Created
June 26, 2017 01:29
-
-
Save radimklaska/4cfa8375bd61c9bb7d190f1c089f8e0d to your computer and use it in GitHub Desktop.
* Check you have php with curl and arp-scan
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
$names = array( | |
"aa:bb:cc:dd:ee:ff" => 'Radim - mobil', | |
"aa:bb:cc:dd:ee:ff" => 'Radim - notebook', | |
); | |
$timestamp = time(); | |
$path = "/tmp/"; | |
$prefix = "detected_devices_"; | |
$file = $path . $prefix . $timestamp . ".txt"; | |
exec("sudo arp-scan -q -r 10 -I eth0 192.168.0.1-192.168.0.255 | awk 'NR > 2 {print $2}' | awk '{if (a) print a; a=b; b=c; c=$0}' > " . $file); | |
$mac_old = exec("ls -l /tmp | awk '{print $9}' | grep detected_devices_ | sort -k1.15n | tail -2 | head -n 1"); | |
// var_dump("old: " . $mac_old); | |
$mac_new = exec("ls -l /tmp | awk '{print $9}' | grep detected_devices_ | sort -k1.15n | tail -1"); | |
// var_dump("new: " . $mac_new); | |
$mac_old = file($path . $mac_old); | |
$mac_new = file($path . $mac_new); | |
// Cleanup | |
sort($mac_new); | |
sort($mac_old); | |
foreach ($mac_old as $key => $tmp) { | |
$mac_old[$key] = trim($tmp); | |
} | |
foreach ($mac_new as $key => $tmp) { | |
$mac_new[$key] = trim($tmp); | |
} | |
$mac_new = array_unique($mac_new); | |
$mac_old = array_unique($mac_old); | |
echo "old:" . count($mac_old) . "\n"; | |
echo "new:" . count($mac_new) . "\n"; | |
if ($mac_old != $mac_new) { | |
$connected = array_diff($mac_new, $mac_old); | |
$disconneted = array_diff($mac_old, $mac_new); | |
foreach ($connected as $key => $tmp) { | |
$connected[$key] = (isset($names[$tmp]) ? $names[$tmp] . ' (in-' . $tmp . ')' : $tmp); | |
} | |
foreach ($disconneted as $key => $tmp) { | |
$disconneted[$key] = (isset($names[$tmp]) ? $names[$tmp] . ' (out-' . $tmp . ')' : $tmp); | |
} | |
foreach ($mac_new as $key => $tmp) { | |
$mac_new[$key] = (isset($names[$tmp]) ? $names[$tmp] . ' (now-' . $tmp . ')' : $tmp); | |
} | |
$message = "======================== " . date('H:i') . " ========================\n"; | |
if (count($connected) > 0) { | |
$message .= "*Prisel:*\n"; | |
foreach ($connected as $key => $tmp) { | |
$message .= "* " . $tmp . "\n"; | |
} | |
} | |
if (count($disconneted) > 0) { | |
$message .= "*Odesel:*\n"; | |
foreach ($disconneted as $key => $tmp) { | |
$message .= "* " . $tmp . "\n"; | |
} | |
} | |
if (count($mac_new) > 0) { | |
$message .= "*Pritomen:*\n"; | |
foreach ($mac_new as $key => $tmp) { | |
$message .= "* " . $tmp . "\n"; | |
} | |
} | |
if ((count($connected) + count($disconneted)) > 0) { | |
echo slack ($message); | |
} | |
} | |
function slack($message, $room = "botnet", $icon = ":ghost:") { | |
echo "calling slack: " . $message; | |
$room = ($room) ? $room : "botnet"; | |
$data = "payload=" . json_encode(array( | |
"channel" => "#{$room}", | |
"username" => "Spybot", | |
"text" => $message, | |
"icon_emoji" => $icon | |
)); | |
// You can get your webhook endpoint from your Slack settings | |
$ch = curl_init("https://hooks.slack.com/services/XXXXXXXX/XXXXXXXX/XXXXXXXX"); | |
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST"); | |
curl_setopt($ch, CURLOPT_POSTFIELDS, $data); | |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
$result = curl_exec($ch); | |
curl_close($ch); | |
// Laravel-specific log writing method | |
// Log::info("Sent to Slack: " . $message, array('context' => 'Notifications')); | |
return $result; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment