Friday 11 July 2008

Stolen Laptop data Recovery Script

I was bored last night and got inspired by the post
here about someone having a laptop stolen and created a script to recover data from a stolen laptop and alert me of it's current IP.


#!/usr/local/bin/bash
# Description: Stolen Laptop data Recovery Script (untested)
# Author: alistar@phrostbyte.dhis.org
# Date: 2008/07/10 21:16 BST
# Usage: Copy to /usr/local/bin/stolen.sh and crontab with the following:
#        */10 * * * * /usr/local/bin/stolen.sh >/dev/null 2>&1
# Requirements: You must have wget, tcping nc installed and in the crontab users path
#
# Variables:
# Your home directory you want backed up. Remember the crontab user must have read rights to this directory.
home="/home/alistar"
# The host you want to backup your data too and are able to run nc exposed to the internet on.
backuphost="phrostbyte.dhis.org"
# The file you need to create to enable the recovery script.  Just echo 1 to this.
stolenfile="http://phrostbyte.dhis.org/~alistar/stolen.html"
# Your email address.  I personally use one that SMSs my phone or set a rule to SMS me on my mail server
email="alistar@phrostbyte.dhis.org"
# The mails themselves.  You may customise these if you so wish
subject='Your STOLEN Laptop is Online!'
ip=`wget -q http://www.biomedcentral.com/whatsmyip.asp -o /dev/null -O - | grep '<b>' | cut -d '>' -f3 | cut -d '<' -f1`
body="
Your stolen laptop is now online at $ip\n
\n
Please logon to $backuphost and run 'nc -k -l 31337 > home.tar.bz2'\n
\n
"
subject1='Your STOLEN Laptop Backup is now Complete!'
body1="
You may now remove $stolenfile and quit your 'nc -l 31337 > home.tar.bz2 command'\n
\n
"
###
echo -e $body > /var/tmp/body.txt
whois $ip >> /var/tmp/body.txt
echo -e $body1 > /var/tmp/body1.txt
wget -q $stolenfile -O /dev/null
if [ $? -eq 0 ]
then
  if [ -f /var/tmp/myip ]
  then
    myip=`cat /var/tmp/myip`
  else
    myip="0"
  fi
  if [ $ip != $myip ]
  then
    mail -s "$subject" $email < /var/tmp/body.txt
    echo $ip > /var/tmp/myip
  fi
  tcping $backuphost 31337
  if [ $? -eq 0 ]
  then
    ps -ax| grep "nc $backuphost 31337" | grep -v grep
    if [ $? -eq 1 ]
    then
      if [ ! -f /var/tmp/backupcomplete ]
      then
        tar -cjvf - $home | nc $backuphost 31337
        if [ $? -eq 0 ]
        then
          mail -s "$subject1" $email < /var/tmp/body1.txt
          echo 1 > /var/tmp/backupcomplete
        fi
      fi
    fi
  fi
else
  if [ -f /var/tmp/backupcomplete ]
  then
    rm /var/tmp/backupcomplete
  fi
  if [ -f /var/tmp/myip ]
  then
    rm /var/tmp/myip
  fi
  if [ -f /var/tmp/body.txt ]
  then
    rm /var/tmp/body.txt
  fi
  if [ -f /var/tmp/body1.txt ]
  then
    rm /var/tmp/body1.txt
  fi
fi
Posted by at
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)