# See what's sent and monitored at the bottom of the script
+# Handle SIGINT
my @child_processes;
-
sub stop_child_processes {
kill 'INT', @child_processes;
}
$SIG{'INT'} = 'stop_child_processes';
+
+# Register client with server
+my ($hostname) = ns_system('./busybox', 'hostname');
+my ($clientName, $clientKey) = register($hostname);
+
+
+# ------------------------------------------------------------------------------
+
sub print_log {
my @lines = @_;
my $timestamp = strftime "%Y-%m-%d %H:%M:%S", localtime;
}
sub login {
- my ($clientName, $clientKey) = @_;
my $socket = connect_to_server;
my $response = "";
$socket->send("login\n");
}
sub send_info {
- my ($clientName, $clientKey) = @_;
my $socket = login($clientName, $clientKey);
my $info = join "", ns_system('./busybox', 'sh', '-c', 'hostname; date; uname -a; lspci; lsusb; ifconfig');
$socket->send("info\n");
}
sub send_log {
- my ($clientName, $clientKey, $file) = @_;
+ my ($file) = @_;
my $pid = fork;
if ($pid) {
push @child_processes, $pid;
}
sub send_processes {
- my ($clientName, $clientKey) = @_;
my $pid = fork;
if ($pid) {
push @child_processes, $pid;
}
sub send_command_output {
- my ($clientName, $clientKey, $name, @command) = @_;
+ my ($name, @command) = @_;
my $pid = fork;
if ($pid) {
push @child_processes, $pid;
}
sub send_file {
- my ($clientName, $clientKey, $file) = @_;
+ my ($file) = @_;
my $pid = fork;
if ($pid) {
push @child_processes, $pid;
}
sub watch_directory {
+ my ($dir) = @_;
my $pid = fork;
if ($pid) {
push @child_processes, $pid;
return;
}
- my ($clientName, $clientKey, $dir) = @_;
my $monitor = ns_systemFH('./inotifywait', '-r', '-m', '-e', 'close_write', '--format', '%w%f', $dir);
while (<$monitor>) {
chomp;
- send_file($clientName, $clientKey, $_);
+ print "Watch found: $_\n";
+ send_file($_);
}
exit;
}
sub capture_packets {
- my ($clientName, $clientKey) = @_;
+ #my ($clientName, $clientKey) = @_;
my $pid = fork;
if ($pid) {
push @child_processes, $pid;
exit;
}
-my ($hostname) = ns_system('./busybox', 'hostname');
-my ($name, $key) = register($hostname);
-send_info($name, $key);
+send_info();
+send_processes();
# Files, logs, and commands to send to the server
# ------------------------------------------------------------------------------
# These files will have their contents sent as they are updated
-send_log($name, $key, '/var/log/secure');
-send_log($name, $key, '/var/log/auth.log');
-send_log($name, $key, '/var/log/cron');
-send_log($name, $key, '/var/log/messages');
-send_log($name, $key, '/var/log/syslog');
+send_log('/var/log/secure');
+send_log('/var/log/auth.log');
+send_log('/var/log/cron');
+send_log('/var/log/messages');
+send_log('/var/log/syslog');
foreach my $logfile (get_files_recursively('/var/log')) {
- send_log($name, $key, $logfile);
+ send_log($logfile);
}
# These files will be sent once
-send_file($name, $key, '/etc/crontab'); # Scheduled jobs
-send_file($name, $key, '/etc/group'); # Group list
-send_file($name, $key, '/etc/hosts'); # IP -> hostnames
-send_file($name, $key, '/etc/hosts.allow'); # Allowed hosts
-send_file($name, $key, '/etc/hosts.deny'); # Denied hosts
-send_file($name, $key, '/etc/inetd.conf'); # Internet service daemon configuration
-send_file($name, $key, '/etc/logrotate.conf'); # Control log rotation
-send_file($name, $key, '/etc/passwd'); # User list
-send_file($name, $key, '/etc/securetty'); # TTY's allowing root login
-send_file($name, $key, '/etc/shadow'); # User passwords
-send_file($name, $key, '/etc/sudoers'); # Users who can run commands as another user (including root)
-send_file($name, $key, '/etc/sysctl.conf'); # Kernel options
-send_file($name, $key, '/etc/syslog.conf'); # Syslog configuration
-send_file($name, $key, '/var/log/lastlog'); # Previously logged in users
-send_file($name, $key, '/var/log/wmtp'); # Current logged in users
+send_file('/etc/crontab'); # Scheduled jobs
+send_file('/etc/group'); # Group list
+send_file('/etc/hosts'); # IP -> hostnames
+send_file('/etc/hosts.allow'); # Allowed hosts
+send_file('/etc/hosts.deny'); # Denied hosts
+send_file('/etc/inetd.conf'); # Internet service daemon configuration
+send_file('/etc/logrotate.conf'); # Control log rotation
+send_file('/etc/passwd'); # User list
+send_file('/etc/securetty'); # TTY's allowing root login
+send_file('/etc/shadow'); # User passwords
+send_file('/etc/sudoers'); # Users who can run commands as another user (including root)
+send_file('/etc/sysctl.conf'); # Kernel options
+send_file('/etc/syslog.conf'); # Syslog configuration
+send_file('/var/log/lastlog'); # Previously logged in users
+send_file('/var/log/wmtp'); # Current logged in users
foreach my $logfile (get_files_recursively('/etc/pam.d'),
get_files_recursively('/etc/rc/init.d'),
get_files_recursively('/etc/sysconfig'),
get_files_recursively('/etc/cron*'),
get_files_recursively('/etc/init.d')) {
- send_file($name, $key, $logfile);
+ send_file($logfile);
}
# These commands will have their output sent as they are updated
-send_command_output($name, $key, 'journalctl', 'journalctl', '-f');
+send_command_output('journalctl', 'journalctl', '-f');
# These directories and their subdirectories will be watched and any new/modified files will be sent
-watch_directory($name, $key, '/tmp');
-watch_directory($name, $key, '/dev/shm');
-watch_directory($name, $key, '/home');
-watch_directory($name, $key, '/etc');
+watch_directory('/tmp');
+watch_directory('/dev/shm');
+watch_directory('/home');
+watch_directory('/etc');
# ------------------------------------------------------------------------------
projects / remote-logging.git / commitdiff