未加星标

Take picture of unauthorized user trying to access your Laptop

字体大小 | |
[系统(linux) 所属分类 系统(linux) | 发布者 店小二03 | 时间 2016 | 作者 红领巾 ] 0人收藏点击收藏

Did you ever tried to guess your friends password? Did you ever tried to login to your partners password protected computer? Sounds silly and childish but many are guilty of it. Most cases it’s no big deal but I am sure all of us would like to know who tried to guess our passwords and tried to login to our computers. Similarly, do you leave your laptop at work or with your friends? Do you trust your friends or partner or colleagues enough? Another silly questions. Let me get to the point … I actually came across this when I was trolling through my authentication logs. I had multiple authentication attempts to my Laptop and looking at the timestamp I knew that I wasn’t at home at that time. I was simply suspicious and decided to look around if there’s anyway I can find out who tried authenticating to my laptop. Of everything I found, I decided that I will try to capture a take picture of unauthorized user who was trying this.

I found this post in Ubuntu Forums (links below) and it uses PAM and will work for all failed login attempts. Using SSH, a virtual terminal or via the regular login screen, it doesn’t matter as everything is handled by PAM in the end.

Install ffmpeg/avconv

First of all we need to install ffmpeg/avconv.

apt-get install libav-tools Shell script

Next we create a small script /usr/local/bin/authsnapper with the following contents:

#!/bin/bash
# Simple script to take picture after entering wrong password in linux
#
# Requirements:
# Install ffmpeg or avconv
# apt-get install libav-tools
# (at your option) any later version.
#
# blackMORE Ops <www.blackmoreops.com>
ts=`date +%s`
ffmpeg -f video4linux2 -s vga -i /dev/video0 -vframes 3 /tmp/vid-$ts.%01d.jpg
exit 0
#important - has to exit with status 0

Depending on your Webcam (i.e. USB, built-in you might want to change the /dev/video0 with the actual video device of your webcam. This script is using /tmp folder as the image location, you can change that to anything to your liking. It also takes 3 pictures, you might want to change that if you like.

Now make this script executable

chmod +x /usr/local/bin/authsnapper
Take picture of unauthorized user trying to access your Laptop
Before we go and do the next step, test this script, simply paste /usr/local/bin/authsnapper in your terminal and it should take 3 pictures and save those in /tmp folder.

If this works, then you can go and configure PAM to call this on every failed attempt. You might want to be careful doing this. If you make a mistake, you wont be able to login to your laptop or workstation anymore (or not in the usual ways,you need to break in).

Open a terminal window with root access ( sudo -s ) and leave it open just in case you screw up in the next steps.

Changing authentication in pam.d

Open /etc/pam.d/common-auth in your favorite editor,

gedit /etc/pam.d/common-auth .

Keep in mind for the following steps as the order of lines in this file matters. Find the following line:

auth [success=1 default=ignore] pam_unix.so nullok_secure

Change success=1 to success=2 to have it skip our script on success. This is an important step. After this change, it should look like this:

auth [success=2 default=ignore] pam_unix.so nullok_secure

Add the following line to call this script right after it:

auth [default=ignore] pam_exec.so seteuid /usr/local/bin/authsnapper

Save and close the file. No need to restart anything.

Testing

In a new terminal window, as regular user, try su -l testuser to log in as another user with username testuser. Deliberately enter the wrong password. Check if this result in a new picture. In you use Linux as root user as I do, you might want to create a new user for testing .

The same as above, but now enter the correct password. Check if you log in and it doesn’t result in a picture being taken. If the tests have succeeded you can log out from your Desktop environment. Try entering incorrect password and it should take 3 pictures.

Conclusion

I found this interesting and I guess it has its value to take picture of unauthorized user trying to access your Laptop… for example if you’re living in shared accommodation or dorm. But if you are good with programming and all, you might make it a full fledged software and publish in GIT. Just an idea but I think it’s a good one nevertheless.

Also, I am sure there’s better way of doing it, like instead of using /etc/pam.d/common-auth , you can try it in /etc/pam.d/sshd or /etc/pam.d/lightdm or a number of other ways. I will leave that testing to you. But in any of the cases you get locked out of your Linux, here’s how to break into Linux .

BTW, if anyone is wondering who tried to access my Laptop, yah nah .. not telling you. Thanks again and enjoy.

References: http://askubuntu.com/questions/253189/can-i-make-the-webcam-take-a-picture-when-an-incorrect-password-is-entered http://ubuntuforums.org/showthread.php?t=1509424&p=9827947#post9827947 Understanding PAM PAM Man Pages

本文系统(linux)相关术语:linux系统 鸟哥的linux私房菜 linux命令大全 linux操作系统

主题: LinuxUbuntu
分页:12
转载请注明
本文标题:Take picture of unauthorized user trying to access your Laptop
本站链接:http://www.codesec.net/view/482076.html
分享请点击:


1.凡CodeSecTeam转载的文章,均出自其它媒体或其他官网介绍,目的在于传递更多的信息,并不代表本站赞同其观点和其真实性负责;
2.转载的文章仅代表原创作者观点,与本站无关。其原创性以及文中陈述文字和内容未经本站证实,本站对该文以及其中全部或者部分内容、文字的真实性、完整性、及时性,不作出任何保证或承若;
3.如本站转载稿涉及版权等问题,请作者及时联系本站,我们会及时处理。
登录后可拥有收藏文章、关注作者等权限...
技术大类 技术大类 | 系统(linux) | 评论(0) | 阅读(25)