ except Exception as e:
+ print ("something went wrong while arpinging " + str(e))
+ return []
+
+except Exception as e:
+ raise Exception("Cannot load arping functions!" + str(e))
+
+
+if __name__ =='__main__':
+ logging.basicConfig(level=logging.DEBUG)
+ arpingy(sys.argv[1],sys.argv[2])
diff --git a/god/census/arping_users.py b/god/census/arping_users.py
new file mode 100755
index 00000000..eb47f308
--- /dev/null
+++ b/god/census/arping_users.py
@@ -0,0 +1,92 @@
+#!/usr/bin/python
+import subprocess,re,logging,sys
+import json
+from arping import arpingy
+from multiprocessing import Pool
+logging.basicConfig(level=logging.WARNING)
+log = logging.getLogger("main")
+DEV='eth1'
+MAC_NAMES='mac_names.lst'
+data = []
+my_addr = False
+my_names = {}
+ret = {}
+quiet=False
+
+names = {}
+if len(sys.argv) > 1 and sys.argv[1] == 'q':
+ quiet=True
+def get_own_addr():
+ data = subprocess.Popen(['/sbin/ifconfig',DEV],
+ stdout=subprocess.PIPE).communicate()[0].replace('\n','')
+ return re.sub(r'.*HWaddr ([0-9A-Fa-f:]*).*inet addr:([0-9.]*).*' ,
+ r'\1 \2',data).split()
+
+def load_names(mac_file):
+ f = open(mac_file)
+ for l in f:
+ mac,name = l.split(' ',1)
+ names[mac] = name.replace('\n','')
+ f.close()
+ return names
+
+def print_config():
+ log.info("My Addr : %s" %str(my_addr))
+ log.info("MAC Names file: %s " %MAC_NAMES)
+ log.debug("Loaded names : ")
+ for mac,name in my_names.iteritems():
+ log.debug("%s => %s" %(mac,name))
+
+def init():
+ my_addr = get_own_addr()
+ my_names = load_names(MAC_NAMES)
+
+def arping_helper(dic):
+ log.debug("trying arpingy(%s)" %dic)
+ return arpingy(**dic)
+
+def main():
+ init()
+ print_config()
+
+ for first in range(1,4):
+ for second in range(256):
+ data.append({'iprange':'10.42.'+str(first)+'.'+str(second),'iface':DEV})
+ try:
+ log.info("creating new Pool")
+ p = Pool(35)
+ ret = filter(lambda x:x , p.map(arping_helper, data))
+ log.info("killing it")
+ p.terminate()
+
+ except Exception as e:
+ print 'you fail '+str(e)
+ sys.exit(1)
+ myip,mymac = get_own_addr()
+ ret.append([mymac,myip])
+
+ print_json(ret)
+ #print_names(ret)
+
+def print_names(ret):
+ for p in ret:
+ if not quiet:
+ print p[0] + " => " + p[1]
+ if p[1] in names:
+ print names[p[1]]+ " is online"
+
+def print_json(ret):
+ from time import time
+ output = {}
+ output["timestamp"] = time()
+ for i in ret:
+ mac = i[0]
+ ip = i[1]
+ if i[0] not in output:
+ output[mac] = []
+ output[mac].append(ip)
+ print json.dumps(output)
+
+if __name__ == "__main__":
+ log.debug("starting arping_users")
+ main()
diff --git a/god/census/mac_names.lst b/god/census/mac_names.lst
new file mode 100644
index 00000000..5f123dbe
--- /dev/null
+++ b/god/census/mac_names.lst
@@ -0,0 +1,14 @@
+00:40:63:c8:b5:a0 urkrebs
+00:23:54:29:1d:3e hadez
+00:26:c7:bd:a7:1a Martin
+04:1e:64:05:39:28 Stephan
+5c:59:48:22:2d:d2 Phil
+00:21:00:fb:5c:b6 Kah-Hah
+00:1e:64:27:3b:72 Felix
+40:30:04:4f:de:73 Armin
+00:26:c6:82:51:38 samuirai
+3c:8b:fe:5c:4e:da Moh-Moh
+00:26:bb:69:98:cc Jan
+78:dd:08:d5:34:28 Patrick
+78:ca:39:6e:ed:16 Tillman
+00:22:43:25:61:79 Te vau
diff --git a/god/census/sched-arping b/god/census/sched-arping
new file mode 100755
index 00000000..14f8af3c
--- /dev/null
+++ b/god/census/sched-arping
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+TMP=`mktemp`
+crontab -l >$TMP
+
+echo "23 * * * * $PWD/arping_users.py > $PWD/../db/arping" |
+../util/bin/magic create "arping" $TMP
+crontab $TMP
diff --git a/god/census/title.lst b/god/census/title.lst
new file mode 100644
index 00000000..dade858f
--- /dev/null
+++ b/god/census/title.lst
@@ -0,0 +1,11 @@
+KM kh
+KM lassulus
+KM makefu
+KM miefda
+KM momo
+KM pfleidi
+KM rtjure
+KM tv
+CN cmile
+CN infin
+CP *