will/pamela
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

modified the script so that it only supports url and uses comma as separator for csv

Browse Source
This commit is contained in:
sandbender 2011-02-12 22:03:35 +01:00
parent 5b5e91eaa3
commit b0d9788f37
1 changed files with 131 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

203
scanner/pamela-scanner.sh
View File

@ -23,25 +23,29 @@ LICENSE
PAM_DIR="$(cd $(dirname $0) && pwd)" PAM_DIR="$(cd $(dirname $0) && pwd)"
PAM_CRON="/etc/cron.d/pamela" PAM_CRON="/etc/cron.d/pamela"
PAM_SCRIPT="$PAM_DIR/$(basename $0)" PAM_SCRIPT="${PAM_DIR}/$(basename $0)"
REGISTER=''
REGISTER= SIMULATE=''
IF='eth0' IF='eth0'
OUT='http://yourserver.com/pamela/upload.php' OUT='http://yourserver.com/pamela/upload.php'
USER='' USER=''
PASSWORD='' PASSWORD=''
TRANSLATE=''
POST=''
function usage { function usage {
echo "Usage: pamela-scanner [OPTIONS] echo "Usage: pamela-scanner [OPTIONS]
-i INTERFACE Interface to arp-scan. Defaults to [$IF]. -i INTERFACE Interface to arp-scan. Defaults to [${IF}].
-o URL The url of the pamela upload script (including /upload.php). -o URL The url of the pamela upload script (including /upload.php).
Defaults to [$OUT]. Defaults to [${OUT}].
-r Register the script in cron every 2 minutes -r Register the script in cron every 2 minutes
-q Unregister the script from cron -q Unregister the script from cron
-u Http-auth user. Defaults to [$USER]. -u Http-auth user. Defaults to [${USER}].
-p Http-auth password. Defaults to [$PASSWORD]. -p Http-auth password. Defaults to [${PASSWORD}].
-s Simulate, don't commit the post.
-t URL Translate mac addresses using the data provided from the
specified URL. CSV format expected (mac,name\\n).
-h Shows help -h Shows help
This pamela scanner is an arp-scanner that uploads mac addresses in your local This pamela scanner is an arp-scanner that uploads mac addresses in your local
@ -51,83 +55,138 @@ together against the same web server, where all results will be agregated."
} }
function check_if_root { function check_if_root {
if [ "$(id -ru)" != "0" ] if [ "$(id -ru)" != "0" ]
then then
echo "Must be root to run pamela-scanner" echo "Must be root to run pamela-scanner"
exit 1 exit 1
fi fi
} }
function check_if_arpscan_installed { function check_if_arpscan_installed {
if [ -z "$(which arp-scan)" ] if [ -z "$(which arp-scan)" ]
then then
echo "ENOARPSCAN: Could not find arp-scan, please install it" echo "ENOARPSCAN: Could not find arp-scan, please install it"
fi fi
} }
function register { function register {
check_if_root check_if_root
check_if_arpscan_installed check_if_arpscan_installed
echo "Registering pamela in cron: $PAM_CRON" echo "Registering pamela in cron: ${PAM_CRON}"
echo "*/2 * * * * [ -x \"$PAM_SCRIPT\" ] && \"$PAM_SCRIPT\" -i \"$IF\" -o \"$OUT\" -u \"$USER\" -p \"$PASSWORD\" | logger -t pamela" > "$PAM_CRON" echo "*/2 * * * * [ -x \"${PAM_SCRIPT}\" ] && \"${PAM_SCRIPT}\" -i \"${IF}\" -o \"${OUT}\" -u \"${USER}\" -p \"${PASSWORD}\" | logger -t pamela" > "${PAM_CRON}"
echo "Depending on your version of crond, you might have to restart the cron daemon for the changes to take effect" echo "Depending on your version of crond, you might have to restart the cron daemon for the changes to take effect"
} }
function unregister { function unregister {
check_if_root check_if_root
echo "Unregistering pamela in cron: $PAM_CRON" echo "Unregistering pamela in cron: ${PAM_CRON}"
rm "$PAM_CRON" rm "${PAM_CRON}"
echo "Depending on your version of crond, you might have to restart the cron daemon for the changes to take effect" echo "Depending on your version of crond, you might have to restart the cron daemon for the changes to take effect"
} }
function parse_params { function parse_params {
TEMP=$(getopt -o 'hrqi:o:s:u:p:-n' "pamela arp scanner" -- "$@") TEMP=$(getopt -o 'hrqsi:o:u:p:t:-n' "pamela arp scanner" -- "$@")
if [ $? != 0 ] ; then echo "Could not parse parameters..." >&2 ; exit 1 ; fi if [ $? != 0 ]
eval set "$TEMP" then
while true echo "Could not parse parameters..." >&2
do exit 1
shift; fi
[ -z "$1" ] && break;
case "$1" in eval set "${TEMP}"
-i) IF="$2"; shift;; while true
-o) OUT="$2"; shift;; do
-s) SLEEP="$2"; shift;; shift;
-u) USER="$2"; shift;; [ -z "$1" ] && break;
-p) PASSWORD="$2"; shift;; case "$1" in
-r) REGISTER='r';; -i) IF="$2"; shift;;
-q) unregister; exit 0;; -o) OUT="$2"; shift;;
-h|'-?') usage; exit 1;; -u) USER="$2"; shift;;
*) echo "Unknown param: [$1]"; usage; exit 1;; -p) PASSWORD="$2"; shift;;
esac -r) REGISTER='r';;
done -s) SIMULATE='s';;
# Register only after parsing all args -q) unregister; exit 0;;
if [ -n "$REGISTER" ]; then -t) TRANSLATE="$2"; shift;;
register -h|'-?') usage; exit 1;;
exit 0 *) echo "Unknown param: [$1]"; usage; exit 1;;
fi esac
done
# Register only after parsing all args
if [ -n "${REGISTER}" ]
then
register
exit 0
fi
} }
function scan_and_upload { function scan {
echo $(date)" scanning..." echo $(date)" scanning..."
DATA="" DATA=""
NUM_DATA=0 NUM_DATA=0
for M in $(arp-scan -R -i 10 --interface "$IF" --localnet | awk '{ print $2 }' | grep :.*: | sort | uniq) for M in $(arp-scan -R -i 10 --interface "${IF}" --localnet | awk '{ print $2 }' | grep :.*: | sort | uniq)
do do
[ -n "$DATA" ] && DATA="$DATA,$M" || DATA="$M"; [ -n "${DATA}" ] && DATA="${DATA},${M}" || DATA="${M}";
let "NUM_DATA=NUM_DATA+1" let "NUM_DATA=NUM_DATA+1"
done done
POST="data=$DATA" POST="${DATA}"
RESULT=$(wget "$OUT" -O - --quiet --post-data "$POST" --user "$USER" --password "$PASSWORD") }
if [ -n "$RESULT" ]
then function translate {
echo Error uploading results: if [ -z "${TRANSLATE}" ]
echo "$RESULT" then
fi return 0
echo $(date)" Uploaded $NUM_DATA mac addresses..." fi
# translate denotes a url
# save the output of the url to a file and use it as a file
TRANSLATE_URL=${TRANSLATE}
TRANSLATE=$(mktemp)
wget --quiet -O "${TRANSLATE}" "${TRANSLATE_URL}"
POST=$(echo ${POST} | awk -v names="${TRANSLATE}" 'BEGIN {
RS="\n"
FS=","
while ((getline nl < names) > 0) {
split(nl, n);
nms[n[2]] = n[1]
}
close(names)
RS=","
first=1
while ((getline i)> 0) {
sub(/\n$/,"",i)
#print "input:", i, "translates to", (i in nms?nms[i]:i)
if (!first)
printf(",")
printf (i in nms?nms[i]:i)
first=0
}
}')
rm ${TRANSLATE}
}
function upload {
if [ -z "${SIMULATE}" ]
then
RESULT=$(wget "${OUT}" -O - --quiet --post-data "data=${POST}" --user "${USER}" --password "${PASSWORD}")
else
echo Not executing: [wget "${OUT}" -O - --quiet --post-data "data=${POST}" --user "${USER}" --password "${PASSWORD}"]
RESULT=
fi
if [ -n "${RESULT}" ]
then
echo Error uploading results:
echo "${RESULT}"
fi
echo $(date)" Uploaded ${NUM_DATA} mac addresses..."
} }
parse_params $@ parse_params $@
check_if_root check_if_root
check_if_arpscan_installed check_if_arpscan_installed
scan_and_upload scan
translate
upload