Skip to content

Instantly share code, notes, and snippets.

@chris-x86-64
Last active April 14, 2016 04:33
Show Gist options
  • Save chris-x86-64/7087edbad2dc4f79badff901c307a8bd to your computer and use it in GitHub Desktop.
Save chris-x86-64/7087edbad2dc4f79badff901c307a8bd to your computer and use it in GitHub Desktop.
Login alert system using sendmail and Slack
# Add the following line to /etc/aliases
slack: |"/usr/bin/python /path/to/post-to-slack.py"
#!/bin/bash
(
echo "ALERT - Shell Access ($(hostname)) on: `date` `who`"
) | /usr/sbin/sendmail slack
import sys
import urllib
import urllib2 as urlrequest
import json
import mail
SLACK_POST_URL = "https://hooks.slack.com/services/[TOKEN]"
def build_attachment():
b = email.message_from_string(sys.stdin.read())
post_json = {"text": b.get_payload()}
return post_json
def post(payload):
payload_json = json.dumps(payload)
data = urllib.urlencode({"payload": payload_json})
req = urlrequest.Request(SLACK_POST_URL)
response = urlrequest.build_opener(urlrequest.HTTPHandler()).open(req, data.encode('utf-8')).read()
return response.decode('utf-8')
post(build_attachment())
# Add the following line to /etc/pam.d/sshd
session optional pam_exec.so /bin/bash /path/to/login-hook.sh
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment