Last active
September 25, 2018 18:30
-
-
Save voodoojello/d4968999d5e0e5c06f0ef01071f93b6e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@echo off | |
:: | |
:: VNC Connect Detector | |
:: -------------------------------------------------- | |
:: Detects incoming VNC connections on set TCP port | |
:: on Windoze computers. Plays a beep (waveform) and | |
:: logs to file on detection. | |
:: | |
cls | |
echo ================================================================== | |
echo %date% %time% Starting VNC Connect Detector... | |
echo ================================================================== | |
:: set port to check | |
set port=5900 | |
:: cleanup any stray rundll32 processes | |
taskkill /IM rundll32.exe /F >NUL 2>&1 | |
ping -4 -n 10 127.0.0.1 >NUL | |
:: main loop | |
:start | |
ping -4 -n 5 127.0.0.1 >NUL | |
netstat -an | findstr /I %port% | findstr /I ESTABLISHED >NUL | |
if %ERRORLEVEL% NEQ 0 goto start | |
:: connection detected | |
setlocal enableextensions | |
for /f "tokens=*" %%a in ( | |
'netstat -an ^| findstr /I %port% ^| findstr /I ESTABLISHED' | |
) do ( | |
set var=%%a | |
) | |
:: log to screen and file | |
echo %date% %time%: Incoming VNC Connection! (%var%) | |
echo %date% %time%: Incoming VNC Connection! (%var%) >> vnc-connections.log | |
endlocal | |
:: play/stop beep | |
start "" rundll32.exe Kernel32.dll,Beep 750,300 | |
ping -4 -n 2 127.0.0.1 >NUL | |
taskkill /IM rundll32.exe /F >NUL 2>&1 | |
:: back to loop | |
goto start |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment